Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/FFBDEE98174511EEAC88CA144AD9E6FC.roa
File: FFBDEE98174511EEAC88CA144AD9E6FC.roa (raw, json)
Hash identifier: 9xMT/4ZiuEU9ynOsf2NMJWERKao1TX8oUBYH1ufABWE=
Subject key identifier: 97:D0:37:39:E7:96:2B:1F:3F:97:AE:AE:9C:3F:56:AD:D0:7F:36:A3
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 03E4
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/FFBDEE98174511EEAC88CA144AD9E6FC.roa
Signing time: Fri 30 Jun 2023 12:59:51 +0000
ROA not before: Fri 30 Jun 2023 12:59:47 +0000
ROA not after: Sun 30 Jun 2024 12:59:47 +0000
asID: 328227
IP address blocks: 156.0.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 996 (0x3e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 12:59:47 2023 GMT
Not After : Jun 30 12:59:47 2024 GMT
Subject: CN=649ed1c6-2ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:14:3c:7d:05:cf:34:84:35:1a:d5:a0:8a:c8:
9e:eb:d6:65:8f:a8:6c:70:ca:a1:27:16:46:ed:33:
47:b7:ef:41:7d:e9:ad:cc:6c:e5:1b:ab:a0:88:c7:
9d:33:21:36:69:d8:05:42:01:6c:96:9d:a7:45:0c:
22:79:c1:93:db:5d:73:2d:a2:c4:1e:3d:cf:58:d1:
66:0a:87:b0:0e:04:c3:55:20:39:75:9d:b5:9c:2a:
b7:20:3f:e1:43:5f:8d:25:5c:d0:c9:aa:f5:9b:49:
6e:81:ec:a6:1f:6b:10:88:5b:0b:5e:9d:84:e7:21:
0a:87:fd:b0:03:15:7b:fa:be:e6:70:d6:d3:33:01:
0c:10:e4:dc:18:3a:0c:c2:b7:2b:df:b1:73:08:8f:
ac:4e:e7:63:e4:5f:7f:a6:48:02:81:db:25:ce:a3:
c0:42:c7:14:bd:d2:0d:6c:9b:cd:7c:6e:c9:e7:88:
a3:48:54:ed:78:79:ea:38:9a:0a:13:ea:a5:af:08:
49:82:54:f4:b0:e3:dd:c9:f2:29:4a:d7:61:aa:19:
ed:b3:db:d9:7e:e1:54:42:0a:a1:75:a0:5f:d2:90:
2a:36:10:d5:f5:9e:a7:4d:20:ac:eb:cb:18:3c:c0:
f4:1a:58:e5:d6:76:fe:bc:5c:a2:04:e7:1a:75:b2:
db:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D0:37:39:E7:96:2B:1F:3F:97:AE:AE:9C:3F:56:AD:D0:7F:36:A3
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/FFBDEE98174511EEAC88CA144AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.105.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:d7:57:f7:d5:2a:41:f9:ba:64:e2:67:a0:de:53:af:51:a0:
8f:4a:89:e0:dd:e5:00:57:72:de:bf:41:2e:17:8c:b9:f5:6d:
28:93:3b:cc:f2:08:66:ef:9a:f5:d1:ca:4d:e6:b6:3c:be:fe:
54:ea:91:d0:b3:e7:be:c3:d3:e6:1f:b5:38:ff:30:c4:9d:5e:
1a:60:4b:4e:66:2d:b7:02:9e:36:67:62:0e:70:e1:a8:66:44:
ce:e5:17:c2:46:22:56:1d:1e:28:94:10:a6:fa:bb:8a:2d:34:
f0:43:60:93:e4:48:1d:c6:86:b1:7a:2f:70:d2:fb:99:51:f1:
16:96:29:43:eb:3f:cc:1a:7e:59:ff:a3:2b:c6:57:31:e7:35:
22:dc:0e:39:70:97:71:7f:a1:57:37:bc:84:ea:52:33:b2:1e:
ac:9b:22:2d:24:78:16:9f:f3:70:f6:59:8a:73:81:d1:ab:fa:
bd:6a:42:d2:bc:55:c5:cd:d1:af:ff:fc:bf:ec:65:04:26:8c:
38:e3:42:13:d9:39:a0:f3:99:df:b6:39:3c:22:5b:95:59:cc:
0a:a9:79:a9:fc:d0:43:7e:03:68:04:ce:29:1d:87:ac:d3:d6:
7e:e1:7d:a9:1d:4c:91:18:56:4c:78:2b:45:c7:e3:db:6c:28:
c0:25:df:61
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA+QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMjU5NDdaFw0yNDA2MzAxMjU5NDdaMBgxFjAU
BgNVBAMTDTY0OWVkMWM2LTJhZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4FDx9Bc80hDUa1aCKyJ7r1mWPqGxwyqEnFkbtM0e370F96a3MbOUbq6CI
x50zITZp2AVCAWyWnadFDCJ5wZPbXXMtosQePc9Y0WYKh7AOBMNVIDl1nbWcKrcg
P+FDX40lXNDJqvWbSW6B7KYfaxCIWwtenYTnIQqH/bADFXv6vuZw1tMzAQwQ5NwY
OgzCtyvfsXMIj6xO52PkX3+mSAKB2yXOo8BCxxS90g1sm818bsnniKNIVO14eeo4
mgoT6qWvCEmCVPSw493J8ilK12GqGe2z29l+4VRCCqF1oF/SkCo2ENX1nqdNIKzr
yxg8wPQaWOXWdv68XKIE5xp1sts1AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUl9A3
OeeWKx8/l66unD9WrdB/NqMwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0ZGQkRFRTk4MTc0NTExRUVBQzg4Q0ExNDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAGkwDQYJKoZIhvcNAQELBQAD
ggEBALjXV/fVKkH5umTiZ6DeU69RoI9KieDd5QBXct6/QS4XjLn1bSiTO8zyCGbv
mvXRyk3mtjy+/lTqkdCz577D0+YftTj/MMSdXhpgS05mLbcCnjZnYg5w4ahmRM7l
F8JGIlYdHiiUEKb6u4otNPBDYJPkSB3GhrF6L3DS+5lR8RaWKUPrP8wafln/oyvG
VzHnNSLcDjlwl3F/oVc3vITqUjOyHqybIi0keBaf83D2WYpzgdGr+r1qQtK8VcXN
0a///L/sZQQmjDjjQhPZOaDzmd+2OTwiW5VZzAqpean80EN+A2gEzikdh6zT1n7h
fakdTJEYVkx4K0XH49tsKMAl32E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:07 2024 by rpki-client on console-fra.rpki-client.org