Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/FC237358F09811ED80FD4A1F4AD9E6FC.roa
File: FC237358F09811ED80FD4A1F4AD9E6FC.roa (raw, json)
Hash identifier: Gnv592hdPHNbfgzHAsxhFeBs2CYqLljKSXqpSC3/Reg=
Subject key identifier: C8:DE:46:E4:0C:C2:75:6F:B0:7E:4F:05:F2:3A:18:B9:1C:8F:6F:56
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0394
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/FC237358F09811ED80FD4A1F4AD9E6FC.roa
Signing time: Fri 12 May 2023 07:45:37 +0000
ROA not before: Fri 12 May 2023 07:45:34 +0000
ROA not after: Sun 12 May 2024 07:45:34 +0000
asID: 136923
IP address blocks: 156.0.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 916 (0x394)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: May 12 07:45:34 2023 GMT
Not After : May 12 07:45:34 2024 GMT
Subject: CN=645deea1-6d3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e0:e2:f4:48:f8:5a:02:5a:c5:93:0a:e4:35:
52:25:98:0e:aa:30:7c:3e:47:26:e5:c7:9e:d4:d0:
66:75:87:9d:d4:a4:d5:25:91:fa:3e:d2:f0:ae:0a:
d8:98:47:a1:8c:7e:07:5b:44:75:36:da:d7:c3:65:
bc:11:96:aa:f2:7b:8a:d6:de:07:fd:36:6a:81:11:
05:9a:87:83:1c:b9:00:20:29:9a:66:b4:83:a1:b9:
95:8e:b4:3b:4b:cc:0e:98:d6:b1:6f:ea:63:18:8c:
35:51:ee:56:c3:92:30:2d:dd:b8:fe:86:bd:4f:9d:
32:c1:45:7b:d8:71:7c:03:21:ff:47:7f:ce:08:97:
9b:c7:e1:ce:f5:78:04:6e:50:29:83:85:ed:16:74:
2e:90:87:33:99:5d:3a:91:fb:f0:7c:64:81:5b:50:
4e:07:b5:7c:a7:71:d4:84:c4:db:f6:27:69:dc:47:
23:0c:72:09:a7:ab:e5:d5:cf:97:fd:bf:8c:c1:a8:
33:f2:78:0d:a6:9c:a9:20:8d:16:a6:10:24:a7:14:
ac:12:ae:26:5e:12:96:eb:4a:ae:0f:f3:e1:35:b2:
08:a9:7b:a0:4f:43:ea:9e:7a:87:26:ef:4f:e7:1c:
44:66:8f:23:ac:73:e8:41:46:00:96:8d:c8:a5:9f:
3a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DE:46:E4:0C:C2:75:6F:B0:7E:4F:05:F2:3A:18:B9:1C:8F:6F:56
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/FC237358F09811ED80FD4A1F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.115.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:d9:b5:42:6e:52:c3:01:08:5d:aa:aa:49:3a:14:0e:e9:d2:
1f:6c:32:dd:ba:26:52:5f:bd:3c:f2:07:11:01:dc:04:bb:0d:
01:8d:78:10:5b:e2:1e:22:65:53:6f:81:57:eb:6e:5d:4e:2f:
1c:a6:07:f1:fd:cf:fd:af:65:fd:5d:ee:c3:ad:45:41:46:1b:
e3:18:4a:b4:1b:67:04:b6:e5:44:73:dd:4f:76:2a:39:5e:c1:
b3:64:f9:a5:33:b4:b1:b5:d3:8a:db:11:0e:b5:a8:40:0e:6a:
3a:98:dc:c8:52:1e:3d:4a:36:60:a4:b9:1b:84:9a:96:6a:7d:
1b:56:3a:32:26:b0:73:1f:91:ae:46:17:59:d9:2c:e3:a5:bc:
22:bd:d6:aa:e6:b8:45:e3:5c:8c:a2:0a:5f:70:c5:08:57:21:
8d:81:27:9a:88:fc:d1:0c:1d:96:39:23:b9:19:e0:03:2f:52:
80:7d:1d:8f:fe:42:c4:fc:38:99:a2:53:9c:7e:23:70:57:3e:
b3:aa:e6:54:ec:98:e0:cd:01:13:23:72:db:fa:48:dd:3e:a6:
39:ab:a7:37:e5:c3:2e:83:66:6b:d4:c7:f8:58:00:10:67:81:
f6:01:48:ec:7c:ca:3b:26:27:5c:91:de:96:ad:64:3f:81:c7:
5c:71:d4:dc
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA5QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA1MTIwNzQ1MzRaFw0yNDA1MTIwNzQ1MzRaMBgxFjAU
BgNVBAMTDTY0NWRlZWExLTZkM2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC94OL0SPhaAlrFkwrkNVIlmA6qMHw+Ryblx57U0GZ1h53UpNUlkfo+0vCu
CtiYR6GMfgdbRHU22tfDZbwRlqrye4rW3gf9NmqBEQWah4McuQAgKZpmtIOhuZWO
tDtLzA6Y1rFv6mMYjDVR7lbDkjAt3bj+hr1PnTLBRXvYcXwDIf9Hf84Il5vH4c71
eARuUCmDhe0WdC6QhzOZXTqR+/B8ZIFbUE4HtXyncdSExNv2J2ncRyMMcgmnq+XV
z5f9v4zBqDPyeA2mnKkgjRamECSnFKwSriZeEpbrSq4P8+E1sgipe6BPQ+qeeocm
70/nHERmjyOsc+hBRgCWjcilnzoHAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUyN5G
5AzCdW+wfk8F8joYuRyPb1YwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0ZDMjM3MzU4RjA5ODExRUQ4MEZENEExRjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHMwDQYJKoZIhvcNAQELBQAD
ggEBABzZtUJuUsMBCF2qqkk6FA7p0h9sMt26JlJfvTzyBxEB3AS7DQGNeBBb4h4i
ZVNvgVfrbl1OLxymB/H9z/2vZf1d7sOtRUFGG+MYSrQbZwS25URz3U92KjlewbNk
+aUztLG104rbEQ61qEAOajqY3MhSHj1KNmCkuRuEmpZqfRtWOjImsHMfka5GF1nZ
LOOlvCK91qrmuEXjXIyiCl9wxQhXIY2BJ5qI/NEMHZY5I7kZ4AMvUoB9HY/+QsT8
OJmiU5x+I3BXPrOq5lTsmODNARMjctv6SN0+pjmrpzflwy6DZmvUx/hYABBngfYB
SOx8yjsmJ1yR3patZD+Bx1xx1Nw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:07 2024 by rpki-client on console-fra.rpki-client.org