Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/8ed3050a-4605-4094-b331-bb0f8758defe/cd5a47f0-daad-3ca1-81fa-28febbb10070.roa
File: cd5a47f0-daad-3ca1-81fa-28febbb10070.roa (raw, json)
Hash identifier: O08oaWP5TIbVpgOvqXXO+wpLvZDOKYsPgnqCIn4hDzg=
Subject key identifier: BE:42:0D:40:93:42:46:3A:D3:31:90:7D:AB:8E:5A:F2:D8:2C:C4:FA
Certificate issuer: /CN=8ed3050a-4605-4094-b331-bb0f8758defe
Certificate serial: 010D0C9F432858441D6E93671A648711C541F8A0
Authority key identifier: 71:9F:75:9E:B9:F2:FD:37:B2:4F:F9:8B:EF:63:71:8E:C0:4E:4C:0F
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/8ed3050a-4605-4094-b331-bb0f8758defe.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/8ed3050a-4605-4094-b331-bb0f8758defe/cd5a47f0-daad-3ca1-81fa-28febbb10070.roa
Signing time: Tue 05 Dec 2023 14:00:21 +0000
ROA not before: Tue 05 Dec 2023 14:00:21 +0000
ROA not after: Mon 04 Mar 2024 14:00:21 +0000
asID: 237
IP address blocks: 35.71.0.0/18 maxlen: 18
35.68.0.0/15 maxlen: 15
35.64.0.0/14 maxlen: 14
35.0.0.0/10 maxlen: 10
35.8.0.0/13 maxlen: 13
35.70.0.0/16 maxlen: 16
192.122.182.0/23 maxlen: 23
192.122.192.0/21 maxlen: 21
192.122.200.0/24 maxlen: 24
192.203.195.0/24 maxlen: 24
207.72.0.0/14 maxlen: 14
198.108.0.0/14 maxlen: 14
204.38.0.0/15 maxlen: 15
192.122.184.0/24 maxlen: 24
192.122.184.0/21 maxlen: 21
192.122.181.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:44:1d:6e:93:67:1a:64:87:11:c5:41:f8:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ed3050a-4605-4094-b331-bb0f8758defe
Validity
Not Before: Dec 5 14:00:21 2023 GMT
Not After : Mar 4 14:00:21 2024 GMT
Subject: CN=21a7a8a4-0c1d-4663-a101-36daff3a013f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:be:bc:55:20:8d:ea:a0:32:bc:26:3e:54:e4:
74:b1:97:f3:00:6b:02:42:02:c9:78:7a:4e:16:00:
d5:18:e2:37:f8:20:8c:9b:d3:43:84:d9:14:36:6d:
c3:e6:95:2d:b6:3f:f1:58:11:d4:e1:08:43:cc:7d:
9c:ef:3b:92:08:36:dd:95:ee:b0:88:94:a5:51:9d:
e2:2f:9d:06:2d:86:5a:06:83:1c:32:30:77:c8:7e:
42:b4:34:e6:27:88:16:f3:18:af:c0:57:ef:69:f8:
a4:ca:d9:6d:ea:f6:56:e8:cf:aa:6a:ed:58:8f:7a:
8e:b1:a5:e8:3e:70:85:7f:ae:33:00:6c:15:71:4a:
78:b9:dc:b7:36:08:d5:d8:96:98:7c:49:83:b9:b3:
09:7c:bf:ff:3e:b1:14:45:b9:e1:df:36:59:dd:7f:
a7:2b:ec:64:48:dd:c7:7a:60:1d:da:bb:d0:75:2b:
70:64:fc:64:bf:a9:70:a1:30:fa:42:a8:2f:81:0a:
4a:8a:6d:ea:d8:bd:6c:c5:9c:44:d2:86:4c:3f:2e:
35:47:46:65:e7:25:48:2e:26:2b:f4:c8:29:01:aa:
54:60:8d:50:1f:ba:63:5b:35:26:5e:dc:05:6e:fa:
50:21:93:b1:23:37:bf:cf:be:d4:f7:09:88:bc:36:
52:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:42:0D:40:93:42:46:3A:D3:31:90:7D:AB:8E:5A:F2:D8:2C:C4:FA
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/8ed3050a-4605-4094-b331-bb0f8758defe/cd5a47f0-daad-3ca1-81fa-28febbb10070.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/8ed3050a-4605-4094-b331-bb0f8758defe/8ed3050a-4605-4094-b331-bb0f8758defe.crl
X509v3 Authority Key Identifier:
keyid:71:9F:75:9E:B9:F2:FD:37:B2:4F:F9:8B:EF:63:71:8E:C0:4E:4C:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/8ed3050a-4605-4094-b331-bb0f8758defe.cer
