Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/1265cc41-1464-4ca3-818d-917a36c8afca/f68dca29-8e32-39ca-87ce-39c318f823b4.roa
File: f68dca29-8e32-39ca-87ce-39c318f823b4.roa (raw, json)
Hash identifier: Jf8hvw65NqnQZtwsz57Z50N+DEzQlexIRphq9I8+VUc=
Subject key identifier: 21:02:16:27:88:7F:99:5F:E3:BB:84:B9:06:31:17:68:F5:BF:7F:EB
Certificate issuer: /CN=1265cc41-1464-4ca3-818d-917a36c8afca
Certificate serial: 010D0C9F43285847537B59009B7E1A6200D8FE80
Authority key identifier: 33:F2:2A:43:E3:17:30:45:4E:10:FE:49:6A:9A:EC:86:29:34:ED:C3
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/1265cc41-1464-4ca3-818d-917a36c8afca.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/1265cc41-1464-4ca3-818d-917a36c8afca/f68dca29-8e32-39ca-87ce-39c318f823b4.roa
Signing time: Wed 25 Sep 2024 01:00:31 +0000
ROA not before: Wed 25 Sep 2024 01:00:31 +0000
ROA not after: Tue 24 Dec 2024 02:00:31 +0000
asID: 32329
IP address blocks: 23.135.32.0/24 maxlen: 24
158.51.80.0/22 maxlen: 24
170.39.168.0/22 maxlen: 24
2604:b2c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:47:53:7b:59:00:9b:7e:1a:62:00:d8:fe:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1265cc41-1464-4ca3-818d-917a36c8afca
Validity
Not Before: Sep 25 01:00:31 2024 GMT
Not After : Dec 24 02:00:31 2024 GMT
Subject: CN=3e4ad836-8da9-4e13-9f5d-0e70c5ec8cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:84:aa:38:34:c6:3d:d6:b9:32:b4:b7:31:e6:
ca:e2:8f:f3:1f:86:35:44:b1:20:b1:31:82:5c:af:
90:27:f5:54:9d:cd:10:56:27:40:a9:b4:4a:5e:43:
f3:70:f7:72:d8:d8:e3:d6:04:84:6e:29:8b:9a:55:
73:23:60:2d:4b:a5:1d:06:d6:df:bf:fc:e3:6e:f1:
88:fa:9f:b7:55:3e:4e:f3:b3:67:8f:bb:86:14:6f:
49:63:72:a2:92:6a:33:6b:da:c1:cb:2f:ca:93:55:
79:6a:e1:5b:0e:66:cd:aa:c7:22:bb:4c:f6:82:03:
3e:15:90:91:c7:f7:37:47:b9:0d:98:77:b8:28:a7:
2a:dd:3c:9b:d7:a0:c3:45:fa:37:8f:82:1d:5d:e8:
f7:61:fb:85:59:7c:c1:b2:d6:a0:a3:ac:3b:0c:f8:
d2:f5:b0:46:f5:2e:7b:17:35:c0:5d:ba:ed:3b:2e:
9f:90:38:b4:d7:01:12:c7:1f:06:51:54:2f:d6:e8:
10:9a:40:d2:2a:f5:4b:3d:4e:8f:38:a2:6d:22:00:
6d:7f:75:80:e8:cd:26:50:58:fc:9b:bb:d2:1e:17:
ca:40:96:50:89:93:17:8d:1a:2e:0f:8d:18:0f:c2:
c7:80:1e:b9:27:f5:ca:46:a9:ef:77:aa:2b:32:33:
2f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:02:16:27:88:7F:99:5F:E3:BB:84:B9:06:31:17:68:F5:BF:7F:EB
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/1265cc41-1464-4ca3-818d-917a36c8afca/f68dca29-8e32-39ca-87ce-39c318f823b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/1265cc41-1464-4ca3-818d-917a36c8afca/1265cc41-1464-4ca3-818d-917a36c8afca.crl
X509v3 Authority Key Identifier:
keyid:33:F2:2A:43:E3:17:30:45:4E:10:FE:49:6A:9A:EC:86:29:34:ED:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/1265cc41-1464-4ca3-818d-917a36c8afca.cer
sbgp-ipAddrBlock: critical
IPv4:
23.135.32.0/24
158.51.80.0/22
170.39.168.0/22
