Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/5A2FCBFA209711EC853E7C56D8A014CE.roa
File: 5A2FCBFA209711EC853E7C56D8A014CE.roa (raw, json)
Hash identifier: Tdf6vy+36oQ6MyxbdG1pHwDCxKSBYQwHrY4+JPKY+iw=
Subject key identifier: E1:E8:A9:90:B6:A9:59:59:7C:AB:93:83:06:EA:67:DF:E8:3F:E1:E5
Certificate issuer: /CN=F36F0628AF/serialNumber=8605D7599A0402F70EC2F258D6C16BD2E4E8D1FE
Certificate serial: 42
Authority key identifier: 86:05:D7:59:9A:04:02:F7:0E:C2:F2:58:D6:C1:6B:D2:E4:E8:D1:FE
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/hgXXWZoEAvcOwvJY1sFr0uTo0f4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/5A2FCBFA209711EC853E7C56D8A014CE.roa
Signing time: Tue 28 Sep 2021 20:04:57 +0000
ROA not before: Tue 28 Sep 2021 20:04:47 +0000
ROA not after: Wed 28 Sep 2022 20:04:47 +0000
asID: 327814
IP address blocks: 154.65.96.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66 (0x42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F0628AF/serialNumber=8605D7599A0402F70EC2F258D6C16BD2E4E8D1FE
Validity
Not Before: Sep 28 20:04:47 2021 GMT
Not After : Sep 28 20:04:47 2022 GMT
Subject: CN=61537569-eaec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:91:f7:eb:25:9a:86:99:d3:91:92:78:28:7f:
8c:4d:25:51:fa:73:c6:a9:12:38:15:f9:3c:41:48:
e4:05:a9:5e:ba:d3:af:3e:0c:7c:6a:28:e5:24:6d:
65:38:df:07:dd:86:ff:5a:2b:9f:4b:57:5b:a1:b1:
93:66:7f:90:3c:f8:12:72:c9:09:2b:db:a8:54:8a:
d6:14:77:d3:b6:38:4d:32:27:3f:fe:49:6f:eb:57:
d1:85:a3:af:d0:db:52:54:b0:94:71:bc:5e:59:d0:
78:e0:ca:07:1b:2e:7d:8a:4c:09:82:5f:72:ce:0b:
fa:99:cf:44:2d:23:c2:8b:e7:2e:14:43:11:42:12:
57:06:5a:54:f4:bd:d9:9d:cc:23:ee:70:54:8e:2d:
fa:70:fa:2e:83:06:24:af:68:8e:a4:a9:ce:23:b8:
d0:3f:e1:50:09:5a:d0:1d:0c:f6:77:b2:2e:fb:3f:
72:b1:3f:c7:86:4b:b0:c8:8f:1d:29:85:e4:ea:16:
bf:57:02:ae:5f:8d:b8:1e:93:90:1c:a4:21:90:af:
08:41:cd:1c:2d:92:d5:ec:bf:0a:0a:ad:47:0a:78:
1a:60:70:c8:06:6f:16:0c:74:45:5b:74:b1:09:da:
48:94:95:47:3d:25:36:79:fa:ec:95:b9:dc:cd:18:
48:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E8:A9:90:B6:A9:59:59:7C:AB:93:83:06:EA:67:DF:E8:3F:E1:E5
X509v3 Authority Key Identifier:
keyid:86:05:D7:59:9A:04:02:F7:0E:C2:F2:58:D6:C1:6B:D2:E4:E8:D1:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/hgXXWZoEAvcOwvJY1sFr0uTo0f4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hgXXWZoEAvcOwvJY1sFr0uTo0f4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F0628/F0CCBE7CFBA011EBAB786C49D8A014CE/5A2FCBFA209711EC853E7C56D8A014CE.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.65.96.0/20
