Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/FB72F5845DA811ECAEE3E7835A40D577.roa
File: FB72F5845DA811ECAEE3E7835A40D577.roa (raw, json)
Hash identifier: u1SzurgNX/kc2ulZSRohhFN5Osr6xG5QZItNfv47tvw=
Subject key identifier: 34:73:92:5C:94:AF:B9:9F:E5:89:0C:55:B2:66:54:B4:D5:43:BE:6F
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0181
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/FB72F5845DA811ECAEE3E7835A40D577.roa
Signing time: Wed 15 Dec 2021 13:14:50 +0000
ROA not before: Wed 15 Dec 2021 13:14:45 +0000
ROA not after: Thu 15 Dec 2022 13:14:45 +0000
asID: 328227
IP address blocks: 156.0.120.0/24 maxlen: 24
156.0.121.0/24 maxlen: 24
156.0.122.0/24 maxlen: 24
156.0.123.0/24 maxlen: 24
156.0.124.0/24 maxlen: 24
156.0.125.0/24 maxlen: 24
156.0.126.0/24 maxlen: 24
156.0.127.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 385 (0x181)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Dec 15 13:14:45 2021 GMT
Not After : Dec 15 13:14:45 2022 GMT
Subject: CN=61b9ea4a-ed30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:00:7d:2a:0a:7c:97:1a:02:d4:b3:1e:78:f4:
12:54:5a:44:07:3b:94:e7:03:5d:b2:1a:13:b6:b0:
3c:6a:87:db:7e:a3:c6:06:65:d3:9e:34:bd:d1:ba:
e6:55:b5:88:39:bb:30:c5:b8:19:65:7c:84:12:6b:
b3:d6:76:79:ae:01:b5:b0:b3:a4:13:ee:d4:af:2e:
1e:1d:89:5c:fe:7b:de:db:18:89:e1:27:78:ef:5e:
3d:c5:7d:56:4e:da:37:60:d3:b7:12:a5:56:e9:1c:
0d:8a:a2:85:b6:ec:72:11:fa:63:94:74:a7:53:e8:
cd:48:18:e3:b0:34:af:f6:7c:ba:40:ad:34:32:69:
1c:ee:d2:36:9c:1f:df:80:46:dc:2f:b1:f3:d2:87:
e6:47:a1:64:61:c5:e3:38:86:04:24:4a:b6:4a:33:
67:1c:83:77:70:06:b0:85:24:c8:03:3d:0a:b7:88:
ce:02:ce:ee:19:b7:da:04:34:0e:fd:22:71:75:f0:
18:67:cd:87:3a:26:82:82:72:d3:18:1e:ca:35:3c:
42:fc:d5:6f:02:21:33:a5:c2:07:47:e2:25:7c:24:
a8:cf:fe:65:f1:e7:68:4f:05:fa:74:33:bb:bf:cf:
b1:34:41:b4:3d:11:03:ce:08:e5:0d:67:07:65:eb:
19:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:73:92:5C:94:AF:B9:9F:E5:89:0C:55:B2:66:54:B4:D5:43:BE:6F
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/FB72F5845DA811ECAEE3E7835A40D577.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.120.0/21
Signature Algorithm: sha256WithRSAEncryption
69:41:ac:f3:51:d3:de:eb:fa:a6:4f:07:17:d3:c9:fe:44:f5:
19:0e:14:68:fb:21:56:f1:ae:3c:a3:30:5e:cd:2f:25:24:67:
99:da:51:1d:cf:42:93:09:aa:03:ff:1a:f5:cf:a2:52:bc:42:
24:60:bf:e2:68:51:12:ae:43:ac:c3:34:2d:2b:b0:60:a6:50:
41:08:92:05:ee:a9:d1:6f:3f:99:2e:2f:92:17:72:1a:35:5f:
7a:ab:4e:4b:69:cb:da:28:e2:c3:ba:49:08:61:fb:f0:73:44:
ff:e8:b7:8e:a7:52:77:94:f8:93:5a:1a:f4:14:f5:d6:fa:e1:
37:fc:c0:73:81:ff:62:c0:70:59:2b:57:27:df:6e:6c:cb:63:
70:4f:6e:80:4f:fd:aa:1c:65:5d:20:4f:c7:70:18:60:22:fe:
20:65:8b:0e:41:62:05:8d:3b:52:f6:0a:12:93:da:78:8a:d2:
a2:78:1e:be:b0:51:a0:38:97:96:a9:3f:7a:56:75:a8:f4:1f:
b3:dc:e3:a6:07:6b:4f:c5:10:aa:bc:47:72:a9:15:c2:c8:10:
3c:da:77:a7:aa:33:29:73:cb:a2:d5:e0:17:6b:48:73:11:68:
d8:20:28:5f:e1:30:a0:24:56:0e:16:f5:82:f8:99:5a:0a:37:
e7:72:35:87
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAYEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMTEyMTUxMzE0NDVaFw0yMjEyMTUxMzE0NDVaMBgxFjAU
BgNVBAMMDTYxYjllYTRhLWVkMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AH0qCnyXGgLUsx549BJUWkQHO5TnA12yGhO2sDxqh9t+o8YGZdOeNL3R
uuZVtYg5uzDFuBllfIQSa7PWdnmuAbWws6QT7tSvLh4diVz+e97bGInhJ3jvXj3F
fVZO2jdg07cSpVbpHA2KooW27HIR+mOUdKdT6M1IGOOwNK/2fLpArTQyaRzu0jac
H9+ARtwvsfPSh+ZHoWRhxeM4hgQkSrZKM2ccg3dwBrCFJMgDPQq3iM4Czu4Zt9oE
NA79InF18BhnzYc6JoKCctMYHso1PEL81W8CITOlwgdH4iV8JKjP/mXx52hPBfp0
M7u/z7E0QbQ9EQPOCOUNZwdl6xmnAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUNHOS
XJSvuZ/liQxVsmZUtNVDvm8wHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0ZCNzJGNTg0NURBODExRUNBRUUzRTc4MzVBNDBENTc3LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOcAHgwDQYJKoZIhvcNAQELBQAD
ggEBAGlBrPNR097r+qZPBxfTyf5E9RkOFGj7IVbxrjyjMF7NLyUkZ5naUR3PQpMJ
qgP/GvXPolK8QiRgv+JoURKuQ6zDNC0rsGCmUEEIkgXuqdFvP5kuL5IXcho1X3qr
Tktpy9oo4sO6SQhh+/BzRP/ot46nUneU+JNaGvQU9db64Tf8wHOB/2LAcFkrVyff
bmzLY3BPboBP/aocZV0gT8dwGGAi/iBliw5BYgWNO1L2ChKT2niK0qJ4Hr6wUaA4
l5apP3pWdaj0H7Pc46YHa0/FEKq8R3KpFcLIEDzad6eqMylzy6LV4BdrSHMRaNgg
KF/hMKAkVg4W9YL4mVoKN+dyNYc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:07 2024 by rpki-client on console-fra.rpki-client.org