sbgp-ipAddrBlock: critical
IPv4:
35.0.0.0-35.71.63.255
192.122.181.0-192.122.200.255
192.203.195.0/24
198.108.0.0/14
204.38.0.0/15
207.72.0.0/14
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
8a:13:10:bf:93:c6:a6:e9:04:93:1a:a7:7e:16:33:7b:ac:d8:
d2:a0:8f:f7:94:a1:ef:a2:4f:7d:6c:dc:eb:52:97:99:69:8f:
bf:d8:99:21:7a:d9:71:0f:ee:89:2a:e0:b5:06:22:8d:44:14:
5c:86:12:7a:46:40:98:84:05:38:9a:2a:2d:96:20:0f:e9:36:
62:58:c3:d7:d9:ae:cc:2e:67:d3:6b:19:0a:44:55:5d:29:1b:
5c:8d:2e:f9:86:9c:39:e0:32:4c:f3:06:6f:4f:bb:b6:d0:a1:
e3:9b:33:99:27:1c:a8:9a:0c:7e:53:7f:59:0e:4d:ab:dc:5a:
35:28:0f:b9:91:7d:af:9e:7f:02:67:6a:5c:12:5b:87:70:91:
6d:e7:b5:ac:7a:da:e1:a9:ed:8e:3e:ea:cd:fc:27:f2:aa:f6:
24:3a:a9:f9:4c:71:93:8e:29:01:d6:05:7a:fd:eb:09:db:7d:
46:ea:74:b9:f3:50:04:18:61:17:f8:f0:bc:59:ff:a1:02:29:
b4:4a:6b:ab:a4:64:97:63:82:b9:58:59:6d:ff:06:03:40:4a:
d1:63:54:7d:86:ad:2e:02:69:1d:db:dc:f1:f1:37:e9:54:d0:
cb:db:83:f7:b2:6e:98:7d:80:3d:ed:dd:b3:fe:c1:c7:2d:d0:
fe:45:95:11
-----BEGIN CERTIFICATE-----
MIIGbDCCBVSgAwIBAgIUAQ0Mn0MoWEQdbpNnGmSHEcVB+KAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkOGVkMzA1MGEtNDYwNS00MDk0LWIzMzEtYmIwZjg3NThk
ZWZlMB4XDTIzMTIwNTE0MDAyMVoXDTI0MDMwNDE0MDAyMVowLzEtMCsGA1UEAxMk
MjFhN2E4YTQtMGMxZC00NjYzLWExMDEtMzZkYWZmM2EwMTNmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2L68VSCN6qAyvCY+VOR0sZfzAGsCQgLJeHpO
FgDVGOI3+CCMm9NDhNkUNm3D5pUttj/xWBHU4QhDzH2c7zuSCDbdle6wiJSlUZ3i
L50GLYZaBoMcMjB3yH5CtDTmJ4gW8xivwFfvafikytlt6vZW6M+qau1Yj3qOsaXo
PnCFf64zAGwVcUp4udy3NgjV2JaYfEmDubMJfL//PrEURbnh3zZZ3X+nK+xkSN3H
emAd2rvQdStwZPxkv6lwoTD6QqgvgQpKim3q2L1sxZxE0oZMPy41R0Zl5yVILiYr
9MgpAapUYI1QH7pjWzUmXtwFbvpQIZOxIze/z77U9wmIvDZS9wIDAQABo4IDfjCC
A3owHQYDVR0OBBYEFL5CDUCTQkY60zGQfauOWvLYLMT6MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84ZWQz
MDUwYS00NjA1LTQwOTQtYjMzMS1iYjBmODc1OGRlZmUvY2Q1YTQ3ZjAtZGFhZC0z
Y2ExLTgxZmEtMjhmZWJiYjEwMDcwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvOGVkMzA1MGEtNDYwNS00MDk0LWIz
MzEtYmIwZjg3NThkZWZlLzhlZDMwNTBhLTQ2MDUtNDA5NC1iMzMxLWJiMGY4NzU4
ZGVmZS5jcmwwHwYDVR0jBBgwFoAUcZ91nrny/TeyT/mL72NxjsBOTA8wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi84ZWQzMDUwYS00NjA1LTQwOTQtYjMzMS1iYjBm
ODc1OGRlZmUuY2VyMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAATAvMAoDAgAjAwQG
I0cAMAwDBADAerUDBADAesgDBADAy8MDAwLGbAMDAcwmAwMCz0gwVAYDVR0gAQH/
BEowSDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmlu
Lm5ldC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEA
ihMQv5PGpukEkxqnfhYze6zY0qCP95Sh76JPfWzc61KXmWmPv9iZIXrZcQ/uiSrg
tQYijUQUXIYSekZAmIQFOJoqLZYgD+k2YljD19muzC5n02sZCkRVXSkbXI0u+Yac
OeAyTPMGb0+7ttCh45szmSccqJoMflN/WQ5Nq9xaNSgPuZF9r55/AmdqXBJbh3CR
bee1rHra4antjj7qzfwn8qr2JDqp+Uxxk44pAdYFev3rCdt9Rup0ufNQBBhhF/jw
vFn/oQIptEprq6Rkl2OCuVhZbf8GA0BK0WNUfYatLgJpHdvc8fE36VTQy9uD97Ju
mH2APe3ds/7Bxy3Q/kWVEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:40:21 2024 by rpki-client on console-ams.rpki-client.org