Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/8d993390-35ef-311c-bd85-1e6c257d3377.roa
File: 8d993390-35ef-311c-bd85-1e6c257d3377.roa (raw, json)
Hash identifier: xvj+YeVsPBQR6HwFgm6/Vc41RrIPaHTccke/we3N8VU=
Subject key identifier: 27:02:7B:AA:89:AE:57:B9:9B:8B:8A:FA:66:FA:41:A4:E8:32:8F:E2
Certificate issuer: /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial: 010D0C9F43285843A8101BD389180394636459E0
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/8d993390-35ef-311c-bd85-1e6c257d3377.roa
Signing time: Tue 24 Oct 2023 13:00:20 +0000
ROA not before: Tue 24 Oct 2023 13:00:20 +0000
ROA not after: Mon 22 Jan 2024 14:00:20 +0000
asID: 397373
IP address blocks: 107.164.178.0/24 maxlen: 24
107.186.196.0/24 maxlen: 24
107.164.130.0/24 maxlen: 24
107.186.195.0/24 maxlen: 24
107.165.4.0/24 maxlen: 24
107.164.187.0/24 maxlen: 24
107.165.154.0/24 maxlen: 24
107.165.66.0/24 maxlen: 24
136.0.71.0/24 maxlen: 24
136.0.60.0/24 maxlen: 24
136.0.55.0/24 maxlen: 24
107.187.106.0/24 maxlen: 24
107.187.97.0/24 maxlen: 24
107.187.55.0/24 maxlen: 24
107.187.36.0/24 maxlen: 24
107.186.230.0/24 maxlen: 24
107.165.211.0/24 maxlen: 24
107.165.190.0/24 maxlen: 24
107.165.254.0/24 maxlen: 24
107.165.220.0/24 maxlen: 24
107.186.40.0/24 maxlen: 24
107.186.17.0/24 maxlen: 24
107.186.53.0/24 maxlen: 24
107.186.42.0/24 maxlen: 24
107.186.150.0/24 maxlen: 24
107.186.145.0/24 maxlen: 24
107.186.93.0/24 maxlen: 24
107.186.80.0/24 maxlen: 24
107.165.167.0/24 maxlen: 24
107.165.160.0/24 maxlen: 24
107.186.74.0/24 maxlen: 24
107.164.78.0/24 maxlen: 24
107.186.70.0/24 maxlen: 24
107.165.178.0/24 maxlen: 24
107.164.10.0/24 maxlen: 24
107.164.135.0/24 maxlen: 24
104.253.209.0/24 maxlen: 24
104.164.160.0/24 maxlen: 24
107.164.38.0/24 maxlen: 24
104.253.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:43:a8:10:1b:d3:89:18:03:94:63:64:59:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
Validity
Not Before: Oct 24 13:00:20 2023 GMT
Not After : Jan 22 14:00:20 2024 GMT
Subject: CN=bcc3ca03-1a3f-4bad-9d99-05bc8b054e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:60:66:bb:07:ea:66:a8:87:b0:eb:13:b8:0b:
1d:5c:4d:b5:fd:e8:ae:59:ac:ad:ac:86:fe:1c:f2:
72:e1:bc:6e:9b:56:24:ee:77:93:fb:34:7e:c0:eb:
5c:f0:85:f5:58:a6:d0:df:17:d2:48:5c:dc:e2:01:
e3:b7:40:2d:d7:02:e8:cb:8d:77:86:38:06:69:9e:
ac:c3:a2:d2:93:1b:84:11:9f:6c:1f:19:9e:09:b8:
c9:7e:5f:4f:e3:9a:57:42:2c:e8:74:71:25:40:cd:
c4:ef:d6:9a:79:c2:79:64:d2:23:dc:03:47:51:03:
1b:83:9d:17:28:db:ff:1c:c0:06:cb:00:aa:6d:66:
1b:a1:c3:1b:ac:74:10:e0:f9:fc:d8:f9:ed:2f:a3:
19:84:3b:29:42:07:b6:55:f8:27:e5:48:4e:dc:46:
b3:84:95:13:18:cf:77:b7:cb:96:5b:b1:7f:76:07:
40:44:79:ee:93:06:35:8a:6e:a6:c0:7e:9b:00:7e:
11:e8:7a:dd:62:0e:f6:6a:e8:69:04:f7:dc:2b:ff:
44:ba:e1:0e:65:85:46:64:cb:f2:a7:af:10:14:5c:
39:81:26:06:96:bf:4b:2b:4c:85:29:b5:6e:04:5d:
09:d4:f4:57:08:cc:ed:48:37:c4:61:69:65:5d:bf:
91:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:02:7B:AA:89:AE:57:B9:9B:8B:8A:FA:66:FA:41:A4:E8:32:8F:E2
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/8d993390-35ef-311c-bd85-1e6c257d3377.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl
