Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/d83539c0-0fff-4aa2-ab8d-7b5d0ff19a4f/490d81ad-ff59-31f9-84d5-299e90f2bedc.roa
File: 490d81ad-ff59-31f9-84d5-299e90f2bedc.roa (raw, json)
Hash identifier: 3WUYuP/MRMwsbeSDTgtRlg/2rjNQOC7CeuSW5x0H1cg=
Subject key identifier: BD:DD:6E:E9:31:D2:C4:02:2C:D1:55:3A:7D:3D:68:03:04:EB:E7:8E
Certificate issuer: /CN=d83539c0-0fff-4aa2-ab8d-7b5d0ff19a4f
Certificate serial: 010D0C9F43285844B719394CD630CFC31BEB88C0
Authority key identifier: BF:EC:FB:C8:BA:3B:E0:02:D2:A9:E3:26:E7:D9:2D:E4:5A:A8:C6:20
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/d83539c0-0fff-4aa2-ab8d-7b5d0ff19a4f.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/d83539c0-0fff-4aa2-ab8d-7b5d0ff19a4f/490d81ad-ff59-31f9-84d5-299e90f2bedc.roa
Signing time: Mon 29 Jan 2024 15:02:53 +0000
ROA not before: Mon 29 Jan 2024 15:02:53 +0000
ROA not after: Sun 28 Apr 2024 14:02:53 +0000
asID: 14638
IP address blocks: 24.55.64.0/18 maxlen: 18
24.42.0.0/18 maxlen: 18
24.41.128.0/17 maxlen: 17
24.48.192.0/18 maxlen: 18
24.50.192.0/18 maxlen: 18
24.54.192.0/18 maxlen: 18
24.55.160.0/19 maxlen: 19
24.137.224.0/19 maxlen: 19
24.138.192.0/18 maxlen: 18
24.139.64.0/18 maxlen: 18
24.139.128.0/17 maxlen: 17
24.157.16.0/20 maxlen: 20
24.171.192.0/18 maxlen: 18
24.227.0.0/19 maxlen: 19
70.45.0.0/16 maxlen: 16
74.115.200.0/22 maxlen: 22
74.213.64.0/18 maxlen: 18
104.244.180.0/22 maxlen: 22
162.212.160.0/21 maxlen: 21
162.220.96.0/21 maxlen: 21
172.85.120.0/22 maxlen: 22
192.155.158.0/23 maxlen: 23
198.245.96.0/20 maxlen: 20
199.27.96.0/21 maxlen: 21
206.248.64.0/18 maxlen: 18
2604:b000::/32 maxlen: 32
2605:ba00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:44:b7:19:39:4c:d6:30:cf:c3:1b:eb:88:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d83539c0-0fff-4aa2-ab8d-7b5d0ff19a4f
Validity
Not Before: Jan 29 15:02:53 2024 GMT
Not After : Apr 28 14:02:53 2024 GMT
Subject: CN=4aeb6915-1059-4152-b2b5-c0329a7eb154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b3:03:48:4f:7f:46:72:7b:12:51:fd:db:5b:
05:0f:4f:56:30:51:63:c7:ab:2a:1a:1a:62:db:57:
c8:c3:32:b9:53:aa:b3:ba:fd:2d:ed:b7:c7:d6:8f:
d2:9b:58:08:46:ab:cc:0e:a6:07:14:be:be:08:b6:
4d:34:8b:7f:04:51:86:18:67:17:02:97:97:6f:00:
4d:ce:cf:22:6e:78:96:f9:68:db:28:bb:62:a4:d1:
7b:f5:43:31:8d:8d:6e:50:6e:2f:67:de:ac:30:ca:
