Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/70886d17-f45d-392e-8516-1c9ffd3bfbd3.roa
File: 70886d17-f45d-392e-8516-1c9ffd3bfbd3.roa (raw, json)
Hash identifier: 5rCrFDwqI4FuiQCA7oz+sZM2cFYbl0NjdGN/pd1rod8=
Subject key identifier: 71:42:22:9C:56:96:07:FD:03:C7:ED:D5:FD:10:15:CD:E8:6C:4B:4A
Certificate issuer: /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial: 010D0C9F43285837FAA7D2E0C72C047139E74540
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/70886d17-f45d-392e-8516-1c9ffd3bfbd3.roa
Signing time: Mon 16 Nov 2020 05:00:00 +0000
ROA not before: Mon 16 Nov 2020 05:00:00 +0000
ROA not after: Mon 20 Feb 2023 05:00:00 +0000
asID: 701
IP address blocks: 104.165.107.0/24 maxlen: 24
104.165.78.0/24 maxlen: 24
104.165.109.0/24 maxlen: 24
104.165.114.0/24 maxlen: 24
104.165.120.0/24 maxlen: 24
104.165.134.0/24 maxlen: 24
107.164.85.0/24 maxlen: 24
107.164.145.0/24 maxlen: 24
107.164.199.0/24 maxlen: 24
107.164.200.0/24 maxlen: 24
142.111.219.0/24 maxlen: 24
142.252.51.0/24 maxlen: 24
142.252.52.0/24 maxlen: 24
166.88.149.0/24 maxlen: 24
172.120.14.0/24 maxlen: 24
172.252.215.0/24 maxlen: 24
104.253.63.0/24 maxlen: 24
104.253.29.0/24 maxlen: 24
104.253.11.0/24 maxlen: 24
104.253.12.0/24 maxlen: 24
104.253.57.0/24 maxlen: 24
104.253.96.0/24 maxlen: 24
104.165.91.0/24 maxlen: 24
104.164.180.0/24 maxlen: 24
50.118.248.0/24 maxlen: 24
50.118.255.0/24 maxlen: 24
50.117.45.0/24 maxlen: 24
50.117.96.0/24 maxlen: 24
104.165.29.0/24 maxlen: 24
104.165.73.0/24 maxlen: 24
104.165.81.0/24 maxlen: 24
104.165.83.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:37:fa:a7:d2:e0:c7:2c:04:71:39:e7:45:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
Validity
Not Before: Nov 16 05:00:00 2020 GMT
Not After : Feb 20 05:00:00 2023 GMT
Subject: CN=48eafc6d-2701-4e75-8258-d5fa3ee2a65b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d4:5e:0b:1b:7b:c5:1f:58:4f:20:6d:9a:27:
96:61:ef:a7:1e:85:c1:dd:4a:66:7e:7d:11:e0:33:
58:a1:53:a3:db:2c:e3:76:4b:f8:e0:47:16:f9:7a:
c1:ca:9e:ab:46:c8:10:34:2d:e4:d7:83:44:16:2e:
10:37:aa:82:e5:8b:0a:d6:78:8e:d0:78:42:7f:a7:
f2:e5:33:f5:54:5c:9b:7f:17:6d:63:61:2b:c5:35:
bc:d5:ef:a1:d0:0e:74:db:dd:7f:2f:5e:64:8e:e4:
d3:eb:34:b3:50:9c:4a:28:75:98:d0:8c:bd:d1:d9:
cd:58:9c:e4:56:a5:9d:d5:ec:29:3a:03:85:a5:3e:
53:41:41:7e:0a:16:e7:50:cf:90:7e:f7:95:31:d2:
3a:69:fd:66:10:7e:3d:22:9d:d5:9d:5e:63:10:85:
df:e0:30:05:c8:d6:37:d6:8a:d9:9a:5b:4b:0a:db:
f3:95:64:7f:1c:62:3f:67:12:43:be:cb:8c:a6:48:
e0:4a:23:80:1d:54:57:5f:65:e0:b0:04:10:5f:a5:
30:28:41:cc:fd:6f:bf:3f:94:81:ae:f9:73:99:52:
fe:ae:3b:d4:21:eb:ae:f7:ae:cb:29:e0:50:8e:ae:
74:f9:93:f3:29:ab:34:86:98:26:d2:e9:e7:59:c1:
4b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:42:22:9C:56:96:07:FD:03:C7:ED:D5:FD:10:15:CD:E8:6C:4B:4A
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/70886d17-f45d-392e-8516-1c9ffd3bfbd3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl
X509v3 Authority Key Identifier:
keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
sbgp-ipAddrBlock: critical
IPv4:
50.117.45.0/24
