Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/964118EAD70F11ECA04CB9F0F1222468.roa
File: 964118EAD70F11ECA04CB9F0F1222468.roa (raw, json)
Hash identifier: HfEX11DSOpAmbd+CNT2t1oSNfTAliLPqHLZFNkyxFk0=
Subject key identifier: 7E:B5:E4:4F:74:DD:28:CF:B8:5D:FC:55:B1:AE:7E:26:43:49:69:BF
Certificate issuer: /CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Certificate serial: 0AFA
Authority key identifier: 8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/964118EAD70F11ECA04CB9F0F1222468.roa
Signing time: Thu 19 May 2022 01:04:09 +0000
ROA not before: Thu 19 May 2022 01:04:04 +0000
ROA not after: Wed 08 Jun 2022 01:04:04 +0000
asID: 37388
IP address blocks: 2001:43f8:220::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2810 (0xafa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Validity
Not Before: May 19 01:04:04 2022 GMT
Not After : Jun 8 01:04:04 2022 GMT
Subject: CN=62859789-db47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:d0:11:ec:bd:80:c5:c0:3b:df:30:f5:c8:ac:
2c:cf:bb:f6:37:1b:cd:7c:e6:39:55:54:95:b6:09:
84:10:c4:58:57:e7:36:22:2b:ad:68:32:1e:05:9b:
e3:55:31:95:e2:80:d9:1d:76:a3:f3:81:41:5c:13:
8b:9d:c8:ef:52:63:40:bb:11:86:72:d3:c3:e2:94:
3f:34:76:44:d2:84:d5:0e:7b:32:ef:06:b1:eb:b5:
a1:d9:44:32:50:ec:88:2c:e8:ed:c6:6a:fb:12:76:
70:5e:46:9f:3f:d0:8c:f7:d9:4d:8e:db:bb:2d:b3:
1e:b8:9a:de:a8:67:2d:5a:11:9f:f1:3a:9f:4b:30:
94:5e:84:9b:1e:45:cc:49:58:58:1e:8d:40:81:c0:
5f:5e:76:65:7d:cb:38:3b:7e:a4:6b:1a:79:3d:d2:
a9:56:3c:62:60:62:79:c2:46:50:1a:4e:f9:51:79:
cf:42:d9:7a:4b:6d:53:24:71:fa:d3:87:5a:02:ed:
29:fa:f4:c0:71:a5:e5:73:e4:96:30:9d:8b:ea:09:
0c:dd:5d:b5:c4:85:08:80:08:d4:c1:93:c2:e5:ce:
dd:b6:06:62:25:06:ad:ed:85:3f:e8:20:63:c3:9e:
af:92:10:2b:78:7c:d4:41:75:19:df:3e:1b:68:38:
72:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:B5:E4:4F:74:DD:28:CF:B8:5D:FC:55:B1:AE:7E:26:43:49:69:BF
X509v3 Authority Key Identifier:
keyid:8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/964118EAD70F11ECA04CB9F0F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:43f8:220::/48
Signature Algorithm: sha256WithRSAEncryption
92:be:5e:f2:a5:39:b9:35:06:57:a8:4a:bd:cd:4b:d7:6e:5e:
59:06:5a:0b:ea:c3:d4:18:de:0a:e1:c7:73:f6:91:8e:2b:60:
cc:3e:60:da:e2:9f:98:5e:35:c6:11:62:10:a2:b6:3f:05:85:
02:5f:58:42:bc:3f:f4:0d:0a:1b:95:ba:f4:03:40:71:ba:4f:
f4:17:db:b8:05:8e:ba:6b:2b:21:02:e0:44:ed:56:b4:b9:c3:
c0:12:79:a0:f1:57:69:8c:27:4e:a7:e9:56:c0:18:76:54:bf:
62:a4:3d:bf:35:85:9e:7d:7d:79:c8:3b:a3:ad:54:84:5d:50:
54:54:64:7b:0d:d3:d5:8a:cd:af:51:97:42:10:76:c5:c9:48:
da:49:fe:49:df:30:65:f4:74:74:c6:16:49:57:7d:ed:94:44:
cd:d1:8f:e3:ff:a5:0f:ea:ce:5f:0e:97:03:ec:c3:01:ea:8e:
8b:07:61:e1:be:6f:61:c7:68:5b:25:62:30:ed:e5:35:ed:4c:
41:88:c4:a4:b4:46:bc:e3:e9:6b:86:fd:ea:2b:1c:aa:88:9a:
be:1e:de:63:8f:32:86:f4:73:cc:1f:9f:01:2a:be:af:74:8a:
f6:63:58:27:c3:28:8d:57:2d:74:93:60:d1:31:3d:e7:5e:44:
b7:7f:92:36
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCvowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MzREMjJBRjExMC8GA1UEBRMoOEQwMUQ4MDhFODk3NzQ1NDNERTIyRDBEQTg0NDM3
OEVDRUE4QkI5QjAeFw0yMjA1MTkwMTA0MDRaFw0yMjA2MDgwMTA0MDRaMBgxFjAU
BgNVBAMMDTYyODU5Nzg5LWRiNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDm0BHsvYDFwDvfMPXIrCzPu/Y3G8185jlVVJW2CYQQxFhX5zYiK61oMh4F
m+NVMZXigNkddqPzgUFcE4udyO9SY0C7EYZy08PilD80dkTShNUOezLvBrHrtaHZ
RDJQ7Igs6O3GavsSdnBeRp8/0Iz32U2O27stsx64mt6oZy1aEZ/xOp9LMJRehJse
RcxJWFgejUCBwF9edmV9yzg7fqRrGnk90qlWPGJgYnnCRlAaTvlRec9C2XpLbVMk
cfrTh1oC7Sn69MBxpeVz5JYwnYvqCQzdXbXEhQiACNTBk8Llzt22BmIlBq3thT/o
IGPDnq+SECt4fNRBdRnfPhtoOHJZAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUfrXk
T3TdKM+4XfxVsa5+JkNJab8wHwYDVR0jBBgwFoAUjQHYCOiXdFQ94i0NqEQ3js6o
u5swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4QUVBMjI4L2pRSFlD
T2lYZEZROTRpME5xRVEzanM2b3U1cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pRSFlDT2lYZEZROTRpME5xRVEzanM2b3U1cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4
QUVBMjI4Lzk2NDExOEVBRDcwRjExRUNBMDRDQjlGMEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAUP4AiAwDQYJKoZIhvcN
AQELBQADggEBAJK+XvKlObk1BleoSr3NS9duXlkGWgvqw9QY3grhx3P2kY4rYMw+
YNrin5heNcYRYhCitj8FhQJfWEK8P/QNChuVuvQDQHG6T/QX27gFjrprKyEC4ETt
VrS5w8ASeaDxV2mMJ06n6VbAGHZUv2KkPb81hZ59fXnIO6OtVIRdUFRUZHsN09WK
za9Rl0IQdsXJSNpJ/knfMGX0dHTGFklXfe2URM3Rj+P/pQ/qzl8OlwPswwHqjosH
YeG+b2HHaFslYjDt5TXtTEGIxKS0Rrzj6WuG/eorHKqImr4e3mOPMob0c8wfnwEq
vq90ivZjWCfDKI1XLXSTYNExPedeRLd/kjY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:08 2024 by rpki-client on console-fra.rpki-client.org