5f:23:ac:37:0c:c1:a3:eb:fc:ba:c8:7c:a0:02:4e:
70:54:48:7d:9b:6f:c2:38:8a:12:7f:86:f4:9d:54:
dd:db:7d:2d:a0:7e:7c:83:14:c7:97:8d:76:a6:bd:
63:d1:60:3c:37:31:90:48:55:bc:b9:ef:17:3e:88:
76:a5:18:63:7a:5c:c1:27:bf:67:8e:95:78:58:63:
d3:05:35:ea:21:98:4b:8c:02:b8:02:4c:d0:b0:a2:
94:c3:9f:28:93:1c:c4:48:6c:c6:ed:d8:57:43:65:
40:09:09:b2:73:6e:b0:37:83:54:b9:d3:ee:69:af:
dd:63:80:fd:40:ff:36:81:aa:49:a8:b2:ad:f9:3a:
be:57:91:32:38:31:52:5a:08:7b:44:3e:3a:68:63:
9e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:DD:6E:E9:31:D2:C4:02:2C:D1:55:3A:7D:3D:68:03:04:EB:E7:8E
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/d83539c0-0fff-4aa2-ab8d-7b5d0ff19a4f/490d81ad-ff59-31f9-84d5-299e90f2bedc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/d83539c0-0fff-4aa2-ab8d-7b5d0ff19a4f/d83539c0-0fff-4aa2-ab8d-7b5d0ff19a4f.crl
X509v3 Authority Key Identifier:
keyid:BF:EC:FB:C8:BA:3B:E0:02:D2:A9:E3:26:E7:D9:2D:E4:5A:A8:C6:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/d83539c0-0fff-4aa2-ab8d-7b5d0ff19a4f.cer
sbgp-ipAddrBlock: critical
IPv4:
24.41.128.0-24.42.63.255
24.48.192.0/18
24.50.192.0/18
24.54.192.0/18
24.55.64.0/18
24.55.160.0/19
24.137.224.0/19
24.138.192.0/18
24.139.64.0-24.139.255.255
24.157.16.0/20
24.171.192.0/18
24.227.0.0/19
70.45.0.0/16
74.115.200.0/22
74.213.64.0/18
104.244.180.0/22
162.212.160.0/21
162.220.96.0/21
172.85.120.0/22
192.155.158.0/23
198.245.96.0/20
199.27.96.0/21
206.248.64.0/18
IPv6:
2604:b000::/32
2605:ba00::/32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
20:d5:50:80:64:7b:1b:d1:91:02:be:fa:7c:6e:0f:eb:4b:d1:
ed:97:57:bf:56:d9:4b:76:89:73:6c:ab:9f:be:1b:9d:dc:1d:
5e:37:b0:fc:35:4f:ca:6b:23:98:2d:12:8a:05:46:4a:3c:89:
3c:5c:1b:a9:06:e4:d4:5c:3f:f6:b6:0e:0c:fe:35:58:04:c9:
c3:f9:3b:12:66:8e:77:64:e1:44:ce:e8:ee:a8:0a:bd:86:73:
d2:7f:9f:ba:4d:07:0a:5b:ff:97:49:26:5b:06:94:90:b6:d3:
8a:37:62:06:e8:eb:78:7b:bb:09:e1:84:0d:86:b5:f0:83:c8:
ed:6e:80:bf:11:97:1f:68:c8:06:ea:b0:56:ec:1a:2b:28:9c:
f1:97:02:81:11:41:c6:5b:28:ee:d5:20:98:e4:a8:20:23:98:
14:c5:a9:fc:5d:b4:ff:83:55:ca:c3:cb:3f:f0:ba:14:30:8e:
e5:b5:54:5d:5c:53:28:da:e3:39:41:81:7e:ac:50:73:4d:55:
98:46:08:69:8b:7a:80:1e:9a:c2:0d:73:4e:95:b3:cc:a9:b8:
18:47:e3:9c:c8:88:50:2d:77:93:1d:a4:c7:da:1f:01:9a:51:
a4:11:47:31:5b:39:ba:15:be:54:76:68:3b:d6:42:5e:a2:a6:
