Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/0897be13-fbfd-390c-905e-fd886c4a983c.roa
File: 0897be13-fbfd-390c-905e-fd886c4a983c.roa (raw, json)
Hash identifier: mYgtn00OIsMqjnxDyff96Cf4VrDJBeqhVTVVZaMaJgc=
Subject key identifier: 80:E7:0F:3C:E3:0B:B8:B5:FA:88:F6:73:DF:61:B8:9D:A1:37:E7:8C
Certificate issuer: /CN=3b72c968-d673-4a7a-bfec-4071a7be5317
Certificate serial: 010D0C9F4328584641E447B5401B45FF864EB380
Authority key identifier: D4:D0:6C:E1:8F:F9:73:1D:53:22:23:6D:36:3F:38:F6:81:03:B5:6F
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/0897be13-fbfd-390c-905e-fd886c4a983c.roa
Signing time: Wed 19 Jun 2024 01:00:24 +0000
ROA not before: Wed 19 Jun 2024 01:00:24 +0000
ROA not after: Tue 17 Sep 2024 01:00:24 +0000
asID: 27589
IP address blocks: 64.59.64.0/18 maxlen: 24
66.244.144.0/20 maxlen: 24
74.206.160.0/19 maxlen: 24
99.192.128.0/17 maxlen: 24
104.193.120.0/22 maxlen: 24
162.250.76.0/22 maxlen: 24
184.94.144.0/20 maxlen: 24
199.19.200.0/21 maxlen: 24
199.59.88.0/21 maxlen: 24
199.182.104.0/21 maxlen: 24
199.241.96.0/21 maxlen: 24
204.13.52.0/22 maxlen: 24
208.74.148.0/22 maxlen: 24
208.122.192.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:46:41:e4:47:b5:40:1b:45:ff:86:4e:b3:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b72c968-d673-4a7a-bfec-4071a7be5317
Validity
Not Before: Jun 19 01:00:24 2024 GMT
Not After : Sep 17 01:00:24 2024 GMT
Subject: CN=ac699965-eb8c-47f3-b1b3-9ff1c936113a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4d:e6:02:80:58:20:25:42:b5:86:dd:31:40:
62:0d:36:d1:13:3a:53:03:bc:a2:5b:0c:55:ff:97:
93:1e:f3:74:4d:ea:a0:9d:da:33:5e:e5:79:be:21:
b5:1b:7d:87:04:b1:ad:72:d3:20:12:3b:e5:ba:fa:
e0:cf:0a:a1:35:dd:e1:dc:ef:12:8a:bf:3f:84:29:
28:91:f8:c2:16:e9:96:df:ef:d7:02:88:c4:30:77:
91:17:16:43:47:0b:1a:00:f7:37:65:49:43:84:ec:
73:fa:10:69:27:14:fd:c9:9d:6c:e6:ca:06:46:7f:
b1:1f:da:a7:46:32:d7:ac:cf:61:10:2b:85:50:3e:
64:70:7c:03:7a:06:3b:dc:32:fe:92:9f:4f:19:ed:
9b:61:f5:b7:19:21:e4:fc:6f:84:a9:ae:a5:5a:2e:
0e:39:a4:30:b7:f1:be:1a:87:bc:19:76:8c:bd:46:
e8:aa:d1:8b:9f:58:ed:06:bb:c0:3d:3d:2a:ab:46:
e6:44:5d:8e:2a:86:8e:8f:9e:d0:5d:aa:9f:1a:f0:
84:9b:d9:50:bf:b7:af:b6:f3:73:f9:97:bf:57:ac:
b4:16:29:c1:45:ba:cc:43:9b:b5:92:fd:3a:00:c6:
f4:ff:b3:b5:75:39:a0:e9:30:66:62:df:eb:e8:7e:
c8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:E7:0F:3C:E3:0B:B8:B5:FA:88:F6:73:DF:61:B8:9D:A1:37:E7:8C
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/0897be13-fbfd-390c-905e-fd886c4a983c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.crl
X509v3 Authority Key Identifier:
keyid:D4:D0:6C:E1:8F:F9:73:1D:53:22:23:6D:36:3F:38:F6:81:03:B5:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer
sbgp-ipAddrBlock: critical
IPv4:
64.59.64.0/18
66.244.144.0/20
74.206.160.0/19
99.192.128.0/17
104.193.120.0/22
162.250.76.0/22
184.94.144.0/20
199.19.200.0/21
199.59.88.0/21
199.182.104.0/21
