Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/417c06d0-3203-44fd-b164-0aed50f5638b/7f288e26-bbcd-39d1-9e43-2c7c5690dfd1.roa
File: 7f288e26-bbcd-39d1-9e43-2c7c5690dfd1.roa (raw, json)
Hash identifier: +YDTvq/fwss1roT0G76gu7xFrqYmhoA5UIwC/sjhFLg=
Subject key identifier: 00:19:15:7B:00:09:D5:0F:B7:F7:57:DB:87:7F:FE:04:FA:06:88:5C
Certificate issuer: /CN=417c06d0-3203-44fd-b164-0aed50f5638b
Certificate serial: 010D0C9F43285848AF2B7A082936D6EE32C60C80
Authority key identifier: 00:CE:A0:C5:4C:5A:68:B3:D1:09:2A:66:78:F3:83:C9:42:07:C5:FD
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/417c06d0-3203-44fd-b164-0aed50f5638b.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/417c06d0-3203-44fd-b164-0aed50f5638b/7f288e26-bbcd-39d1-9e43-2c7c5690dfd1.roa
Signing time: Mon 27 Jan 2025 14:00:52 +0000
ROA not before: Mon 27 Jan 2025 14:00:52 +0000
ROA not after: Sun 27 Apr 2025 13:00:52 +0000
asID: 397423
IP address blocks: 147.124.198.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:48:af:2b:7a:08:29:36:d6:ee:32:c6:0c:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=417c06d0-3203-44fd-b164-0aed50f5638b
Validity
Not Before: Jan 27 14:00:52 2025 GMT
Not After : Apr 27 13:00:52 2025 GMT
Subject: CN=9b657e7a-fc32-442c-aea0-09e5d8e5f36b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:46:52:17:0c:fe:c4:e9:d1:43:0d:08:21:76:
5d:31:45:7e:4d:be:4a:ed:4f:cf:ad:0c:70:1d:27:
d8:39:13:fa:c6:a2:ed:04:df:33:1b:5c:39:73:a1:
00:57:08:5b:5b:7a:95:17:c7:6f:03:7a:5b:7d:42:
c5:1f:14:c5:d4:cc:58:c0:e9:27:a7:55:b6:e8:1d:
37:c8:5e:59:44:53:57:25:e6:ef:b5:6c:15:bc:3d:
0c:58:7a:54:69:db:c7:ea:d4:c8:47:34:f1:da:2e:
20:16:ad:80:ba:16:07:05:f3:9b:4d:bc:12:c8:66:
26:37:63:78:f0:48:0d:1d:67:c7:b4:d2:06:66:77:
65:86:1b:92:7a:c3:51:6e:a9:7a:f4:d0:24:50:bc:
27:d0:9b:39:93:22:4c:65:aa:04:e1:31:e2:6c:90:
28:17:80:97:06:35:a0:2e:11:6f:45:df:5f:69:18:
28:69:fb:4b:31:14:97:f5:a3:ff:d1:a5:bf:bf:c7:
26:dc:9f:74:90:6b:fc:f5:3e:3d:fe:43:33:da:f1:
3a:a2:11:4f:36:f9:eb:7d:fc:23:4d:fd:2b:05:0a:
14:2f:42:e8:6a:8f:80:23:a2:dc:b5:59:b1:90:7f:
43:e6:81:58:86:32:da:80:fe:63:e2:ce:66:07:30:
f3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:19:15:7B:00:09:D5:0F:B7:F7:57:DB:87:7F:FE:04:FA:06:88:5C
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/417c06d0-3203-44fd-b164-0aed50f5638b/7f288e26-bbcd-39d1-9e43-2c7c5690dfd1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/417c06d0-3203-44fd-b164-0aed50f5638b/417c06d0-3203-44fd-b164-0aed50f5638b.crl
X509v3 Authority Key Identifier:
keyid:00:CE:A0:C5:4C:5A:68:B3:D1:09:2A:66:78:F3:83:C9:42:07:C5:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/417c06d0-3203-44fd-b164-0aed50f5638b.cer
