Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1e1775ba-ce9e-4791-8e12-e05afbb9713e/e7c1e63e-fadb-32c7-b516-eaf78e26ec4b.roa
File: e7c1e63e-fadb-32c7-b516-eaf78e26ec4b.roa (raw, json)
Hash identifier: bJcxKDWCo9YvGTMnkOAwEAkob3/ejEX+Iw+6qIuo960=
Subject key identifier: 86:F0:C7:03:94:60:C4:51:3F:50:7E:8A:0F:EA:C8:7D:14:87:ED:FB
Certificate issuer: /CN=1e1775ba-ce9e-4791-8e12-e05afbb9713e
Certificate serial: 010D0C9F4328584409E3D392B9BD606AF225D600
Authority key identifier: DD:A2:87:E5:BF:D3:2F:D1:0F:AC:E8:2C:49:1E:FA:B1:2E:C7:82:FD
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1e1775ba-ce9e-4791-8e12-e05afbb9713e.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1e1775ba-ce9e-4791-8e12-e05afbb9713e/e7c1e63e-fadb-32c7-b516-eaf78e26ec4b.roa
Signing time: Tue 28 Nov 2023 14:00:21 +0000
ROA not before: Tue 28 Nov 2023 14:00:21 +0000
ROA not after: Mon 26 Feb 2024 14:00:21 +0000
asID: 4874
IP address blocks: 204.195.192.0/19 maxlen: 22
2607:5000::/30 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:44:09:e3:d3:92:b9:bd:60:6a:f2:25:d6:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e1775ba-ce9e-4791-8e12-e05afbb9713e
Validity
Not Before: Nov 28 14:00:21 2023 GMT
Not After : Feb 26 14:00:21 2024 GMT
Subject: CN=9f891e00-c508-4db2-806b-247fc3b2a9e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:24:7a:83:91:2a:f9:e3:b9:13:4b:10:44:48:
fb:52:31:bd:4f:cb:af:a8:ba:f9:9f:6c:31:99:ed:
ba:02:6d:d2:5f:22:3b:58:bf:10:80:be:20:a6:a2:
67:4c:02:74:ea:2e:91:b4:06:d6:74:d4:44:2d:03:
15:6e:73:f0:53:67:10:16:47:53:11:66:dc:1a:15:
fd:47:7b:d5:fa:56:68:a0:26:aa:48:f6:1c:20:11:
80:e3:25:36:dd:53:92:72:6c:2b:be:7b:fa:3e:84:
67:aa:04:4c:e7:19:8b:98:7b:44:f3:7c:98:84:24:
a8:e4:14:39:0a:4b:fa:af:1e:1f:31:66:d3:4f:2c:
18:79:7f:11:d8:23:97:18:64:ef:28:33:bc:88:bf:
0d:c1:e8:55:95:aa:86:49:bc:75:cf:f8:3d:81:fd:
92:47:64:5a:9a:df:ef:f3:92:7e:94:3f:d6:55:02:
2a:ed:c1:bb:e5:dd:1c:65:bf:4f:93:fd:07:67:be:
46:61:58:87:e9:59:c7:8b:cc:38:93:1b:66:9f:5c:
14:57:da:f5:7e:76:52:89:d3:eb:c2:7a:99:1c:7a:
a9:49:fc:89:36:64:87:b5:e5:12:7e:c4:6c:86:ab:
13:41:ae:68:47:e8:ff:4c:46:27:3d:aa:0a:21:61:
67:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F0:C7:03:94:60:C4:51:3F:50:7E:8A:0F:EA:C8:7D:14:87:ED:FB
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1e1775ba-ce9e-4791-8e12-e05afbb9713e/e7c1e63e-fadb-32c7-b516-eaf78e26ec4b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1e1775ba-ce9e-4791-8e12-e05afbb9713e/1e1775ba-ce9e-4791-8e12-e05afbb9713e.crl
X509v3 Authority Key Identifier:
keyid:DD:A2:87:E5:BF:D3:2F:D1:0F:AC:E8:2C:49:1E:FA:B1:2E:C7:82:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/1e1775ba-ce9e-4791-8e12-e05afbb9713e.cer
sbgp-ipAddrBlock: critical
IPv4:
204.195.192.0/19
IPv6:
2607:5000::/30
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