199.241.96.0/21
204.13.52.0/22
208.74.148.0/22
208.122.192.0/19
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
01:a4:70:0d:81:99:4c:48:c1:59:da:13:f2:be:ca:0a:f7:27:
b0:2a:1e:a2:9c:38:f6:1a:98:3d:0f:7f:b4:5d:5c:b9:a8:9e:
44:b9:12:db:67:fa:c4:c4:78:56:1f:16:93:91:2b:28:75:f9:
d2:2f:d3:27:43:ea:05:1f:a3:bf:8b:b5:76:6d:76:60:62:c9:
d1:00:ce:14:0b:aa:7e:a3:5e:fb:e3:bf:87:1b:85:e9:2f:a1:
7c:69:5a:0f:0a:31:11:c4:e6:90:e5:13:70:c7:6f:e5:fd:c6:
51:f5:13:be:df:ce:62:62:c8:11:32:8c:a4:ce:99:e1:18:56:
af:70:3a:9d:f5:7c:67:68:62:01:01:9c:e9:1c:cc:3b:45:aa:
c5:08:96:5a:38:df:f3:84:0b:00:5a:a4:f6:af:76:53:dd:ee:
f5:41:f9:b3:e0:8a:09:b2:35:81:5e:c4:f2:d0:7d:32:77:df:
96:4b:37:58:a4:29:0d:64:59:23:70:33:38:d8:f2:38:33:af:
04:e3:03:c6:99:e8:c0:58:54:a6:e4:3b:85:d8:8c:50:69:c8:
35:18:c7:4d:c9:a8:59:96:d7:2f:67:27:5a:2d:7a:ae:3e:e6:
55:1a:30:3a:89:ed:54:53:3c:0f:3d:d8:d1:17:75:d8:8e:69:
ca:90:ff:9f
-----BEGIN CERTIFICATE-----
MIIGkTCCBXmgAwIBAgIUAQ0Mn0MoWEZB5Ee1QBtF/4ZOs4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkM2I3MmM5NjgtZDY3My00YTdhLWJmZWMtNDA3MWE3YmU1
MzE3MB4XDTI0MDYxOTAxMDAyNFoXDTI0MDkxNzAxMDAyNFowLzEtMCsGA1UEAxMk
YWM2OTk5NjUtZWI4Yy00N2YzLWIxYjMtOWZmMWM5MzYxMTNhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnE3mAoBYICVCtYbdMUBiDTbREzpTA7yiWwxV
/5eTHvN0TeqgndozXuV5viG1G32HBLGtctMgEjvluvrgzwqhNd3h3O8Sir8/hCko
kfjCFumW3+/XAojEMHeRFxZDRwsaAPc3ZUlDhOxz+hBpJxT9yZ1s5soGRn+xH9qn
RjLXrM9hECuFUD5kcHwDegY73DL+kp9PGe2bYfW3GSHk/G+Eqa6lWi4OOaQwt/G+
Goe8GXaMvUboqtGLn1jtBrvAPT0qq0bmRF2OKoaOj57QXaqfGvCEm9lQv7evtvNz
+Ze/V6y0FinBRbrMQ5u1kv06AMb0/7O1dTmg6TBmYt/r6H7IeQIDAQABo4IDozCC
A58wHQYDVR0OBBYEFIDnDzzjC7i1+oj2c99huJ2hN+eMMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8zYjcy
Yzk2OC1kNjczLTRhN2EtYmZlYy00MDcxYTdiZTUzMTcvMDg5N2JlMTMtZmJmZC0z
OTBjLTkwNWUtZmQ4ODZjNGE5ODNjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvM2I3MmM5NjgtZDY3My00YTdhLWJm
ZWMtNDA3MWE3YmU1MzE3LzNiNzJjOTY4LWQ2NzMtNGE3YS1iZmVjLTQwNzFhN2Jl
NTMxNy5jcmwwHwYDVR0jBBgwFoAU1NBs4Y/5cx1TIiNtNj849oEDtW8wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi8zYjcyYzk2OC1kNjczLTRhN2EtYmZlYy00MDcx
YTdiZTUzMTcuY2VyMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQGQDtAAwQE
QvSQAwQFSs6gAwQHY8CAAwQCaMF4AwQCovpMAwQEuF6QAwQDxxPIAwQDxztYAwQD
x7ZoAwQDx/FgAwQCzA00AwQC0EqUAwQF0HrAMFQGA1UdIAEB/wRKMEgwRgYIKwYB
BQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3Vy
Y2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBAAGkcA2BmUxIwVna
E/K+ygr3J7AqHqKcOPYamD0Pf7RdXLmonkS5Ettn+sTEeFYfFpORKyh1+dIv0ydD
6gUfo7+LtXZtdmBiydEAzhQLqn6jXvvjv4cbhekvoXxpWg8KMRHE5pDlE3DHb+X9
xlH1E77fzmJiyBEyjKTOmeEYVq9wOp31fGdoYgEBnOkczDtFqsUIllo43/OECwBa
pPavdlPd7vVB+bPgigmyNYFexPLQfTJ335ZLN1ikKQ1kWSNwMzjY8jgzrwTjA8aZ
6MBYVKbkO4XYjFBpyDUYx03JqFmW1y9nJ1oteq4+5lUaMDqJ7VRTPA892NEXddiO
acqQ/58=
-----END CERTIFICATE-----
Generated at Wed Jul 3 15:14:03 2024 by rpki-client on console-fra.rpki-client.org