Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/c526094a-5a20-4075-b740-9275828115d5/5b369eb9-fe2f-33e7-98cf-09f784f69e74.roa
File: 5b369eb9-fe2f-33e7-98cf-09f784f69e74.roa (raw, json)
Hash identifier: GIIeAhJzmOg0ML7jQu4XepuDZgcRhdYttf4QQvYz/aU=
Subject key identifier: B3:81:81:AE:C0:76:72:03:22:49:DD:C5:B9:80:11:C5:6F:0B:B0:3A
Certificate issuer: /CN=c526094a-5a20-4075-b740-9275828115d5
Certificate serial: 010D0C9F432858486695B92BF60BE7BE922859F0
Authority key identifier: 4B:2E:CB:61:67:71:1D:EC:4F:26:1B:44:BC:CE:DC:9C:68:62:D1:9F
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/c526094a-5a20-4075-b740-9275828115d5.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/c526094a-5a20-4075-b740-9275828115d5/5b369eb9-fe2f-33e7-98cf-09f784f69e74.roa
Signing time: Wed 01 Jan 2025 14:00:53 +0000
ROA not before: Wed 01 Jan 2025 14:00:53 +0000
ROA not after: Tue 01 Apr 2025 13:00:53 +0000
asID: 399678
IP address blocks: 161.145.96.0/23 maxlen: 23
161.145.102.0/23 maxlen: 23
161.145.168.0/23 maxlen: 23
161.145.172.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:48:66:95:b9:2b:f6:0b:e7:be:92:28:59:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c526094a-5a20-4075-b740-9275828115d5
Validity
Not Before: Jan 1 14:00:53 2025 GMT
Not After : Apr 1 13:00:53 2025 GMT
Subject: CN=ffdae2c5-983a-42c3-a54a-029de79c1447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:38:7e:7f:fb:b6:35:9e:e4:a7:f7:00:3e:8a:
2b:02:27:43:9f:3c:b0:21:24:66:7c:4e:47:9a:6b:
a2:03:3f:79:eb:a5:23:09:f3:51:1e:fa:df:78:dc:
d0:37:d5:75:8e:5e:14:08:37:4a:2d:d3:b6:48:70:
da:a2:41:b0:e3:e9:e2:e4:35:6b:0c:91:e8:0e:af:
fe:33:94:36:98:71:2a:25:22:78:26:f3:0d:f3:ae:
20:27:c4:c7:52:9b:2a:ea:c7:22:06:33:5b:f4:f9:
38:8c:dd:f8:bd:ac:ef:e6:ec:6e:8b:98:01:76:c1:
37:b3:74:54:09:26:ec:81:f8:93:71:41:4d:bc:52:
ba:ee:70:d8:ac:e6:21:84:0d:ec:57:09:c2:90:bc:
04:71:4c:8e:f7:a2:58:df:5f:16:ab:a5:c6:ba:40:
4c:70:72:85:60:33:2e:36:45:84:0c:f4:63:f2:5d:
d5:1b:b5:d2:34:c6:ee:ff:06:95:70:8c:af:96:0f:
2d:4e:84:51:41:a6:c8:2d:ff:7d:5f:ab:a9:1c:fc:
c9:4a:6a:46:19:fa:94:2e:40:91:7e:c3:26:62:ca:
84:01:06:be:af:b3:b5:41:66:c3:c8:4f:08:bc:5d:
a2:19:78:0d:79:e5:93:95:76:35:5d:0e:d6:ae:46:
7c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:81:81:AE:C0:76:72:03:22:49:DD:C5:B9:80:11:C5:6F:0B:B0:3A
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/c526094a-5a20-4075-b740-9275828115d5/5b369eb9-fe2f-33e7-98cf-09f784f69e74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/c526094a-5a20-4075-b740-9275828115d5/c526094a-5a20-4075-b740-9275828115d5.crl
X509v3 Authority Key Identifier:
keyid:4B:2E:CB:61:67:71:1D:EC:4F:26:1B:44:BC:CE:DC:9C:68:62:D1:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/c526094a-5a20-4075-b740-9275828115d5.cer
sbgp-ipAddrBlock: critical
IPv4:
161.145.96.0/23
161.145.102.0/23
161.145.168.0/23
