Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/F50925D2508711EE84F8B1834AD9E6FC.roa
File: F50925D2508711EE84F8B1834AD9E6FC.roa (raw, json)
Hash identifier: il+XIE30hy8jGjkDLjJdvRriawJCkutarDnXcG0ZJTM=
Subject key identifier: 9E:08:E6:42:AF:6C:E2:FF:89:33:10:4A:DD:79:CD:6B:1F:A7:4B:D6
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 04AE
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/F50925D2508711EE84F8B1834AD9E6FC.roa
Signing time: Mon 11 Sep 2023 09:45:36 +0000
ROA not before: Mon 11 Sep 2023 09:45:33 +0000
ROA not after: Wed 11 Sep 2024 09:45:33 +0000
asID: 328227
IP address blocks: 156.0.127.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1198 (0x4ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Sep 11 09:45:33 2023 GMT
Not After : Sep 11 09:45:33 2024 GMT
Subject: CN=64fee1c0-5ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:ae:fb:22:00:8d:e3:25:38:df:cd:01:84:e4:
39:03:98:0c:2c:e2:00:ef:ca:df:0c:cd:ab:63:dc:
f3:2d:42:ce:7a:79:b3:4d:1a:19:fd:fc:8d:e8:e8:
13:cd:5e:df:2f:22:b2:03:8e:77:02:3b:df:3e:a6:
78:58:1d:24:99:b4:8e:41:4e:6e:1c:4e:16:ed:4f:
1d:4e:f9:16:17:d9:ba:1f:92:9d:3d:74:f9:15:e5:
42:27:14:59:68:82:ce:34:bc:31:d1:36:dd:0e:a1:
d4:9b:e1:d2:98:a1:ed:cb:9f:87:6e:50:37:1c:d0:
b1:f3:ef:46:f0:1e:ca:ca:0a:9a:6c:58:cc:49:24:
7d:1e:cd:45:49:63:09:42:1d:5c:f1:c2:eb:56:4e:
1b:a0:4e:9b:e6:26:cf:f5:a3:fd:12:6e:be:fb:d2:
2d:5b:29:75:03:44:bd:d9:d2:11:64:e2:0e:a2:19:
b4:4e:95:79:96:36:cc:29:be:59:d1:3b:25:02:20:
a7:0f:45:03:f5:b8:dd:57:99:12:3d:8d:3e:dc:dc:
da:dd:87:b4:aa:1f:c1:09:3f:3a:f3:0b:38:46:d6:
51:fe:27:bb:74:29:1e:b8:b8:56:88:f1:05:70:5a:
45:85:cf:2d:88:23:b0:d9:52:34:a5:4c:d2:94:56:
91:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:08:E6:42:AF:6C:E2:FF:89:33:10:4A:DD:79:CD:6B:1F:A7:4B:D6
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/F50925D2508711EE84F8B1834AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.127.0/24
Signature Algorithm: sha256WithRSAEncryption
80:7a:9a:6d:d3:9c:5c:23:fb:b3:e6:1c:ed:3e:d8:56:ad:9e:
6b:1d:79:22:c0:e9:eb:4e:c4:82:df:7c:fe:26:01:5b:40:6a:
61:d2:86:e7:69:80:8d:4d:37:41:f0:17:0b:3e:91:6c:9d:5c:
a4:e4:d6:13:fe:96:36:54:59:3a:73:87:f9:54:1c:e6:61:52:
e5:13:d2:a7:49:c5:98:86:d7:18:9b:db:5b:72:26:75:be:89:
6e:f3:b4:23:96:57:80:67:8d:6c:4e:55:01:c7:16:ff:f1:81:
b8:60:2c:ff:15:85:05:0b:6c:6d:4a:28:2c:f7:d1:d6:39:9d:
e4:73:12:29:49:07:39:d5:0d:a9:8b:85:65:68:3d:01:32:dc:
0e:51:85:3f:80:4b:48:69:f1:3c:04:e8:26:67:f6:52:83:54:
08:6e:20:7d:b8:b3:94:1d:57:fa:58:4e:ea:1a:77:82:0d:96:
33:4c:b3:0d:53:63:38:75:d1:f0:e5:ce:94:57:fd:9d:2b:05:
8b:94:01:e7:b2:f5:de:8d:92:c2:d0:48:f2:4c:1a:6d:3d:49:
d5:f3:22:2d:b2:70:7a:7b:34:a8:ed:16:16:8d:f8:61:7e:35:
4f:3a:63:9c:79:c0:6f:91:54:55:f1:9f:06:ed:c1:b6:94:ae:
1a:b5:cc:42
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBK4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA5MTEwOTQ1MzNaFw0yNDA5MTEwOTQ1MzNaMBgxFjAU
BgNVBAMTDTY0ZmVlMWMwLTVlZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDzrvsiAI3jJTjfzQGE5DkDmAws4gDvyt8Mzatj3PMtQs56ebNNGhn9/I3o
6BPNXt8vIrIDjncCO98+pnhYHSSZtI5BTm4cThbtTx1O+RYX2bofkp09dPkV5UIn
FFlogs40vDHRNt0OodSb4dKYoe3Ln4duUDcc0LHz70bwHsrKCppsWMxJJH0ezUVJ
YwlCHVzxwutWThugTpvmJs/1o/0Sbr770i1bKXUDRL3Z0hFk4g6iGbROlXmWNswp
vlnROyUCIKcPRQP1uN1XmRI9jT7c3Nrdh7SqH8EJPzrzCzhG1lH+J7t0KR64uFaI
8QVwWkWFzy2II7DZUjSlTNKUVpFBAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUngjm
Qq9s4v+JMxBK3XnNax+nS9YwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0Y1MDkyNUQyNTA4NzExRUU4NEY4QjE4MzRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAH8wDQYJKoZIhvcNAQELBQAD
ggEBAIB6mm3TnFwj+7PmHO0+2FatnmsdeSLA6etOxILffP4mAVtAamHShudpgI1N
N0HwFws+kWydXKTk1hP+ljZUWTpzh/lUHOZhUuUT0qdJxZiG1xib21tyJnW+iW7z
tCOWV4BnjWxOVQHHFv/xgbhgLP8VhQULbG1KKCz30dY5neRzEilJBznVDamLhWVo
PQEy3A5RhT+AS0hp8TwE6CZn9lKDVAhuIH24s5QdV/pYTuoad4INljNMsw1TYzh1
0fDlzpRX/Z0rBYuUAeey9d6NksLQSPJMGm09SdXzIi2ycHp7NKjtFhaN+GF+NU86
Y5x5wG+RVFXxnwbtwbaUrhq1zEI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org