IPv6:
2604:b2c0::/32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
23:ec:59:35:d5:0d:78:5d:5b:e1:0f:1f:29:12:da:28:54:84:
42:39:ea:80:5b:83:36:e9:24:69:1e:3a:1a:ba:1c:18:b2:15:
1f:73:36:45:54:1c:6d:d8:ba:ed:43:34:96:f4:be:ef:04:32:
99:db:e2:92:5e:95:89:07:67:6a:0c:d7:8b:de:16:b3:17:9c:
7b:40:99:e4:19:5b:f8:af:ac:db:e6:f8:96:dd:04:bb:7f:74:
49:43:fc:13:98:06:78:f8:05:e0:e7:a8:75:6e:17:16:5d:f7:
75:ff:da:aa:61:4e:f3:02:03:2f:79:f2:de:80:e0:6c:f0:db:
15:02:ea:13:5e:d2:e1:c4:8c:3d:4f:87:ab:46:cc:e3:49:4a:
d5:c0:c5:9f:1a:01:2b:55:f5:fb:45:bc:13:d5:4b:c9:0f:af:
43:b2:69:fa:ad:e6:85:ed:3b:70:bd:a2:d2:4c:3c:47:b1:09:
fb:10:26:19:a9:9a:c8:ae:e7:18:32:a0:a8:0f:df:d3:cb:a2:
a0:b6:dc:e0:de:5f:df:e8:61:03:b5:26:cd:4d:ba:3a:01:c1:
61:3f:8d:0d:cd:42:5a:03:98:be:41:70:81:ee:c4:b7:67:e9:
fa:46:bf:04:36:75:e9:49:c5:78:df:63:b8:c8:5a:ef:25:00:
01:72:86:68
-----BEGIN CERTIFICATE-----
MIIGXjCCBUagAwIBAgIUAQ0Mn0MoWEdTe1kAm34aYgDY/oAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTI2NWNjNDEtMTQ2NC00Y2EzLTgxOGQtOTE3YTM2Yzhh
ZmNhMB4XDTI0MDkyNTAxMDAzMVoXDTI0MTIyNDAyMDAzMVowLzEtMCsGA1UEAxMk
M2U0YWQ4MzYtOGRhOS00ZTEzLTlmNWQtMGU3MGM1ZWM4Y2QwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYSqODTGPda5MrS3MebK4o/zH4Y1RLEgsTGC
XK+QJ/VUnc0QVidAqbRKXkPzcPdy2Njj1gSEbimLmlVzI2AtS6UdBtbfv/zjbvGI
+p+3VT5O87Nnj7uGFG9JY3Kikmoza9rByy/Kk1V5auFbDmbNqsciu0z2ggM+FZCR
x/c3R7kNmHe4KKcq3Tyb16DDRfo3j4IdXej3YfuFWXzBstago6w7DPjS9bBG9S57
FzXAXbrtOy6fkDi01wESxx8GUVQv1ugQmkDSKvVLPU6POKJtIgBtf3WA6M0mUFj8
m7vSHhfKQJZQiZMXjRouD40YD8LHgB65J/XKRqnvd6orMjMvDQIDAQABo4IDcDCC
A2wwHQYDVR0OBBYEFCECFieIf5lf47uEuQYxF2j1v3/rMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy8xMjY1
Y2M0MS0xNDY0LTRjYTMtODE4ZC05MTdhMzZjOGFmY2EvZjY4ZGNhMjktOGUzMi0z
OWNhLTg3Y2UtMzljMzE4ZjgyM2I0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvMTI2NWNjNDEtMTQ2NC00Y2EzLTgx
OGQtOTE3YTM2YzhhZmNhLzEyNjVjYzQxLTE0NjQtNGNhMy04MThkLTkxN2EzNmM4
YWZjYS5jcmwwHwYDVR0jBBgwFoAUM/IqQ+MXMEVOEP5Japrshik07cMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy8xMjY1Y2M0MS0xNDY0LTRjYTMtODE4ZC05MTdh
MzZjOGFmY2EuY2VyMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAF4cgAwQC
njNQAwQCqieoMA0EAgACMAcDBQAmBLLAMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUH
DgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2Vz
L3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBACPsWTXVDXhdW+EPHykS
2ihUhEI56oBbgzbpJGkeOhq6HBiyFR9zNkVUHG3Yuu1DNJb0vu8EMpnb4pJelYkH
Z2oM14veFrMXnHtAmeQZW/ivrNvm+JbdBLt/dElD/BOYBnj4BeDnqHVuFxZd93X/
2qphTvMCAy958t6A4Gzw2xUC6hNe0uHEjD1Ph6tGzONJStXAxZ8aAStV9ftFvBPV
S8kPr0Oyafqt5oXtO3C9otJMPEexCfsQJhmpmsiu5xgyoKgP39PLoqC23ODeX9/o
YQO1Js1NujoBwWE/jQ3NQloDmL5BcIHuxLdn6fpGvwQ2delJxXjfY7jIWu8lAAFy
hmg=
-----END CERTIFICATE-----
Generated at Mon Nov 18 20:59:19 2024 by rpki-client on console-fra.rpki-client.org