161.145.172.0/22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
95:f5:c7:c5:e4:27:b6:1a:a2:e8:ae:cc:67:00:2e:ff:17:a8:
b3:e2:6a:b1:40:e6:0c:99:88:66:cb:bc:df:61:59:78:54:af:
66:84:65:e4:eb:80:e7:73:82:a4:64:1c:1e:74:56:f3:f9:cd:
85:52:9c:3e:fc:7b:dd:65:57:57:ff:86:62:ff:3c:02:ef:ee:
c0:1e:59:68:8a:fc:d5:5f:99:1c:93:f1:5c:73:bc:38:6e:dc:
1d:f8:41:78:73:56:2b:d2:e5:77:6b:a5:50:45:c5:fd:16:d6:
27:de:f1:03:d4:6f:e0:f6:4a:1c:69:42:de:e6:e9:53:c6:70:
a2:8b:cd:ac:0c:7f:7e:36:28:dc:dd:00:97:bc:47:93:b1:6b:
0a:ed:21:3b:1a:13:a5:28:b3:39:ea:01:68:91:60:14:fa:25:
31:e2:35:75:7d:1d:63:50:f0:4c:10:1f:e5:11:ce:29:cd:94:
6e:27:c8:94:59:8d:d1:74:fb:f4:da:54:96:50:b2:7d:60:bf:
74:97:35:55:a8:b6:7a:d5:10:af:01:88:51:9c:28:b4:2a:16:
af:b8:98:be:a4:2e:ac:8c:73:02:fe:2f:bf:76:a1:b8:cb:57:
55:75:ba:3f:8d:69:11:d4:6e:a9:c1:2f:48:e0:77:40:91:17:
34:82:4d:de
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgIUAQ0Mn0MoWEhmlbkr9gvnvpIoWfAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYzUyNjA5NGEtNWEyMC00MDc1LWI3NDAtOTI3NTgyODEx
NWQ1MB4XDTI1MDEwMTE0MDA1M1oXDTI1MDQwMTEzMDA1M1owLzEtMCsGA1UEAxMk
ZmZkYWUyYzUtOTgzYS00MmMzLWE1NGEtMDI5ZGU3OWMxNDQ3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTh+f/u2NZ7kp/cAPoorAidDnzywISRmfE5H
mmuiAz9566UjCfNRHvrfeNzQN9V1jl4UCDdKLdO2SHDaokGw4+ni5DVrDJHoDq/+
M5Q2mHEqJSJ4JvMN864gJ8THUpsq6sciBjNb9Pk4jN34vazv5uxui5gBdsE3s3RU
CSbsgfiTcUFNvFK67nDYrOYhhA3sVwnCkLwEcUyO96JY318Wq6XGukBMcHKFYDMu
NkWEDPRj8l3VG7XSNMbu/waVcIyvlg8tToRRQabILf99X6upHPzJSmpGGfqULkCR
fsMmYsqEAQa+r7O1QWbDyE8IvF2iGXgNeeWTlXY1XQ7WrkZ8QQIDAQABo4IDZzCC
A2MwHQYDVR0OBBYEFLOBga7AdnIDIkndxbmAEcVvC7A6MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9jNTI2
MDk0YS01YTIwLTQwNzUtYjc0MC05Mjc1ODI4MTE1ZDUvNWIzNjllYjktZmUyZi0z
M2U3LTk4Y2YtMDlmNzg0ZjY5ZTc0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8wMzU3MjcyYy1h
NzlhLTQ1YmYtOTU4Ni05MmRkNDllZjMyMjMvYzUyNjA5NGEtNWEyMC00MDc1LWI3
NDAtOTI3NTgyODExNWQ1L2M1MjYwOTRhLTVhMjAtNDA3NS1iNzQwLTkyNzU4Mjgx
MTVkNS5jcmwwHwYDVR0jBBgwFoAUSy7LYWdxHexPJhtEvM7cnGhi0Z8wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEtNDVi
Zi05NTg2LTkyZGQ0OWVmMzIyMy9jNTI2MDk0YS01YTIwLTQwNzUtYjc0MC05Mjc1
ODI4MTE1ZDUuY2VyMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBoZFgAwQB
oZFmAwQBoZGoAwQCoZGsMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4Bggr
BgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3Bz
Lmh0bWwwDQYJKoZIhvcNAQELBQADggEBAJX1x8XkJ7YaouiuzGcALv8XqLPiarFA
5gyZiGbLvN9hWXhUr2aEZeTrgOdzgqRkHB50VvP5zYVSnD78e91lV1f/hmL/PALv
7sAeWWiK/NVfmRyT8VxzvDhu3B34QXhzVivS5XdrpVBFxf0W1ife8QPUb+D2Shxp
Qt7m6VPGcKKLzawMf342KNzdAJe8R5OxawrtITsaE6UosznqAWiRYBT6JTHiNXV9
HWNQ8EwQH+URzinNlG4nyJRZjdF0+/TaVJZQsn1gv3SXNVWotnrVEK8BiFGcKLQq
Fq+4mL6kLqyMcwL+L792objLV1V1uj+NaRHUbqnBL0jgd0CRFzSCTd4=
-----END CERTIFICATE-----
Generated at Fri Apr 18 17:12:19 2025 by rpki-client