e3:99:61:c6
-----BEGIN CERTIFICATE-----
MIIG8DCCBdigAwIBAgIUAQ0Mn0MoWES3GTlM1jDPwxvriMAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZDgzNTM5YzAtMGZmZi00YWEyLWFiOGQtN2I1ZDBmZjE5
YTRmMB4XDTI0MDEyOTE1MDI1M1oXDTI0MDQyODE0MDI1M1owLzEtMCsGA1UEAxMk
NGFlYjY5MTUtMTA1OS00MTUyLWIyYjUtYzAzMjlhN2ViMTU0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobMDSE9/RnJ7ElH921sFD09WMFFjx6sqGhpi
21fIwzK5U6qzuv0t7bfH1o/Sm1gIRqvMDqYHFL6+CLZNNIt/BFGGGGcXApeXbwBN
zs8ibniW+WjbKLtipNF79UMxjY1uUG4vZ96sMMpfI6w3DMGj6/y6yHygAk5wVEh9
m2/COIoSf4b0nVTd230toH58gxTHl412pr1j0WA8NzGQSFW8ue8XPoh2pRhjelzB
J79njpV4WGPTBTXqIZhLjAK4AkzQsKKUw58okxzESGzG7dhXQ2VACQmyc26wN4NU
udPuaa/dY4D9QP82gapJqLKt+Tq+V5EyODFSWgh7RD46aGOeAwIDAQABo4IEAjCC
A/4wHQYDVR0OBBYEFL3dbukx0sQCLNFVOn09aAME6+eOMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzRhYjdhZTRkLWJkN2ItNGIzMy05YTg4LTViMjJkMmE4MzM3ZC9kODM1
MzljMC0wZmZmLTRhYTItYWI4ZC03YjVkMGZmMTlhNGYvNDkwZDgxYWQtZmY1OS0z
MWY5LTg0ZDUtMjk5ZTkwZjJiZWRjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy80YWI3YWU0ZC1i
ZDdiLTRiMzMtOWE4OC01YjIyZDJhODMzN2QvZDgzNTM5YzAtMGZmZi00YWEyLWFi
OGQtN2I1ZDBmZjE5YTRmL2Q4MzUzOWMwLTBmZmYtNGFhMi1hYjhkLTdiNWQwZmYx
OWE0Zi5jcmwwHwYDVR0jBBgwFoAUv+z7yLo74ALSqeMm59kt5FqoxiAwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzRhYjdhZTRkLWJkN2ItNGIz
My05YTg4LTViMjJkMmE4MzM3ZC9kODM1MzljMC0wZmZmLTRhYTItYWI4ZC03YjVk
MGZmMTlhNGYuY2VyMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBnwQCAAEwgZgwDAME
BxgpgAMEBhgqAAMEBhgwwAMEBhgywAMEBhg2wAMEBhg3QAMEBRg3oAMEBRiJ4AME
BhiKwDALAwQGGItAAwMCGIgDBAQYnRADBAYYq8ADBAUY4wADAwBGLQMEAkpzyAME
BkrVQAMEAmj0tAMEA6LUoAMEA6LcYAMEAqxVeAMEAcCbngMEBMb1YAMEA8cbYAME
Bs74QDAUBAIAAjAOAwUAJgSwAAMFACYFugAwVAYDVR0gAQH/BEowSDBGBggrBgEF
BQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5ldC9yZXNvdXJj
ZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAINVQgGR7G9GRAr76
fG4P60vR7ZdXv1bZS3aJc2yrn74bndwdXjew/DVPymsjmC0SigVGSjyJPFwbqQbk
1Fw/9rYODP41WATJw/k7EmaOd2ThRM7o7qgKvYZz0n+fuk0HClv/l0kmWwaUkLbT
ijdiBujreHu7CeGEDYa18IPI7W6AvxGXH2jIBuqwVuwaKyic8ZcCgRFBxlso7tUg
mOSoICOYFMWp/F20/4NVysPLP/C6FDCO5bVUXVxTKNrjOUGBfqxQc01VmEYIaYt6
gB6awg1zTpWzzKm4GEfjnMiIUC13kx2kx9ofAZpRpBFHMVs5uhW+VHZoO9ZCXqKm
45lhxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:09:12 2024 by rpki-client on console-fra.rpki-client.org