Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/EABB83B0D70F11ECBE2312F2F1222468.roa
File: EABB83B0D70F11ECBE2312F2F1222468.roa (raw, json)
Hash identifier: PJGO3B2t/l/D81sOYlLfHHTvMmNqrOK8zT01amLhLSU=
Subject key identifier: 84:7C:4E:CF:CE:B0:44:47:27:15:4D:3A:CD:A9:98:6D:02:2C:32:D7
Certificate issuer: /CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Certificate serial: 0AFC
Authority key identifier: 8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/EABB83B0D70F11ECBE2312F2F1222468.roa
Signing time: Thu 19 May 2022 01:06:30 +0000
ROA not before: Thu 19 May 2022 01:06:27 +0000
ROA not after: Wed 08 Jun 2022 01:06:27 +0000
asID: 37388
IP address blocks: 196.61.0.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2812 (0xafc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Validity
Not Before: May 19 01:06:27 2022 GMT
Not After : Jun 8 01:06:27 2022 GMT
Subject: CN=62859816-ba3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:64:b6:1b:c1:fe:78:c2:a3:16:3c:27:41:e6:
6d:47:7f:cd:1a:f7:4f:6a:61:f2:06:34:05:93:96:
ea:e4:05:49:58:10:9c:25:0d:45:01:d7:2d:ad:1c:
98:e2:cf:2e:a2:ea:ea:77:be:f6:b3:bc:5c:75:c8:
89:51:a7:2a:8c:84:b5:ef:5d:59:0c:ed:97:c0:d3:
ef:f2:7e:12:1a:89:7a:8f:ef:b4:78:f5:04:5a:53:
ea:14:77:81:cd:72:d4:ca:1a:99:1c:b2:11:21:0e:
e6:68:0b:40:84:c0:af:21:6d:25:02:e2:e9:c6:69:
40:21:c8:68:7e:9f:16:d8:80:7d:25:3b:02:29:9a:
b9:29:db:c8:e4:22:7f:5d:31:47:d2:d4:f3:7e:83:
d8:02:85:81:d1:79:03:a8:79:f3:03:bd:71:32:7e:
05:dd:a5:08:bd:67:05:ca:59:2a:21:e7:aa:64:e0:
94:cf:c6:ae:9f:9d:e5:37:d8:2e:66:e1:14:cd:61:
1a:88:41:5a:23:a8:6d:c1:a9:10:66:9c:a2:cb:18:
81:b9:18:08:db:54:86:1d:44:f8:b4:65:9d:8e:8d:
8a:c7:96:6d:b4:a4:b1:18:7c:2d:4b:29:44:90:e5:
50:cd:37:69:99:fb:1c:68:02:1c:39:fd:ef:80:42:
ba:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:7C:4E:CF:CE:B0:44:47:27:15:4D:3A:CD:A9:98:6D:02:2C:32:D7
X509v3 Authority Key Identifier:
keyid:8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/EABB83B0D70F11ECBE2312F2F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.61.0.0/22
Signature Algorithm: sha256WithRSAEncryption
79:eb:97:65:e6:90:e5:23:04:7f:7b:79:57:6e:a3:ed:34:12:
d3:e6:f0:16:12:77:74:27:c6:68:9b:03:61:83:39:0d:38:ce:
7a:c4:9b:56:e6:5b:25:eb:61:10:84:2c:ed:78:b8:21:eb:68:
81:63:a6:a7:07:36:ca:42:f5:89:18:74:be:c2:ca:a1:e1:d3:
4b:57:c5:30:f9:37:20:1b:14:42:0b:a8:19:db:ad:67:ef:00:
cc:9f:dd:59:dc:8e:5f:a8:24:66:6c:87:e9:51:ca:aa:67:8e:
f4:b9:d8:bd:f5:1c:33:c7:5b:e2:39:10:9a:ed:c0:ac:77:ce:
33:b5:0e:05:c2:90:e5:24:58:08:a6:d2:23:48:b5:b8:fd:04:
e3:6b:bd:b8:53:bd:c1:72:b0:8f:f0:38:e7:9e:cd:9e:c5:98:
e9:92:fa:bb:54:f0:89:76:2a:60:7c:58:39:aa:73:3f:da:f6:
50:a3:e0:1e:b4:6f:d1:6e:0d:4d:f8:5d:af:d4:f0:d1:15:03:
4c:82:11:56:d9:63:bd:13:64:be:de:1a:da:cc:b7:fb:c8:95:
fd:2a:a6:e9:20:b9:f3:e7:14:b4:f0:9a:11:b6:de:94:27:c6:
06:db:0d:a0:84:9d:1d:13:d4:b5:94:ef:46:d4:9d:44:a7:32:
a9:0a:77:ce
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCvwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MzREMjJBRjExMC8GA1UEBRMoOEQwMUQ4MDhFODk3NzQ1NDNERTIyRDBEQTg0NDM3
OEVDRUE4QkI5QjAeFw0yMjA1MTkwMTA2MjdaFw0yMjA2MDgwMTA2MjdaMBgxFjAU
BgNVBAMMDTYyODU5ODE2LWJhM2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCjZLYbwf54wqMWPCdB5m1Hf80a909qYfIGNAWTlurkBUlYEJwlDUUB1y2t
HJjizy6i6up3vvazvFx1yIlRpyqMhLXvXVkM7ZfA0+/yfhIaiXqP77R49QRaU+oU
d4HNctTKGpkcshEhDuZoC0CEwK8hbSUC4unGaUAhyGh+nxbYgH0lOwIpmrkp28jk
In9dMUfS1PN+g9gChYHReQOoefMDvXEyfgXdpQi9ZwXKWSoh56pk4JTPxq6fneU3
2C5m4RTNYRqIQVojqG3BqRBmnKLLGIG5GAjbVIYdRPi0ZZ2OjYrHlm20pLEYfC1L
KUSQ5VDNN2mZ+xxoAhw5/e+AQro7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhHxO
z86wREcnFU06zamYbQIsMtcwHwYDVR0jBBgwFoAUjQHYCOiXdFQ94i0NqEQ3js6o
u5swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4QUVBMjI4L2pRSFlD
T2lYZEZROTRpME5xRVEzanM2b3U1cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pRSFlDT2lYZEZROTRpME5xRVEzanM2b3U1cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4
QUVBMjI4L0VBQkI4M0IwRDcwRjExRUNCRTIzMTJGMkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALEPQAwDQYJKoZIhvcNAQEL
BQADggEBAHnrl2XmkOUjBH97eVduo+00EtPm8BYSd3QnxmibA2GDOQ04znrEm1bm
WyXrYRCELO14uCHraIFjpqcHNspC9YkYdL7CyqHh00tXxTD5NyAbFEILqBnbrWfv
AMyf3Vncjl+oJGZsh+lRyqpnjvS52L31HDPHW+I5EJrtwKx3zjO1DgXCkOUkWAim
0iNItbj9BONrvbhTvcFysI/wOOeezZ7FmOmS+rtU8Il2KmB8WDmqcz/a9lCj4B60
b9FuDU34Xa/U8NEVA0yCEVbZY70TZL7eGtrMt/vIlf0qpukgufPnFLTwmhG23pQn
xgbbDaCEnR0T1LWU70bUnUSnMqkKd84=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:32 2024 by rpki-client on console-ams.rpki-client.org