Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/480e68d2-5883-4233-9f17-992a2ca71e2b/9b3b8bf0-a52a-31b1-a604-9a7f01fc9cc9.roa
File: 9b3b8bf0-a52a-31b1-a604-9a7f01fc9cc9.roa (raw, json)
Hash identifier: Mt4v7RVTg8zpEumcWdqWlK9si+LU8VAv1lJCBYZ6L78=
Subject key identifier: 18:FB:C3:B5:A8:65:6D:4C:FB:C1:2C:F3:ED:9D:EF:01:0E:78:2C:B9
Certificate issuer: /CN=480e68d2-5883-4233-9f17-992a2ca71e2b
Certificate serial: 010D0C9F4328583A36B57F9A29A7B7CC60D80D80
Authority key identifier: 26:9B:1E:68:03:C3:09:69:E3:8A:E5:95:A7:3F:33:33:66:8A:5F:0C
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/480e68d2-5883-4233-9f17-992a2ca71e2b.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/480e68d2-5883-4233-9f17-992a2ca71e2b/9b3b8bf0-a52a-31b1-a604-9a7f01fc9cc9.roa
Signing time: Tue 23 Jun 2020 04:00:00 +0000
ROA not before: Tue 23 Jun 2020 04:00:00 +0000
ROA not after: Sun 23 Jun 2030 04:00:00 +0000
asID: 19531
IP address blocks: 107.155.128.0/18 maxlen: 24
155.94.64.0/19 maxlen: 24
23.239.64.0/19 maxlen: 24
184.175.192.0/18 maxlen: 24
162.216.152.0/21 maxlen: 24
162.216.0.0/22 maxlen: 24
199.48.160.0/21 maxlen: 24
23.92.80.0/20 maxlen: 24
208.84.132.0/22 maxlen: 24
2604:4600::/28 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:3a:36:b5:7f:9a:29:a7:b7:cc:60:d8:0d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=480e68d2-5883-4233-9f17-992a2ca71e2b
Validity
Not Before: Jun 23 04:00:00 2020 GMT
Not After : Jun 23 04:00:00 2030 GMT
Subject: CN=b4299b8e-8960-43da-a6de-050c90d38f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:dd:02:7e:ad:8c:90:aa:ce:a6:1e:ef:e1:63:
0b:5a:6b:61:c2:2d:a6:de:16:48:be:68:74:cb:1a:
84:e1:83:36:a9:83:31:3e:f8:79:f5:3b:94:f6:0b:
b2:9d:fd:ab:5c:9e:fd:a0:00:00:fc:c1:02:f6:a1:
83:64:23:c6:54:8a:42:d3:cd:c7:3c:18:6a:65:45:
74:f6:65:2f:30:28:73:38:47:47:3b:dd:e6:9b:95:
fe:f7:e1:20:a3:46:90:d4:ed:0d:c6:40:a5:d1:e7:
58:82:fb:44:9b:24:82:d9:1b:84:ad:fe:35:df:3f:
9b:87:c1:9a:af:79:bb:88:a9:a4:00:18:ca:61:2e:
1e:f6:1b:d0:f8:25:14:0e:73:bc:a4:db:cd:dd:7d:
db:59:94:60:71:d1:dd:9e:4e:ce:99:ad:c6:dd:78:
c8:62:5d:aa:55:94:71:52:4f:76:04:18:8c:05:f5:
c4:cb:86:39:b4:8b:71:45:68:14:54:14:3d:93:03:
ab:06:5b:f9:e9:c0:a3:87:dc:1d:41:8c:63:b1:77:
82:18:d6:60:0c:26:58:17:71:90:2c:7f:dd:ee:35:
fd:f3:0c:5d:1c:b7:d1:f2:df:7b:da:74:17:cb:48:
85:db:40:65:f2:0e:44:66:a3:21:3f:71:d6:a1:b6:
1c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:FB:C3:B5:A8:65:6D:4C:FB:C1:2C:F3:ED:9D:EF:01:0E:78:2C:B9
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/480e68d2-5883-4233-9f17-992a2ca71e2b/9b3b8bf0-a52a-31b1-a604-9a7f01fc9cc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/480e68d2-5883-4233-9f17-992a2ca71e2b/480e68d2-5883-4233-9f17-992a2ca71e2b.crl
X509v3 Authority Key Identifier:
keyid:26:9B:1E:68:03:C3:09:69:E3:8A:E5:95:A7:3F:33:33:66:8A:5F:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/480e68d2-5883-4233-9f17-992a2ca71e2b.cer
sbgp-ipAddrBlock: critical
IPv4:
23.92.80.0/20
23.239.64.0/19
107.155.128.0/18
155.94.64.0/19
162.216.0.0/22
162.216.152.0/21
184.175.192.0/18
199.48.160.0/21
208.84.132.0/22
IPv6:
2604:4600::/28
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
99:01:c6:dd:f8:13:24:cf:c3:16:73:24:84:23:93:cb:09:b6:
41:75:84:f5:9f:e4:8c:b1:b6:df:06:21:fa:2e:25:d5:a9:77:
ad:da:d7:ed:4c:1b:cb:af:52:bd:30:63:2c:8b:eb:ff:f8:11:
67:8e:74:98:9d:b6:08:0a:af:a6:bf:fa:b3:23:1c:dd:de:77:
dc:b7:af:c4:28:ca:3e:ec:71:bb:0c:77:67:a0:d3:58:c3:66:
c1:d8:f6:1d:21:c4:f6:6b:d5:f8:ac:05:89:b5:d0:33:38:e2:
a1:58:44:d6:9d:ab:2e:41:b3:de:f2:a7:75:0b:2b:0e:f8:53:
1f:3c:42:f1:78:ba:32:5e:15:88:56:6a:a4:24:d3:8f:1b:de:
88:f8:b6:bf:52:62:cb:4a:d6:e3:1e:a2:72:6b:8a:34:0e:6d:
74:bf:85:6e:f3:cc:d8:c0:f7:d8:ff:fa:7f:b4:0c:70:af:42:
6b:53:45:b7:74:44:2f:f2:af:f7:9b:97:f2:d7:c4:7a:c5:fa:
df:80:52:db:3c:8c:0d:36:4d:31:4b:57:c6:c6:5d:4e:97:7a:
11:91:43:19:3d:cd:18:de:9c:6d:03:89:1c:cd:ba:99:83:92:
4e:ae:c6:10:7e:a9:32:ec:b4:a6:0a:6b:d7:17:90:f6:98:17:
0a:58:ef:75
-----BEGIN CERTIFICATE-----
MIIGgjCCBWqgAwIBAgIUAQ0Mn0MoWDo2tX+aKae3zGDYDYAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDgwZTY4ZDItNTg4My00MjMzLTlmMTctOTkyYTJjYTcx
ZTJiMB4XDTIwMDYyMzA0MDAwMFoXDTMwMDYyMzA0MDAwMFowLzEtMCsGA1UEAxMk
YjQyOTliOGUtODk2MC00M2RhLWE2ZGUtMDUwYzkwZDM4ZjkxMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg90Cfq2MkKrOph7v4WMLWmthwi2m3hZIvmh0
yxqE4YM2qYMxPvh59TuU9guynf2rXJ79oAAA/MEC9qGDZCPGVIpC083HPBhqZUV0
9mUvMChzOEdHO93mm5X+9+Ego0aQ1O0NxkCl0edYgvtEmySC2RuErf413z+bh8Ga
r3m7iKmkABjKYS4e9hvQ+CUUDnO8pNvN3X3bWZRgcdHdnk7Oma3G3XjIYl2qVZRx
Uk92BBiMBfXEy4Y5tItxRWgUVBQ9kwOrBlv56cCjh9wdQYxjsXeCGNZgDCZYF3GQ
LH/d7jX98wxdHLfR8t972nQXy0iF20Bl8g5EZqMhP3HWobYc2QIDAQABo4IDlDCC
A5AwHQYDVR0OBBYEFBj7w7WoZW1M+8Es8+2d7wEOeCy5MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80ODBl
NjhkMi01ODgzLTQyMzMtOWYxNy05OTJhMmNhNzFlMmIvOWIzYjhiZjAtYTUyYS0z
MWIxLWE2MDQtOWE3ZjAxZmM5Y2M5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNDgwZTY4ZDItNTg4My00MjMzLTlm
MTctOTkyYTJjYTcxZTJiLzQ4MGU2OGQyLTU4ODMtNDIzMy05ZjE3LTk5MmEyY2E3
MWUyYi5jcmwwHwYDVR0jBBgwFoAUJpseaAPDCWnjiuWVpz8zM2aKXwwwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi80ODBlNjhkMi01ODgzLTQyMzMtOWYxNy05OTJh
MmNhNzFlMmIuY2VyMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEF1xQAwQF
F+9AAwQGa5uAAwQFm15AAwQCotgAAwQDotiYAwQGuK/AAwQDxzCgAwQC0FSEMA0E
AgACMAcDBQQmBEYAMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEF
BQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0
bWwwDQYJKoZIhvcNAQELBQADggEBAJkBxt34EyTPwxZzJIQjk8sJtkF1hPWf5Iyx
tt8GIfouJdWpd63a1+1MG8uvUr0wYyyL6//4EWeOdJidtggKr6a/+rMjHN3ed9y3
r8Qoyj7scbsMd2eg01jDZsHY9h0hxPZr1fisBYm10DM44qFYRNadqy5Bs97yp3UL
Kw74Ux88QvF4ujJeFYhWaqQk048b3oj4tr9SYstK1uMeonJrijQObXS/hW7zzNjA
99j/+n+0DHCvQmtTRbd0RC/yr/ebl/LXxHrF+t+AUts8jA02TTFLV8bGXU6XehGR
Qxk9zRjenG0DiRzNupmDkk6uxhB+qTLstKYKa9cXkPaYFwpY73U=
-----END CERTIFICATE-----
Generated at Fri Mar 14 10:31:37 2025 by rpki-client