50.117.96.0/24
50.118.248.0/24
50.118.255.0/24
104.164.180.0/24
104.165.29.0/24
104.165.73.0/24
104.165.78.0/24
104.165.81.0/24
104.165.83.0/24
104.165.91.0/24
104.165.107.0/24
104.165.109.0/24
104.165.114.0/24
104.165.120.0/24
104.165.134.0/24
104.253.11.0-104.253.12.255
104.253.29.0/24
104.253.57.0/24
104.253.63.0/24
104.253.96.0/24
107.164.85.0/24
107.164.145.0/24
107.164.199.0-107.164.200.255
142.111.219.0/24
142.252.51.0-142.252.52.255
166.88.149.0/24
172.120.14.0/24
172.252.215.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
3a:f4:72:e2:a7:31:55:60:8a:b5:88:79:f4:4b:d5:b2:6f:4a:
b8:f0:42:10:9b:5b:ba:74:a1:2c:44:8a:94:04:16:1d:99:64:
55:2c:a1:77:65:bc:6d:40:23:84:5f:e6:54:0f:52:83:8b:e7:
1e:52:07:b4:06:a5:f6:78:09:93:b6:04:8e:95:87:30:90:d3:
60:90:30:e5:a4:a5:75:98:6d:fb:16:c2:30:55:5d:ba:98:b0:
f3:38:19:53:a2:74:df:d6:07:f3:6b:58:a2:97:d9:f1:96:44:
9c:a2:7a:89:9c:30:a5:32:e6:f4:bc:b7:c0:56:4e:43:00:76:
01:db:24:18:8d:67:f7:bf:c3:ae:1e:f9:26:95:68:e7:ba:49:
1f:7a:79:78:c3:99:a5:5e:75:66:cb:88:39:d7:b4:f1:1b:24:
32:3a:ff:d0:63:c3:23:43:b6:22:ea:90:3a:0e:a5:d3:20:25:
42:e6:27:03:05:bc:c6:99:99:b8:6d:5c:44:99:4c:b6:d2:a4:
23:61:ea:ce:5c:d2:e5:26:10:49:07:0e:1a:88:38:ac:06:3a:
e6:e0:56:90:60:d3:8a:0b:34:5b:64:77:63:ed:3b:f9:0d:fa:
70:21:d7:b5:84:52:fa:6f:4f:23:32:b2:a9:a8:4d:c8:cd:49:
7a:83:58:37
-----BEGIN CERTIFICATE-----
MIIHCDCCBfCgAwIBAgIUAQ0Mn0MoWDf6p9LgxywEcTnnRUAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIwMTExNjA1MDAwMFoXDTIzMDIyMDA1MDAwMFowLzEtMCsGA1UEAxMk
NDhlYWZjNmQtMjcwMS00ZTc1LTgyNTgtZDVmYTNlZTJhNjViMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltReCxt7xR9YTyBtmieWYe+nHoXB3Upmfn0R
4DNYoVOj2yzjdkv44EcW+XrByp6rRsgQNC3k14NEFi4QN6qC5YsK1niO0HhCf6fy
5TP1VFybfxdtY2ErxTW81e+h0A50291/L15kjuTT6zSzUJxKKHWY0Iy90dnNWJzk
VqWd1ewpOgOFpT5TQUF+ChbnUM+QfveVMdI6af1mEH49Ip3VnV5jEIXf4DAFyNY3
1orZmltLCtvzlWR/HGI/ZxJDvsuMpkjgSiOAHVRXX2XgsAQQX6UwKEHM/W+/P5SB
rvlzmVL+rjvUIeuu967LKeBQjq50+ZPzKas0hpgm0unnWcFLXQIDAQABo4IEGjCC
BBYwHQYDVR0OBBYEFHFCIpxWlgf9A8ft1f0QFc3obEtKMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvNzA4ODZkMTctZjQ1ZC0z
OTJlLTg1MTYtMWM5ZmZkM2JmYmQzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBAAy
dS0DBAAydWADBAAydvgDBAAydv8DBABopLQDBABopR0DBABopUkDBABopU4DBABo
pVEDBABopVMDBABopVsDBABopWsDBABopW0DBABopXIDBABopXgDBABopYYwDAME
AGj9CwMEAGj9DAMEAGj9HQMEAGj9OQMEAGj9PwMEAGj9YAMEAGukVQMEAGukkTAM
AwQAa6THAwQAa6TIAwQAjm/bMAwDBACO/DMDBACO/DQDBACmWJUDBACseA4DBACs
/NcwVAYDVR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRw
czovL3d3dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG
9w0BAQsFAAOCAQEAOvRy4qcxVWCKtYh59EvVsm9KuPBCEJtbunShLESKlAQWHZlk
VSyhd2W8bUAjhF/mVA9Sg4vnHlIHtAal9ngJk7YEjpWHMJDTYJAw5aSldZht+xbC
MFVdupiw8zgZU6J039YH82tYopfZ8ZZEnKJ6iZwwpTLm9Ly3wFZOQwB2AdskGI1n
97/Drh75JpVo57pJH3p5eMOZpV51ZsuIOde08RskMjr/0GPDI0O2IuqQOg6l0yAl
QuYnAwW8xpmZuG1cRJlMttKkI2HqzlzS5SYQSQcOGog4rAY65uBWkGDTigs0W2R3
Y+07+Q36cCHXtYRS+m9PIzKyqahNyM1JeoNYNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:25 2024 by rpki-client on console-fra.rpki-client.org