Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/8e2f3353-82b9-432b-bd94-000bf5cef0c3/afcb60bc-cadb-350f-8ae3-1ca7606a957d.roa
File: afcb60bc-cadb-350f-8ae3-1ca7606a957d.roa (raw, json)
Hash identifier: HfzYHYhkb17IZ3Q58hXIU5TDamjRz625JXpfm5vxfp4=
Subject key identifier: 8B:98:58:F5:B2:96:CE:8B:E6:25:5F:38:79:18:05:C7:5D:4B:92:F9
Certificate issuer: /CN=8e2f3353-82b9-432b-bd94-000bf5cef0c3
Certificate serial: 010D0C9F43285848F65BE59B0C312538E4049AB0
Authority key identifier: B4:B5:6C:64:46:3D:47:EB:DC:A5:0E:CB:D0:7B:9A:33:43:55:40:45
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/8e2f3353-82b9-432b-bd94-000bf5cef0c3.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/8e2f3353-82b9-432b-bd94-000bf5cef0c3/afcb60bc-cadb-350f-8ae3-1ca7606a957d.roa
Signing time: Sat 22 Feb 2025 02:00:38 +0000
ROA not before: Sat 22 Feb 2025 02:00:38 +0000
ROA not after: Fri 23 May 2025 01:00:38 +0000
asID: 21928
IP address blocks: 144.225.0.0/16 maxlen: 24
144.227.0.0/16 maxlen: 24
144.231.0.0/16 maxlen: 24
207.52.0.0/16 maxlen: 24
207.143.0.0/16 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:48:f6:5b:e5:9b:0c:31:25:38:e4:04:9a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e2f3353-82b9-432b-bd94-000bf5cef0c3
Validity
Not Before: Feb 22 02:00:38 2025 GMT
Not After : May 23 01:00:38 2025 GMT
Subject: CN=74911821-5be7-4775-a7a9-33f35f0ab05a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:95:01:d1:81:1b:00:89:72:ca:19:4e:a0:45:
4d:a2:24:1a:7f:b1:ba:5e:55:04:84:8c:72:90:81:
53:06:8c:54:84:78:4f:1d:c3:9c:e4:b6:c4:96:87:
a3:b8:99:9f:5f:82:bc:a7:2f:0d:34:e6:de:f6:77:
5f:8a:ce:1a:41:91:9c:7c:30:0d:c1:0e:ef:b0:66:
d2:77:a7:e7:b3:52:4c:a2:1e:43:ca:98:af:c4:55:
74:22:b6:b7:e7:7d:8a:9b:fa:c1:82:b5:da:e0:09:
e0:76:2b:0e:74:5c:9a:e7:f7:12:94:e3:c5:a3:49:
2b:f7:bf:ef:6a:cb:39:28:95:b8:74:dd:65:50:68:
6a:40:69:74:28:18:e8:ec:82:19:c8:55:05:89:6d:
93:5a:6d:5c:00:d5:2e:17:f9:75:2d:87:c3:28:b1:
65:c9:20:b4:9a:81:b3:1c:73:29:d7:45:88:1e:de:
2b:a6:c7:e5:c1:84:fe:ee:cf:a9:4f:15:97:ec:e0:
6d:d8:62:93:d4:37:87:fe:b4:f7:d4:c7:e7:34:67:
fa:f3:4c:48:cd:46:f0:56:2d:d7:0e:3b:84:df:f4:
78:2d:4e:e3:a2:16:ca:d9:82:70:f4:c3:dc:c1:ef:
65:a8:40:af:b7:d8:c5:b2:95:43:77:a6:b0:4f:0b:
0b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:98:58:F5:B2:96:CE:8B:E6:25:5F:38:79:18:05:C7:5D:4B:92:F9
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/8e2f3353-82b9-432b-bd94-000bf5cef0c3/afcb60bc-cadb-350f-8ae3-1ca7606a957d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/8e2f3353-82b9-432b-bd94-000bf5cef0c3/8e2f3353-82b9-432b-bd94-000bf5cef0c3.crl
X509v3 Authority Key Identifier:
keyid:B4:B5:6C:64:46:3D:47:EB:DC:A5:0E:CB:D0:7B:9A:33:43:55:40:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/8e2f3353-82b9-432b-bd94-000bf5cef0c3.cer
sbgp-ipAddrBlock: critical
IPv4:
