Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/FA7A4536174911EEBBFC4D204AD9E6FC.roa
File: FA7A4536174911EEBBFC4D204AD9E6FC.roa (raw, json)
Hash identifier: uzwWxms5HymR7Na7kTgPMbONEIg+so37HVVdvHFkDyQ=
Subject key identifier: CB:59:89:69:02:D4:2B:2F:1C:5B:ED:8F:00:A5:8F:E0:9C:47:07:0B
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 03F6
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/FA7A4536174911EEBBFC4D204AD9E6FC.roa
Signing time: Fri 30 Jun 2023 13:28:20 +0000
ROA not before: Fri 30 Jun 2023 13:28:16 +0000
ROA not after: Sun 30 Jun 2024 13:28:16 +0000
asID: 21082
IP address blocks: 156.0.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1014 (0x3f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 13:28:16 2023 GMT
Not After : Jun 30 13:28:16 2024 GMT
Subject: CN=649ed874-c0bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:19:f6:c0:8a:32:05:67:c3:d3:92:b5:83:01:
10:db:68:cc:eb:21:e3:ff:6f:bd:31:23:39:26:b8:
01:e5:a3:5d:cd:7f:65:70:5c:40:bf:05:b7:b1:df:
b6:87:fc:93:7e:27:2d:a1:03:cb:0f:f7:d0:b1:67:
cf:be:b3:cb:83:75:ce:4b:fc:d4:eb:ec:d4:cf:e3:
3f:07:0d:14:4d:e1:d4:9b:3c:f7:ae:56:1e:c4:84:
f5:e4:9d:17:17:61:d0:c2:7e:b9:79:20:73:7e:fa:
d3:b8:72:38:79:c4:5a:28:d1:e2:34:db:0f:53:89:
e1:3e:de:39:fd:ef:cd:dd:de:f2:0b:41:e7:0c:e4:
46:af:11:6a:cf:0e:7b:69:b1:c3:25:91:c7:6e:4f:
d1:b6:b9:1a:cf:c7:26:75:0a:ef:00:77:fd:3a:7f:
1d:9e:f1:35:d7:0c:6b:8d:1a:8d:f5:78:b8:10:0d:
8e:ec:4e:89:27:0f:5e:44:d8:f0:67:76:c9:c9:63:
18:b4:e3:36:bb:6b:76:d4:3e:9f:6f:0b:ed:52:70:
12:c5:4a:ea:64:8f:8b:9d:c0:88:22:c7:eb:3a:2d:
bb:1e:3d:92:e3:12:52:96:73:a6:e3:e5:40:c0:3e:
09:e6:79:04:5b:4f:9a:b3:34:70:97:90:dd:25:46:
73:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:59:89:69:02:D4:2B:2F:1C:5B:ED:8F:00:A5:8F:E0:9C:47:07:0B
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/FA7A4536174911EEBBFC4D204AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.116.0/24
Signature Algorithm: sha256WithRSAEncryption
50:68:f8:07:d9:0a:4f:73:fc:c4:27:00:a7:e9:07:b7:60:fa:
72:95:fe:03:60:99:1d:0e:cb:ff:59:8e:38:f2:0c:fe:fe:cc:
d1:3e:e1:60:c8:d5:e3:6e:cb:09:b4:d1:15:79:f9:fa:6f:84:
07:30:86:ca:07:3b:69:29:d3:c3:bf:4e:43:e3:44:1a:97:6f:
05:0b:0f:52:56:7b:ba:b5:1b:f6:5f:06:99:05:d1:67:15:f5:
ab:a7:78:ab:eb:66:ee:03:ae:ae:01:c8:a0:7e:d4:5b:62:8f:
de:49:4e:2e:d3:78:2b:01:8a:6c:c9:44:7d:1c:58:50:a2:08:
99:b5:01:7f:23:ee:ae:d1:93:d3:16:56:07:93:f9:a4:8f:f1:
24:10:ae:da:6f:d8:c6:5a:7e:87:08:80:9f:54:53:3f:51:0c:
a1:91:99:26:eb:8f:85:24:25:b6:f1:96:ad:fc:51:93:16:90:
3a:0e:a5:8b:ed:90:fd:23:f2:0d:c8:7a:82:ad:65:10:c4:66:
3d:d0:5c:0c:07:b1:d5:0c:40:f0:fc:62:82:8f:fa:72:a1:f0:
f2:82:39:c7:0a:74:19:df:e1:64:88:dc:b8:72:9d:3c:47:00:
1d:5e:e0:21:2f:17:58:f0:29:75:af:05:3a:a0:9a:fe:3a:51:
0f:13:a4:54
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA/YwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMzI4MTZaFw0yNDA2MzAxMzI4MTZaMBgxFjAU
BgNVBAMTDTY0OWVkODc0LWMwYmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLGfbAijIFZ8PTkrWDARDbaMzrIeP/b70xIzkmuAHlo13Nf2VwXEC/Bbex
37aH/JN+Jy2hA8sP99CxZ8++s8uDdc5L/NTr7NTP4z8HDRRN4dSbPPeuVh7EhPXk
nRcXYdDCfrl5IHN++tO4cjh5xFoo0eI02w9TieE+3jn9783d3vILQecM5EavEWrP
DntpscMlkcduT9G2uRrPxyZ1Cu8Ad/06fx2e8TXXDGuNGo31eLgQDY7sToknD15E
2PBndsnJYxi04za7a3bUPp9vC+1ScBLFSupkj4udwIgix+s6LbsePZLjElKWc6bj
5UDAPgnmeQRbT5qzNHCXkN0lRnOnAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUy1mJ
aQLUKy8cW+2PAKWP4JxHBwswHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0ZBN0E0NTM2MTc0OTExRUVCQkZDNEQyMDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHQwDQYJKoZIhvcNAQELBQAD
ggEBAFBo+AfZCk9z/MQnAKfpB7dg+nKV/gNgmR0Oy/9ZjjjyDP7+zNE+4WDI1eNu
ywm00RV5+fpvhAcwhsoHO2kp08O/TkPjRBqXbwULD1JWe7q1G/ZfBpkF0WcV9aun
eKvrZu4Drq4ByKB+1Ftij95JTi7TeCsBimzJRH0cWFCiCJm1AX8j7q7Rk9MWVgeT
+aSP8SQQrtpv2MZafocIgJ9UUz9RDKGRmSbrj4UkJbbxlq38UZMWkDoOpYvtkP0j
8g3IeoKtZRDEZj3QXAwHsdUMQPD8YoKP+nKh8PKCOccKdBnf4WSI3LhynTxHAB1e
4CEvF1jwKXWvBTqgmv46UQ8TpFQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:07 2024 by rpki-client on console-fra.rpki-client.org