sbgp-ipAddrBlock: critical
IPv4:
147.124.198.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
16:9b:45:48:67:4b:36:f7:86:d3:ff:70:5b:56:85:99:81:e2:
7f:8f:30:b9:0c:d1:fd:2a:7a:b9:ef:7a:e6:b0:82:3a:7f:11:
87:9c:d7:5a:f0:0d:87:44:30:87:ad:ff:45:7c:d6:bf:02:82:
b2:c4:30:45:a0:b0:68:87:41:a5:4d:73:52:2b:79:94:f4:85:
18:e1:d2:6e:58:a0:cd:fb:ff:eb:21:36:e6:51:d7:75:67:3e:
e5:df:21:29:68:f6:e9:2b:be:40:bd:76:da:9a:26:23:27:79:
2c:1c:5d:c5:83:db:8c:69:9e:13:b2:af:f3:eb:f7:12:89:08:
fc:c8:5d:88:6d:aa:de:b4:3d:0f:7c:7d:9a:67:9c:e6:9a:7a:
4b:ca:99:e9:94:8d:bc:ea:a8:ad:14:d1:ce:7b:c6:4b:0c:c3:
b0:0e:ba:2c:7c:b7:c5:bc:dd:4e:1e:6f:53:dc:8f:de:5e:5e:
9d:a9:c4:87:96:eb:62:f4:fb:33:2a:93:07:53:a2:35:12:a2:
d3:bf:4c:92:2f:48:b1:e3:3b:59:21:39:6b:86:23:f3:66:81:
79:9a:ba:97:1f:f4:08:91:90:83:cf:2b:ca:d9:61:17:a1:65:
55:04:fd:2f:a5:5c:e4:78:86:eb:27:50:c1:a1:99:69:f2:85:
fa:58:ec:c5
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEivK3oIKTbW7jLGDIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDE3YzA2ZDAtMzIwMy00NGZkLWIxNjQtMGFlZDUwZjU2
MzhiMB4XDTI1MDEyNzE0MDA1MloXDTI1MDQyNzEzMDA1MlowLzEtMCsGA1UEAxMk
OWI2NTdlN2EtZmMzMi00NDJjLWFlYTAtMDllNWQ4ZTVmMzZiMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUZSFwz+xOnRQw0IIXZdMUV+Tb5K7U/PrQxw
HSfYORP6xqLtBN8zG1w5c6EAVwhbW3qVF8dvA3pbfULFHxTF1MxYwOknp1W26B03
yF5ZRFNXJebvtWwVvD0MWHpUadvH6tTIRzTx2i4gFq2AuhYHBfObTbwSyGYmN2N4
8EgNHWfHtNIGZndlhhuSesNRbql69NAkULwn0Js5kyJMZaoE4THibJAoF4CXBjWg
LhFvRd9faRgoaftLMRSX9aP/0aW/v8cm3J90kGv89T49/kMz2vE6ohFPNvnrffwj
Tf0rBQoUL0Loao+AI6LctVmxkH9D5oFYhjLagP5j4s5mBzDzhwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFAAZFXsACdUPt/dX24d//gT6BohcMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80MTdj
MDZkMC0zMjAzLTQ0ZmQtYjE2NC0wYWVkNTBmNTYzOGIvN2YyODhlMjYtYmJjZC0z
OWQxLTllNDMtMmM3YzU2OTBkZmQxLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDE3YzA2ZDAtMzIwMy00NGZkLWIx
NjQtMGFlZDUwZjU2MzhiLzQxN2MwNmQwLTMyMDMtNDRmZC1iMTY0LTBhZWQ1MGY1
NjM4Yi5jcmwwHwYDVR0jBBgwFoAUAM6gxUxaaLPRCSpmePODyUIHxf0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80MTdjMDZkMC0zMjAzLTQ0ZmQtYjE2NC0wYWVk
NTBmNTYzOGIuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk3zGMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBABabRUhnSzb3htP/cFtWhZmB4n+PMLkM0f0qernveuawgjp/EYec11rw
DYdEMIet/0V81r8CgrLEMEWgsGiHQaVNc1IreZT0hRjh0m5YoM37/+shNuZR13Vn
PuXfISlo9ukrvkC9dtqaJiMneSwcXcWD24xpnhOyr/Pr9xKJCPzIXYhtqt60PQ98
fZpnnOaaekvKmemUjbzqqK0U0c57xksMw7AOuix8t8W83U4eb1Pcj95eXp2pxIeW
62L0+zMqkwdTojUSotO/TJIvSLHjO1khOWuGI/NmgXmaupcf9AiRkIPPK8rZYReh
ZVUE/S+lXOR4husnUMGhmWnyhfpY7MU=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:12:35 2025 by rpki-client