144.225.0.0/16
144.227.0.0/16
144.231.0.0/16
207.52.0.0/16
207.143.0.0/16
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
5e:5c:f6:9d:1f:af:91:88:45:a1:34:7e:5f:7a:af:8c:1a:f1:
b6:83:d2:3f:06:3f:19:87:0b:5a:97:2e:fe:79:d7:e9:86:c2:
3c:58:62:e3:46:27:68:58:be:54:df:50:01:71:7d:02:b6:bd:
ca:5e:5c:63:e9:7b:8a:b5:da:92:7d:d6:0e:ca:cd:44:44:8a:
6c:41:c7:6f:5e:92:58:46:01:8f:c6:af:83:0d:35:f6:4a:59:
d6:9f:58:d0:73:65:f0:20:e5:46:98:55:3b:00:41:a6:c8:f6:
a3:e6:55:6e:ab:b9:a2:87:60:23:a3:d9:39:e3:44:ae:c0:0e:
aa:f2:2c:03:94:02:0c:8e:2d:ab:62:be:0e:f8:d9:d5:d4:4f:
5a:51:0f:ef:e1:f5:b9:99:9b:1f:de:22:03:4a:a2:63:5d:26:
d3:97:c3:57:ae:77:e2:6a:8f:a4:e6:f5:bf:be:4e:d5:53:22:
0b:47:e6:4c:5b:c7:93:4d:1a:b6:65:86:c6:68:2c:fa:c2:99:
3d:4c:cf:66:12:44:33:a6:2b:d1:c8:9e:1e:5d:8f:56:10:d7:
e5:54:0f:5e:9c:a2:14:b9:eb:2f:15:d6:d7:61:a9:6a:be:49:
c6:4d:c8:14:7f:2d:a5:35:16:3e:11:b2:1b:fa:48:9f:77:86:
42:a0:c9:e0
-----BEGIN CERTIFICATE-----
MIIGVjCCBT6gAwIBAgIUAQ0Mn0MoWEj2W+WbDDElOOQEmrAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkOGUyZjMzNTMtODJiOS00MzJiLWJkOTQtMDAwYmY1Y2Vm
MGMzMB4XDTI1MDIyMjAyMDAzOFoXDTI1MDUyMzAxMDAzOFowLzEtMCsGA1UEAxMk
NzQ5MTE4MjEtNWJlNy00Nzc1LWE3YTktMzNmMzVmMGFiMDVhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpUB0YEbAIlyyhlOoEVNoiQaf7G6XlUEhIxy
kIFTBoxUhHhPHcOc5LbEloejuJmfX4K8py8NNObe9ndfis4aQZGcfDANwQ7vsGbS
d6fns1JMoh5DypivxFV0Ira3532Km/rBgrXa4AngdisOdFya5/cSlOPFo0kr97/v
ass5KJW4dN1lUGhqQGl0KBjo7IIZyFUFiW2TWm1cANUuF/l1LYfDKLFlySC0moGz
HHMp10WIHt4rpsflwYT+7s+pTxWX7OBt2GKT1DeH/rT31MfnNGf680xIzUbwVi3X
DjuE3/R4LU7johbK2YJw9MPcwe9lqECvt9jFspVDd6awTwsLBwIDAQABo4IDaDCC
A2QwHQYDVR0OBBYEFIuYWPWyls6L5iVfOHkYBcddS5L5MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84ZTJm
MzM1My04MmI5LTQzMmItYmQ5NC0wMDBiZjVjZWYwYzMvYWZjYjYwYmMtY2FkYi0z
NTBmLThhZTMtMWNhNzYwNmE5NTdkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvOGUyZjMzNTMtODJiOS00MzJiLWJk
OTQtMDAwYmY1Y2VmMGMzLzhlMmYzMzUzLTgyYjktNDMyYi1iZDk0LTAwMGJmNWNl
ZjBjMy5jcmwwHwYDVR0jBBgwFoAUtLVsZEY9R+vcpQ7L0HuaM0NVQEUwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi84ZTJmMzM1My04MmI5LTQzMmItYmQ5NC0wMDBi
ZjVjZWYwYzMuY2VyMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwMAkOEDAwCQ
4wMDAJDnAwMAzzQDAwDPjzBUBgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYI
KwYBBQUHAgEWLGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nw
cy5odG1sMA0GCSqGSIb3DQEBCwUAA4IBAQBeXPadH6+RiEWhNH5feq+MGvG2g9I/
Bj8Zhwtaly7+edfphsI8WGLjRidoWL5U31ABcX0Ctr3KXlxj6XuKtdqSfdYOys1E
RIpsQcdvXpJYRgGPxq+DDTX2SlnWn1jQc2XwIOVGmFU7AEGmyPaj5lVuq7mih2Aj
o9k540SuwA6q8iwDlAIMji2rYr4O+NnV1E9aUQ/v4fW5mZsf3iIDSqJjXSbTl8NX
rnfiao+k5vW/vk7VUyILR+ZMW8eTTRq2ZYbGaCz6wpk9TM9mEkQzpivRyJ4eXY9W
ENflVA9enKIUuesvFdbXYalqvknGTcgUfy2lNRY+EbIb+kifd4ZCoMng
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:09:35 2025 by rpki-client