Signature Algorithm: sha256WithRSAEncryption
6d:bb:7d:28:87:a0:a3:f4:76:20:29:7a:93:30:4e:0e:61:70:
3e:fa:f1:5d:da:eb:4b:94:1a:bb:22:56:87:5a:5f:d9:d4:a1:
21:75:a1:76:ba:74:32:b5:49:11:2b:e0:e8:3d:52:49:ea:3f:
14:ce:da:01:42:1a:f1:85:f0:55:d6:1d:df:04:ec:44:bf:ca:
fe:c6:c0:3d:7d:76:9e:95:67:3b:63:47:c5:91:a4:60:33:1f:
77:bb:3d:30:74:b6:25:68:83:d4:83:fc:34:a7:a7:bf:56:79:
05:d5:8d:2b:d5:65:60:5a:67:9c:2a:44:02:e0:05:21:6c:7c:
cc:8b:f8:b5:82:4a:f3:29:53:81:2a:fd:63:e5:68:f9:c1:d5:
cd:f9:73:77:60:19:90:48:30:70:c7:7b:ef:3b:02:d0:62:3e:
1e:e3:d4:c6:53:2a:a3:49:28:fa:11:9c:37:4c:50:18:ef:20:
a0:32:74:d9:f2:16:06:8f:b6:7c:97:f7:1e:15:f5:35:d3:27:
b6:8c:b9:06:f1:4d:16:2e:a2:e5:e9:0b:0d:98:82:bb:bd:98:
a4:1e:3c:ad:6f:7b:10:32:32:8c:1d:a1:84:f1:31:e6:1c:32:
03:e6:a9:41:fb:c1:86:d1:0d:6a:6b:00:62:5a:f2:f1:ea:27:
9d:15:f4:75
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBQjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZG
MDYyOEFGMTEwLwYDVQQFEyg4NjA1RDc1OTlBMDQwMkY3MEVDMkYyNThENkMxNkJE
MkU0RThEMUZFMB4XDTIxMDkyODIwMDQ0N1oXDTIyMDkyODIwMDQ0N1owGDEWMBQG
A1UEAwwNNjE1Mzc1NjktZWFlYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2R9+slmoaZ05GSeCh/jE0lUfpzxqkSOBX5PEFI5AWpXrrTrz4MfGoo5SRt
ZTjfB92G/1orn0tXW6Gxk2Z/kDz4EnLJCSvbqFSK1hR307Y4TTInP/5Jb+tX0YWj
r9DbUlSwlHG8XlnQeODKBxsufYpMCYJfcs4L+pnPRC0jwovnLhRDEUISVwZaVPS9
2Z3MI+5wVI4t+nD6LoMGJK9ojqSpziO40D/hUAla0B0M9neyLvs/crE/x4ZLsMiP
HSmF5OoWv1cCrl+NuB6TkBykIZCvCEHNHC2S1ey/CgqtRwp4GmBwyAZvFgx0RVt0
sQnaSJSVRz0lNnn67JW53M0YSGUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTh6KmQ
tqlZWXyrk4MG6mff6D/h5TAfBgNVHSMEGDAWgBSGBddZmgQC9w7C8ljWwWvS5OjR
/jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjA2MjgvRjBDQ0JFN0NGQkEwMTFFQkFCNzg2QzQ5RDhBMDE0Q0UvaGdYWFda
b0VBdmNPd3ZKWTFzRnIwdVRvMGY0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaGdYWFdab0VBdmNPd3ZKWTFzRnIwdVRvMGY0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjA2MjgvRjBDQ0JFN0NGQkEwMTFFQkFCNzg2QzQ5RDhB
MDE0Q0UvNUEyRkNCRkEyMDk3MTFFQzg1M0U3QzU2RDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBJpBYDANBgkqhkiG9w0BAQsF
AAOCAQEAbbt9KIego/R2ICl6kzBODmFwPvrxXdrrS5QauyJWh1pf2dShIXWhdrp0
MrVJESvg6D1SSeo/FM7aAUIa8YXwVdYd3wTsRL/K/sbAPX12npVnO2NHxZGkYDMf
d7s9MHS2JWiD1IP8NKenv1Z5BdWNK9VlYFpnnCpEAuAFIWx8zIv4tYJK8ylTgSr9
Y+Vo+cHVzflzd2AZkEgwcMd77zsC0GI+HuPUxlMqo0ko+hGcN0xQGO8goDJ02fIW
Bo+2fJf3HhX1NdMntoy5BvFNFi6i5ekLDZiCu72YpB48rW97EDIyjB2hhPEx5hwy
A+apQfvBhtENamsAYlry8eonnRX0dQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:33 2023 by rpki-client on console-fra.rpki-client.org