Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/031D11B8829711EB86A70E0DF8AEA228.roa
File: 031D11B8829711EB86A70E0DF8AEA228.roa (raw, json)
Hash identifier: mb1gZJRqrAjJG7oRls5Xak/QZ/N9H/+b9fmhkmFtzpc=
Subject key identifier: 64:E8:3F:08:6D:2E:CF:DC:66:BC:05:D7:32:F3:9E:02:A0:46:81:51
Certificate issuer: /CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Certificate serial: 090D
Authority key identifier: 8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/031D11B8829711EB86A70E0DF8AEA228.roa
Signing time: Thu 11 Mar 2021 18:24:27 +0000
ROA not before: Thu 11 Mar 2021 18:24:22 +0000
ROA not after: Tue 11 Mar 2031 18:24:22 +0000
asID: 33764
IP address blocks: 2001:42d0:1500::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2317 (0x90d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Validity
Not Before: Mar 11 18:24:22 2021 GMT
Not After : Mar 11 18:24:22 2031 GMT
Subject: CN=604a605b-94e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e3:9e:16:60:de:00:f0:ee:af:a8:62:98:fc:
f3:0a:77:15:7b:a1:7c:46:cd:e7:06:a8:e3:7f:7d:
8b:36:44:8d:b1:d5:8d:05:6e:ed:bf:03:e3:cd:7b:
78:35:62:61:30:23:29:ff:0e:7e:62:d7:bf:5c:a2:
bf:d6:57:bf:42:7a:09:54:7c:7a:8e:6f:b2:16:0a:
5d:05:ec:ff:70:7a:ef:b8:65:6b:9a:0e:16:bc:2e:
4c:67:68:29:b6:98:6d:c6:7e:08:38:7a:26:b2:a6:
23:83:7b:ea:aa:25:55:96:95:29:60:fd:26:5d:52:
8b:52:65:ef:65:1e:ff:b8:d8:7b:06:f8:7c:21:c4:
e6:8e:7d:a1:55:78:fd:31:71:e5:36:66:d1:bb:01:
76:02:d2:db:9d:79:d1:7e:80:dc:29:eb:03:97:69:
59:20:51:8f:dc:68:61:ef:1a:c9:ba:aa:3f:87:24:
a0:77:1d:cb:3d:43:da:71:2c:b2:d9:f9:d6:71:ff:
3d:23:11:ce:88:f1:3e:cd:aa:b4:70:46:a5:ed:21:
60:ca:aa:53:7a:8b:1d:82:e7:a2:63:33:6c:95:20:
07:bc:df:4b:57:1e:23:c1:2c:76:50:d2:d8:e1:5d:
f7:42:ba:08:16:a4:81:47:e2:9c:48:7d:b7:e3:f6:
a4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E8:3F:08:6D:2E:CF:DC:66:BC:05:D7:32:F3:9E:02:A0:46:81:51
X509v3 Authority Key Identifier:
keyid:8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/031D11B8829711EB86A70E0DF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:42d0:1500::/40
Signature Algorithm: sha256WithRSAEncryption
0a:53:a2:e3:c1:81:e9:c0:27:9d:3a:35:eb:30:5b:6a:55:c5:
f4:1b:5f:e4:68:e8:46:ec:5f:e0:90:5c:96:6f:3c:0c:ff:89:
dd:7d:1d:63:9f:c0:24:03:da:cc:fa:6f:2f:1e:6c:f4:2b:27:
14:7d:7d:70:88:0d:32:13:67:91:e2:d1:ca:f2:a8:e1:03:af:
97:16:5d:87:5c:ef:d2:42:16:0a:d8:f7:e4:5d:0a:84:11:15:
93:12:5f:62:02:e3:3d:6f:07:a8:a7:ad:75:b7:27:91:7c:be:
70:ec:0e:41:15:53:77:34:f9:24:b9:29:6d:91:3f:bb:a3:16:
8f:e6:7f:bd:c9:c3:5c:09:f4:71:30:3e:24:7d:e3:97:ed:2c:
35:75:bc:71:4f:95:03:fa:27:09:07:87:aa:7f:e1:1c:46:b8:
49:b2:3f:34:ae:09:6e:06:e2:57:04:d4:f4:05:c2:a1:5e:d3:
55:77:d4:67:7b:02:de:70:36:26:e9:99:86:bd:79:90:bb:10:
5e:30:76:c8:b7:87:b8:0c:d4:34:34:a5:7a:4e:88:15:45:e4:
aa:c7:6c:4a:6f:3a:ff:a3:3d:e3:8c:4a:a3:3f:2b:4c:47:6e:
7a:aa:b0:7f:97:0a:63:8a:99:d1:d4:fb:cf:b0:45:ea:3a:1c:
8e:89:0e:46
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICCQ0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzREMjJBRjExMC8GA1UEBRMoOEQwMUQ4MDhFODk3NzQ1NDNERTIyRDBEQTg0NDM3
OEVDRUE4QkI5QjAeFw0yMTAzMTExODI0MjJaFw0zMTAzMTExODI0MjJaMBgxFjAU
BgNVBAMTDTYwNGE2MDViLTk0ZTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCt454WYN4A8O6vqGKY/PMKdxV7oXxGzecGqON/fYs2RI2x1Y0Fbu2/A+PN
e3g1YmEwIyn/Dn5i179cor/WV79CeglUfHqOb7IWCl0F7P9weu+4ZWuaDha8Lkxn
aCm2mG3Gfgg4eiaypiODe+qqJVWWlSlg/SZdUotSZe9lHv+42HsG+HwhxOaOfaFV
eP0xceU2ZtG7AXYC0tudedF+gNwp6wOXaVkgUY/caGHvGsm6qj+HJKB3Hcs9Q9px
LLLZ+dZx/z0jEc6I8T7NqrRwRqXtIWDKqlN6ix2C56JjM2yVIAe830tXHiPBLHZQ
0tjhXfdCuggWpIFH4pxIfbfj9qRPAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUZOg/
CG0uz9xmvAXXMvOeAqBGgVEwHwYDVR0jBBgwFoAUjQHYCOiXdFQ94i0NqEQ3js6o
u5swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4QUVBMjI4L2pRSFlD
T2lYZEZROTRpME5xRVEzanM2b3U1cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pRSFlDT2lYZEZROTRpME5xRVEzanM2b3U1cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4
QUVBMjI4LzAzMUQxMUI4ODI5NzExRUI4NkE3MEUwREY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAgAULQFTANBgkqhkiG9w0B
AQsFAAOCAQEAClOi48GB6cAnnTo16zBbalXF9Btf5GjoRuxf4JBclm88DP+J3X0d
Y5/AJAPazPpvLx5s9CsnFH19cIgNMhNnkeLRyvKo4QOvlxZdh1zv0kIWCtj35F0K
hBEVkxJfYgLjPW8HqKetdbcnkXy+cOwOQRVTdzT5JLkpbZE/u6MWj+Z/vcnDXAn0
cTA+JH3jl+0sNXW8cU+VA/onCQeHqn/hHEa4SbI/NK4JbgbiVwTU9AXCoV7TVXfU
Z3sC3nA2JumZhr15kLsQXjB2yLeHuAzUNDSlek6IFUXkqsdsSm86/6M944xKoz8r
TEdueqqwf5cKY4qZ0dT7z7BF6jocjokORg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:08 2024 by rpki-client on console-fra.rpki-client.org