1c:98:9f:bf:da:aa:34:58:25:f7:73:2d:e2:55:3a:b8:8d:3d:
8c:49:3c:ae:df:fe:c3:17:47:4d:99:8b:e2:4d:d5:f2:14:44:
6a:8b:47:29:e4:93:a2:c7:fa:1d:ba:f3:ff:c8:b1:f1:a2:44:
09:b2:13:cd:85:d2:8c:f6:b8:fe:7b:82:14:ba:bf:79:fe:d8:
c0:52:cf:1d:5e:a9:ba:61:7c:b7:09:4d:2b:04:96:e3:30:a7:
97:0d:44:92:2b:f9:ce:59:22:bd:d6:f5:ce:f3:ed:54:9a:7c:
09:53:8d:6a:ca:a3:38:25:1f:4e:df:86:e0:ce:f5:ac:9e:10:
47:d3:db:9f:4d:6b:07:08:0b:9b:e7:48:d0:2d:67:31:db:05:
82:4a:70:94:72:1f:86:63:33:08:76:25:0a:79:21:c4:fc:ee:
fc:ec:cd:f9:2d:08:14:c5:ee:52:1b:e9:3e:ce:07:eb:a3:16:
d7:75:08:ab:9e:e9:d8:da:fe:37:56:58:47:65:45:24:84:9c:
69:25:44:c0:bc:1f:e8:7f:ac:2f:75:37:c8:27:ca:0e:e4:dc:
5d:20:06:b4:6d:ed:b4:a0:6a:8d:8b:63:58:fa:90:27:98:f0:
a4:30:83:c0:05:f5:1d:89:77:b0:7b:43:dd:35:13:9f:59:ce:
ef:eb:f2:a3
-----BEGIN CERTIFICATE-----
MIIGUjCCBTqgAwIBAgIUAQ0Mn0MoWEQJ49OSub1gavIl1gAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMWUxNzc1YmEtY2U5ZS00NzkxLThlMTItZTA1YWZiYjk3
MTNlMB4XDTIzMTEyODE0MDAyMVoXDTI0MDIyNjE0MDAyMVowLzEtMCsGA1UEAxMk
OWY4OTFlMDAtYzUwOC00ZGIyLTgwNmItMjQ3ZmMzYjJhOWU5MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSR6g5Eq+eO5E0sQREj7UjG9T8uvqLr5n2wx
me26Am3SXyI7WL8QgL4gpqJnTAJ06i6RtAbWdNRELQMVbnPwU2cQFkdTEWbcGhX9
R3vV+lZooCaqSPYcIBGA4yU23VOScmwrvnv6PoRnqgRM5xmLmHtE83yYhCSo5BQ5
Ckv6rx4fMWbTTywYeX8R2COXGGTvKDO8iL8NwehVlaqGSbx1z/g9gf2SR2Ramt/v
85J+lD/WVQIq7cG75d0cZb9Pk/0HZ75GYViH6VnHi8w4kxtmn1wUV9r1fnZSidPr
wnqZHHqpSfyJNmSHteUSfsRshqsTQa5oR+j/TEYnPaoKIWFnFQIDAQABo4IDZDCC
A2AwHQYDVR0OBBYEFIbwxwOUYMRRP1B+ig/qyH0Uh+37MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi8xZTE3
NzViYS1jZTllLTQ3OTEtOGUxMi1lMDVhZmJiOTcxM2UvZTdjMWU2M2UtZmFkYi0z
MmM3LWI1MTYtZWFmNzhlMjZlYzRiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81YjdmYjEyMi1k
ZmRmLTRjMGMtYjkwZC0zYmM3YTVmZWI4MmIvMWUxNzc1YmEtY2U5ZS00NzkxLThl
MTItZTA1YWZiYjk3MTNlLzFlMTc3NWJhLWNlOWUtNDc5MS04ZTEyLWUwNWFmYmI5
NzEzZS5jcmwwHwYDVR0jBBgwFoAU3aKH5b/TL9EPrOgsSR76sS7Hgv0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMw
Yy1iOTBkLTNiYzdhNWZlYjgyYi8xZTE3NzViYS1jZTllLTQ3OTEtOGUxMi1lMDVh
ZmJiOTcxM2UuY2VyMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFzMPAMA0E
AgACMAcDBQImB1AAMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEF
BQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0
bWwwDQYJKoZIhvcNAQELBQADggEBAByYn7/aqjRYJfdzLeJVOriNPYxJPK7f/sMX
R02Zi+JN1fIURGqLRynkk6LH+h268//IsfGiRAmyE82F0oz2uP57ghS6v3n+2MBS
zx1eqbphfLcJTSsEluMwp5cNRJIr+c5ZIr3W9c7z7VSafAlTjWrKozglH07fhuDO
9ayeEEfT259NawcIC5vnSNAtZzHbBYJKcJRyH4ZjMwh2JQp5IcT87vzszfktCBTF
7lIb6T7OB+ujFtd1CKue6dja/jdWWEdlRSSEnGklRMC8H+h/rC91N8gnyg7k3F0g
BrRt7bSgao2LY1j6kCeY8KQwg8AF9R2Jd7B7Q901E59Zzu/r8qM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:41:55 2024 by rpki-client on console-ams.rpki-client.org