Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/f240d902-7ba3-4aec-b663-471f0fabfe37/db3a8c9e-f037-32e2-8894-2ea1570cf8cc.roa
File: db3a8c9e-f037-32e2-8894-2ea1570cf8cc.roa (raw, json)
Hash identifier: 6x56g5dMGp/4fICUvmmoAMi2W5KZeo6XwZeLtwajJWo=
Subject key identifier: 0A:36:E0:02:4C:B9:2B:62:20:28:AC:C9:2F:54:48:31:2D:2D:06:F3
Certificate issuer: /CN=f240d902-7ba3-4aec-b663-471f0fabfe37
Certificate serial: 010D0C9F4328576D51CC73C042CFC158BE6A17D6
Authority key identifier: E4:57:D5:28:0C:09:9C:2A:7E:A8:A5:80:B1:6F:F6:B0:BA:4C:F1:1E
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/f240d902-7ba3-4aec-b663-471f0fabfe37.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/f240d902-7ba3-4aec-b663-471f0fabfe37/db3a8c9e-f037-32e2-8894-2ea1570cf8cc.roa
Signing time: Fri 02 Dec 2016 07:22:53 +0000
ROA not before: Thu 01 Dec 2016 05:00:00 +0000
ROA not after: Tue 01 Dec 2026 05:00:00 +0000
asID: 27735
IP address blocks: 216.72.21.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:57:6d:51:cc:73:c0:42:cf:c1:58:be:6a:17:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f240d902-7ba3-4aec-b663-471f0fabfe37
Validity
Not Before: Dec 1 05:00:00 2016 GMT
Not After : Dec 1 05:00:00 2026 GMT
Subject: CN=17d7bad4-5904-4ee7-8f65-ad2741e7d206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7e:6f:c4:58:cc:02:10:31:b4:ed:ad:42:9f:
07:42:88:7f:51:11:01:ca:a2:e8:2b:c9:10:10:40:
59:21:d0:4c:1f:e0:04:d1:17:b6:71:f7:d1:86:43:
0f:2c:6a:c3:91:f9:35:3c:1a:93:56:44:2c:58:3b:
2a:3c:a7:e5:78:49:37:eb:1b:52:76:b1:4e:40:1b:
7c:6d:53:42:e4:5f:59:c9:69:64:2a:5a:bc:37:4c:
cd:93:33:2f:0d:21:c3:09:ce:1e:e8:65:b8:9c:31:
e9:c3:52:e6:45:58:d4:85:36:1e:1a:03:0d:d3:9f:
67:cb:f8:d6:ee:c8:cb:7a:3a:d5:e4:75:39:6d:b8:
c2:2c:65:07:04:7f:ad:b7:f5:d1:5a:a7:12:63:76:
ad:26:79:61:03:89:d3:20:d6:cb:10:10:a6:e8:5b:
cb:c7:2e:4f:91:e6:4e:4e:28:a4:16:92:27:3c:38:
10:8e:0a:7c:b9:ac:55:20:04:ec:ce:49:a6:15:ed:
63:a9:96:c2:5b:bd:b1:00:ef:c0:61:0e:9e:1f:f7:
08:b2:22:54:38:3a:45:3f:a5:3b:ac:08:ca:da:bc:
b4:b1:95:ea:da:94:db:a8:34:b0:f2:a2:d1:c6:0e:
cc:6a:55:2b:ce:56:e0:8a:bf:78:23:13:01:e3:e4:
70:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:36:E0:02:4C:B9:2B:62:20:28:AC:C9:2F:54:48:31:2D:2D:06:F3
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/f240d902-7ba3-4aec-b663-471f0fabfe37/db3a8c9e-f037-32e2-8894-2ea1570cf8cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/f240d902-7ba3-4aec-b663-471f0fabfe37/f240d902-7ba3-4aec-b663-471f0fabfe37.crl
X509v3 Authority Key Identifier:
keyid:E4:57:D5:28:0C:09:9C:2A:7E:A8:A5:80:B1:6F:F6:B0:BA:4C:F1:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/f240d902-7ba3-4aec-b663-471f0fabfe37.cer
sbgp-ipAddrBlock: critical
IPv4:
216.72.21.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
ac:4a:cd:03:00:a9:1b:70:02:a6:92:26:56:6f:82:17:e7:2c:
98:c1:4f:9d:58:a0:94:9e:84:55:b7:60:4f:60:43:10:cf:30:
9b:e8:63:52:9c:a3:bd:e8:db:e2:82:52:d1:1f:28:67:0d:8a:
0d:5b:91:f4:ec:a3:ac:26:68:34:81:2d:7e:0b:a1:e7:e0:b1:
c3:ec:ff:ad:3c:c9:a4:2b:f3:c0:79:5e:1d:e9:f4:6e:33:3a:
30:be:8e:53:de:4c:27:fa:36:4c:90:f3:08:8c:bd:3b:b4:7e:
8d:5a:c5:1e:07:71:d3:79:d1:1c:63:8a:17:c0:a1:3d:f5:23:
b1:47:08:ae:f4:12:72:30:c4:f5:ab:c1:91:fa:2e:26:58:44:
dd:b1:09:6c:a8:71:5a:24:63:16:b3:6d:57:55:c2:c0:20:88:
c9:46:7f:1b:24:7b:06:4e:02:88:6f:43:6a:90:fb:67:d1:90:
e9:64:ae:ce:3c:72:cd:76:c3:64:8e:6f:f2:b9:df:d0:80:32:
80:06:82:e3:48:4b:3b:e8:40:fe:49:37:1f:bf:58:69:11:df:
1d:fc:0b:00:37:b5:57:a9:85:9f:4e:33:97:0c:d7:98:f4:7c:
5c:96:46:a6:0b:71:fd:ca:17:56:a7:13:7c:ed:ee:d1:10:61:
59:ef:5a:2c
-----BEGIN CERTIFICATE-----
MIIGPzCCBSmgAwIBAgIUAQ0Mn0MoV21RzHPAQs/BWL5qF9YwCwYJKoZIhvcNAQEL
MC8xLTArBgNVBAMTJGYyNDBkOTAyLTdiYTMtNGFlYy1iNjYzLTQ3MWYwZmFiZmUz
NzAeFw0xNjEyMDEwNTAwMDBaFw0yNjEyMDEwNTAwMDBaMC8xLTArBgNVBAMTJDE3
ZDdiYWQ0LTU5MDQtNGVlNy04ZjY1LWFkMjc0MWU3ZDIwNjCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMJ+b8RYzAIQMbTtrUKfB0KIf1ERAcqi6CvJEBBA
WSHQTB/gBNEXtnH30YZDDyxqw5H5NTwak1ZELFg7Kjyn5XhJN+sbUnaxTkAbfG1T
QuRfWclpZCpavDdMzZMzLw0hwwnOHuhluJwx6cNS5kVY1IU2HhoDDdOfZ8v41u7I
y3o61eR1OW24wixlBwR/rbf10VqnEmN2rSZ5YQOJ0yDWyxAQpuhby8cuT5HmTk4o
pBaSJzw4EI4KfLmsVSAE7M5JphXtY6mWwlu9sQDvwGEOnh/3CLIiVDg6RT+lO6wI
ytq8tLGV6tqU26g0sPKi0cYOzGpVK85W4Iq/eCMTAePkcNECAwEAAaOCA1UwggNR
MB0GA1UdDgQWBBQKNuACTLkrYiAorMkvVEgxLS0G8zCB5QYIKwYBBQUHAQsEgdgw
gdUwgdIGCCsGAQUFBzALhoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRv
cnkvYXJpbi1ycGtpLXRhLzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIx
NTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvZjI0MGQ5
MDItN2JhMy00YWVjLWI2NjMtNDcxZjBmYWJmZTM3L2RiM2E4YzllLWYwMzctMzJl
Mi04ODk0LTJlYTE1NzBjZjhjYy5yb2EwgdwGA1UdHwSB1DCB0TCBzqCBy6CByIaB
xXJzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81
ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMmEyNDY5NDctMmQ2
Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyL2YyNDBkOTAyLTdiYTMtNGFlYy1iNjYz
LTQ3MWYwZmFiZmUzNy9mMjQwZDkwMi03YmEzLTRhZWMtYjY2My00NzFmMGZhYmZl
MzcuY3JsMB8GA1UdIwQYMBaAFORX1SgMCZwqfqilgLFv9rC6TPEeMA4GA1UdDwEB
/wQEAwIHgDCBwAYIKwYBBQUHAQEEgbMwgbAwga0GCCsGAQUFBzAChoGgcnN5bmM6
Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRhLzVlNGEyM2Vh
LWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMt
YmEwNS04NzE4N2YwMDk5YjIvZjI0MGQ5MDItN2JhMy00YWVjLWI2NjMtNDcxZjBm
YWJmZTM3LmNlcjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANhIFTBUBgNV
HSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3
LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMAsGCSqGSIb3DQEBCwOC
AQEArErNAwCpG3ACppImVm+CF+csmMFPnViglJ6EVbdgT2BDEM8wm+hjUpyjvejb
4oJS0R8oZw2KDVuR9OyjrCZoNIEtfguh5+Cxw+z/rTzJpCvzwHleHen0bjM6ML6O
U95MJ/o2TJDzCIy9O7R+jVrFHgdx03nRHGOKF8ChPfUjsUcIrvQScjDE9avBkfou
JlhE3bEJbKhxWiRjFrNtV1XCwCCIyUZ/GyR7Bk4CiG9DapD7Z9GQ6WSuzjxyzXbD
ZI5v8rnf0IAygAaC40hLO+hA/kk3H79YaRHfHfwLADe1V6mFn04zlwzXmPR8XJZG
pgtx/coXVqcTfO3u0RBhWe9aLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:41:04 2024 by rpki-client on console-ams.rpki-client.org