Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/F3B733EC74AC11EE91F86B4B4AD9E6FC.roa
File: F3B733EC74AC11EE91F86B4B4AD9E6FC.roa (raw, json)
Hash identifier: C2JJrMvbJWIsoFCdtA60CA+y6LgsWHdRjUO8FYtxflw=
Subject key identifier: 5B:15:A8:93:A8:B1:CD:F4:D9:39:39:D7:8B:CD:38:DC:CC:E6:0F:21
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 050E
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/F3B733EC74AC11EE91F86B4B4AD9E6FC.roa
Signing time: Fri 27 Oct 2023 09:41:07 +0000
ROA not before: Fri 27 Oct 2023 09:41:04 +0000
ROA not after: Sun 27 Oct 2024 09:41:04 +0000
asID: 328227
IP address blocks: 156.0.126.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1294 (0x50e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Oct 27 09:41:04 2023 GMT
Not After : Oct 27 09:41:04 2024 GMT
Subject: CN=653b85b3-6923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:aa:6b:bc:3d:80:f3:2f:dd:47:5c:76:f0:46:
b0:4f:fb:b4:b6:6b:b4:63:bd:cf:b5:fb:63:f6:4a:
ee:d9:8c:ed:09:d9:02:ee:bc:0d:8d:09:2c:60:1e:
90:d4:03:54:de:c8:01:40:48:3d:85:4e:51:12:08:
23:3f:31:ff:dd:17:c5:2d:79:e7:40:dd:f3:c1:87:
f3:fa:72:a7:29:2e:ee:cc:2c:e0:69:24:26:12:51:
86:be:01:ab:7d:9c:66:2e:17:88:72:5b:5f:cb:16:
fe:fe:ed:55:0b:49:4a:fb:b0:de:0c:ba:d3:ae:7d:
8c:c7:34:56:b9:d0:50:9a:ed:39:d8:3b:bb:b6:7f:
79:28:5a:f0:e0:3e:d5:db:e5:b3:79:6c:b5:42:13:
f6:90:9f:77:35:b0:b8:4e:c7:80:2d:a1:b4:77:b9:
3c:0b:b5:2f:bb:bd:77:46:2d:6a:c9:19:40:c5:67:
a5:43:be:99:89:ee:be:12:48:7a:e0:bd:fe:3f:67:
bd:11:65:83:e0:6c:29:3d:80:f4:7a:c7:30:dc:63:
f7:0a:cd:7d:63:3e:7f:3e:a0:92:f5:d8:b3:78:81:
3d:15:0e:45:80:27:b3:5a:f0:0c:34:c1:2d:ae:d4:
0a:07:3d:44:99:ef:db:c9:0b:b1:0c:97:28:97:56:
7f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:15:A8:93:A8:B1:CD:F4:D9:39:39:D7:8B:CD:38:DC:CC:E6:0F:21
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/F3B733EC74AC11EE91F86B4B4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.126.0/24
Signature Algorithm: sha256WithRSAEncryption
17:ae:11:ff:fc:dc:d5:8f:cf:4f:36:27:af:a7:85:3b:ef:24:
6e:9e:e9:3b:c2:d1:d5:90:09:0b:43:83:65:78:4d:c0:95:ca:
71:ba:be:8c:61:b8:a9:51:2a:60:10:1f:84:a3:45:06:23:6b:
27:20:3a:e4:04:8e:d7:10:f1:a4:0d:2f:7c:65:5b:0c:61:a0:
db:c7:a6:5b:b5:80:62:37:f6:f0:1b:20:7d:ab:53:4e:2c:c8:
a1:d9:18:00:49:45:00:bb:e8:a5:43:aa:d8:2f:2a:9a:a3:d7:
13:af:66:98:fa:39:5b:c9:6a:d2:0e:8b:5f:53:7c:0e:54:39:
8d:fd:f6:74:f2:84:e4:26:2b:0a:1a:27:a4:2b:d2:27:3c:aa:
21:d1:dd:28:55:93:84:50:91:b6:65:19:5c:a5:ed:82:c0:ad:
ca:e6:9a:8b:46:a1:38:15:e5:fe:5f:2c:84:c8:23:0b:95:25:
fb:89:58:32:e6:98:ea:0b:64:96:6f:ab:67:c4:2f:39:1f:c6:
a0:79:1c:e7:72:d0:fe:33:1b:e3:84:0d:90:ca:e4:71:b9:a8:
55:46:b0:db:36:a2:04:c6:3d:2a:0c:a5:b4:04:f7:b9:c1:ed:
5f:53:f4:4c:45:a1:ee:ab:95:fc:de:a5:0b:da:ce:53:17:9b:
72:dd:5e:22
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBQ4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzEwMjcwOTQxMDRaFw0yNDEwMjcwOTQxMDRaMBgxFjAU
BgNVBAMTDTY1M2I4NWIzLTY5MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDWqmu8PYDzL91HXHbwRrBP+7S2a7Rjvc+1+2P2Su7ZjO0J2QLuvA2NCSxg
HpDUA1TeyAFASD2FTlESCCM/Mf/dF8UteedA3fPBh/P6cqcpLu7MLOBpJCYSUYa+
Aat9nGYuF4hyW1/LFv7+7VULSUr7sN4MutOufYzHNFa50FCa7TnYO7u2f3koWvDg
PtXb5bN5bLVCE/aQn3c1sLhOx4AtobR3uTwLtS+7vXdGLWrJGUDFZ6VDvpmJ7r4S
SHrgvf4/Z70RZYPgbCk9gPR6xzDcY/cKzX1jPn8+oJL12LN4gT0VDkWAJ7Na8Aw0
wS2u1AoHPUSZ79vJC7EMlyiXVn/fAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUWxWo
k6ixzfTZOTnXi8043MzmDyEwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0YzQjczM0VDNzRBQzExRUU5MUY4NkI0QjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAH4wDQYJKoZIhvcNAQELBQAD
ggEBABeuEf/83NWPz082J6+nhTvvJG6e6TvC0dWQCQtDg2V4TcCVynG6voxhuKlR
KmAQH4SjRQYjaycgOuQEjtcQ8aQNL3xlWwxhoNvHplu1gGI39vAbIH2rU04syKHZ
GABJRQC76KVDqtgvKpqj1xOvZpj6OVvJatIOi19TfA5UOY399nTyhOQmKwoaJ6Qr
0ic8qiHR3ShVk4RQkbZlGVyl7YLArcrmmotGoTgV5f5fLITIIwuVJfuJWDLmmOoL
ZJZvq2fELzkfxqB5HOdy0P4zG+OEDZDK5HG5qFVGsNs2ogTGPSoMpbQE97nB7V9T
9ExFoe6rlfzepQvazlMXm3LdXiI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org