Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/53B1B418829611EBA218520CF8AEA228.roa
File: 53B1B418829611EBA218520CF8AEA228.roa (raw, json)
Hash identifier: 3emFxV3ScqinBgfFLvS3FhscGMoom57Z29DYplzJHfQ=
Subject key identifier: 9A:65:16:DE:F6:FF:F1:8F:B7:2E:FC:9C:4E:7F:8B:B8:1A:E1:7A:8D
Certificate issuer: /CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Certificate serial: 090B
Authority key identifier: 8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/53B1B418829611EBA218520CF8AEA228.roa
Signing time: Thu 11 Mar 2021 18:19:33 +0000
ROA not before: Thu 11 Mar 2021 18:19:27 +0000
ROA not after: Tue 11 Mar 2031 18:19:27 +0000
asID: 33764
IP address blocks: 2001:42d0:af00::/40 maxlen: 40
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2315 (0x90b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Validity
Not Before: Mar 11 18:19:27 2021 GMT
Not After : Mar 11 18:19:27 2031 GMT
Subject: CN=604a5f34-0778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8d:43:61:d1:58:a7:58:fe:9d:dd:d1:1d:a8:
49:ac:2f:69:d2:07:ca:1f:01:b6:74:b1:4c:14:88:
e6:5c:d6:8a:c0:ea:af:06:ec:85:63:a2:13:2c:05:
ae:d0:f1:db:5f:b0:48:81:a1:97:58:bb:12:5f:70:
9f:80:fa:d3:13:02:2a:f6:fe:8c:06:d9:24:fb:db:
3e:f1:1f:b3:37:f9:6d:d7:04:2d:21:e7:18:c6:2a:
69:aa:53:e1:44:02:ce:da:a6:fd:9c:64:cd:5d:a7:
73:53:d6:0b:58:60:3e:4b:3f:9c:be:d8:d5:85:dd:
fa:65:11:e7:b9:f5:43:08:ba:75:b5:d4:79:bc:d0:
ea:57:7c:83:a1:17:4d:48:df:49:ec:95:f2:24:51:
14:8f:e0:75:35:2e:fd:96:40:18:ee:9a:64:cc:69:
18:3a:fe:4c:be:e9:1c:b5:7b:53:16:01:df:2a:3f:
27:88:a9:17:93:b1:d9:0d:5f:13:d4:14:05:3f:2f:
f9:b6:e3:7d:f5:2b:0a:79:c6:b5:75:83:e6:95:00:
d9:11:63:cb:c8:e7:e3:61:5e:2b:45:53:00:d7:65:
18:f6:53:db:6b:2a:da:94:b2:72:d9:c7:27:63:a2:
30:2f:be:b3:07:4c:9b:29:4c:71:2e:4e:c4:05:96:
b1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:65:16:DE:F6:FF:F1:8F:B7:2E:FC:9C:4E:7F:8B:B8:1A:E1:7A:8D
X509v3 Authority Key Identifier:
keyid:8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/53B1B418829611EBA218520CF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:42d0:af00::/40
Signature Algorithm: sha256WithRSAEncryption
6c:3b:f6:e5:4a:1f:69:eb:75:4f:45:10:1d:0b:6c:2a:65:79:
0d:67:34:d0:5c:8c:91:ea:9b:ae:78:16:03:8d:db:a5:45:24:
0a:00:7d:6f:0a:fa:d9:25:3d:85:fd:cc:46:27:7e:dd:73:c9:
18:ce:a6:84:35:c8:79:a9:fd:43:18:8c:0e:5e:7f:1c:4f:e9:
80:ba:90:3f:5e:09:e2:fd:91:34:d0:55:6f:5b:25:b1:66:a3:
e3:9e:84:9d:b4:45:bc:bb:97:1b:6d:5b:96:8d:c8:67:8d:3d:
f0:a3:80:00:a6:80:06:fa:ed:0c:aa:c3:27:64:cb:e7:a0:04:
32:2a:54:56:2e:58:71:bb:23:c0:0e:d6:42:97:15:0a:bc:74:
e3:6d:bd:51:66:77:13:8d:a8:bd:cb:80:ec:28:d7:a2:2a:9d:
b4:db:bc:1f:34:6d:fc:29:c4:02:a0:39:71:21:5c:07:6b:01:
87:23:fd:9a:30:02:3f:a1:7c:8f:2d:0b:28:f3:54:1e:fd:8b:
d8:3c:3d:26:30:aa:ba:5f:89:3c:60:4a:84:22:fb:05:8f:ea:
e6:e9:81:db:cd:91:29:fe:8c:9c:45:d2:cc:df:ff:9a:4c:81:
96:29:0c:99:59:d3:9c:4e:01:ac:54:dc:b0:99:dd:e1:25:9e:
c0:ff:39:8b
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICCQswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzREMjJBRjExMC8GA1UEBRMoOEQwMUQ4MDhFODk3NzQ1NDNERTIyRDBEQTg0NDM3
OEVDRUE4QkI5QjAeFw0yMTAzMTExODE5MjdaFw0zMTAzMTExODE5MjdaMBgxFjAU
BgNVBAMTDTYwNGE1ZjM0LTA3NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9jUNh0VinWP6d3dEdqEmsL2nSB8ofAbZ0sUwUiOZc1orA6q8G7IVjohMs
Ba7Q8dtfsEiBoZdYuxJfcJ+A+tMTAir2/owG2ST72z7xH7M3+W3XBC0h5xjGKmmq
U+FEAs7apv2cZM1dp3NT1gtYYD5LP5y+2NWF3fplEee59UMIunW11Hm80OpXfIOh
F01I30nslfIkURSP4HU1Lv2WQBjummTMaRg6/ky+6Ry1e1MWAd8qPyeIqReTsdkN
XxPUFAU/L/m24331Kwp5xrV1g+aVANkRY8vI5+NhXitFUwDXZRj2U9trKtqUsnLZ
xydjojAvvrMHTJspTHEuTsQFlrEVAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUmmUW
3vb/8Y+3LvycTn+LuBrheo0wHwYDVR0jBBgwFoAUjQHYCOiXdFQ94i0NqEQ3js6o
u5swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4QUVBMjI4L2pRSFlD
T2lYZEZROTRpME5xRVEzanM2b3U1cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pRSFlDT2lYZEZROTRpME5xRVEzanM2b3U1cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4
QUVBMjI4LzUzQjFCNDE4ODI5NjExRUJBMjE4NTIwQ0Y4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAgAULQrzANBgkqhkiG9w0B
AQsFAAOCAQEAbDv25Uofaet1T0UQHQtsKmV5DWc00FyMkeqbrngWA43bpUUkCgB9
bwr62SU9hf3MRid+3XPJGM6mhDXIean9QxiMDl5/HE/pgLqQP14J4v2RNNBVb1sl
sWaj456EnbRFvLuXG21blo3IZ4098KOAAKaABvrtDKrDJ2TL56AEMipUVi5Ycbsj
wA7WQpcVCrx04229UWZ3E42ovcuA7CjXoiqdtNu8HzRt/CnEAqA5cSFcB2sBhyP9
mjACP6F8jy0LKPNUHv2L2Dw9JjCqul+JPGBKhCL7BY/q5umB282RKf6MnEXSzN//
mkyBlikMmVnTnE4BrFTcsJnd4SWewP85iw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:56 2023 by rpki-client on console-ams.rpki-client.org