X509v3 Authority Key Identifier:
keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
sbgp-ipAddrBlock: critical
IPv4:
104.164.160.0/24
104.253.209.0/24
104.253.217.0/24
107.164.10.0/24
107.164.38.0/24
107.164.78.0/24
107.164.130.0/24
107.164.135.0/24
107.164.178.0/24
107.164.187.0/24
107.165.4.0/24
107.165.66.0/24
107.165.154.0/24
107.165.160.0/24
107.165.167.0/24
107.165.178.0/24
107.165.190.0/24
107.165.211.0/24
107.165.220.0/24
107.165.254.0/24
107.186.17.0/24
107.186.40.0/24
107.186.42.0/24
107.186.53.0/24
107.186.70.0/24
107.186.74.0/24
107.186.80.0/24
107.186.93.0/24
107.186.145.0/24
107.186.150.0/24
107.186.195.0-107.186.196.255
107.186.230.0/24
107.187.36.0/24
107.187.55.0/24
107.187.97.0/24
107.187.106.0/24
136.0.55.0/24
136.0.60.0/24
136.0.71.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
9a:8d:7b:ba:22:bf:33:a7:a9:35:82:7e:f6:60:a4:7f:45:1a:
ce:3c:3c:2d:73:e3:c2:c5:e4:56:c4:19:75:cb:c6:ca:bc:1c:
9a:0a:d2:e8:68:9a:94:4a:52:4a:d2:b7:e0:66:41:a6:80:19:
d9:8e:41:0b:42:75:77:90:43:01:fe:7c:35:60:71:a9:ab:9a:
73:d8:c0:89:5b:58:5f:21:cc:45:dc:8a:db:6e:f1:82:26:23:
aa:38:dd:8f:56:20:56:c7:f9:f6:2f:a5:1f:90:e6:71:cf:9c:
aa:72:6a:bf:1e:e3:19:20:22:3d:9b:7b:4c:70:ad:90:fe:4d:
3d:68:01:89:81:47:a2:29:3d:a5:b3:6c:a5:0a:14:8c:d6:19:
25:d7:7f:dd:c1:95:0a:41:b9:18:f5:0a:7c:f0:c9:65:1c:d6:
a0:3c:9a:ab:7f:77:90:9a:1f:cf:d0:54:ec:99:e9:cd:1c:3e:
d2:4e:c5:d8:28:f6:21:53:76:2c:52:2a:f3:cb:e5:cc:4a:fe:
b3:a3:1b:9d:8f:fd:da:1b:c6:94:fc:9e:5a:50:9a:e0:9c:57:
db:18:85:d3:c9:dc:10:49:7f:18:68:a3:08:dc:7c:27:df:14:
3e:e3:88:4c:f6:8a:63:97:56:8d:a0:aa:00:ce:ae:3e:e7:da:
8e:4d:23:09
-----BEGIN CERTIFICATE-----
MIIHNTCCBh2gAwIBAgIUAQ0Mn0MoWEOoEBvTiRgDlGNkWeAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIzMTAyNDEzMDAyMFoXDTI0MDEyMjE0MDAyMFowLzEtMCsGA1UEAxMk
YmNjM2NhMDMtMWEzZi00YmFkLTlkOTktMDViYzhiMDU0ZTkxMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2BmuwfqZqiHsOsTuAsdXE21/eiuWaytrIb+
HPJy4bxum1Yk7neT+zR+wOtc8IX1WKbQ3xfSSFzc4gHjt0At1wLoy413hjgGaZ6s
w6LSkxuEEZ9sHxmeCbjJfl9P45pXQizodHElQM3E79aaecJ5ZNIj3ANHUQMbg50X
KNv/HMAGywCqbWYbocMbrHQQ4Pn82PntL6MZhDspQge2Vfgn5UhO3EazhJUTGM93
t8uWW7F/dgdARHnukwY1im6mwH6bAH4R6HrdYg72auhpBPfcK/9EuuEOZYVGZMvy
p68QFFw5gSYGlr9LK0yFKbVuBF0J1PRXCMztSDfEYWllXb+RTQIDAQABo4IERzCC
BEMwHQYDVR0OBBYEFCcCe6qJrle5m4uK+mb6QaToMo/iMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvOGQ5OTMzOTAtMzVlZi0z
MTFjLWJkODUtMWU2YzI1N2QzMzc3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwQA
aKSgAwQAaP3RAwQAaP3ZAwQAa6QKAwQAa6QmAwQAa6ROAwQAa6SCAwQAa6SHAwQA
a6SyAwQAa6S7AwQAa6UEAwQAa6VCAwQAa6WaAwQAa6WgAwQAa6WnAwQAa6WyAwQA
a6W+AwQAa6XTAwQAa6XcAwQAa6X+AwQAa7oRAwQAa7ooAwQAa7oqAwQAa7o1AwQA
a7pGAwQAa7pKAwQAa7pQAwQAa7pdAwQAa7qRAwQAa7qWMAwDBABrusMDBABrusQD
BABruuYDBABruyQDBABruzcDBABru2EDBABru2oDBACIADcDBACIADwDBACIAEcw
VAYDVR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczov
L3d3dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0B
AQsFAAOCAQEAmo17uiK/M6epNYJ+9mCkf0Uazjw8LXPjwsXkVsQZdcvGyrwcmgrS
6GialEpSStK34GZBpoAZ2Y5BC0J1d5BDAf58NWBxqauac9jAiVtYXyHMRdyK227x
giYjqjjdj1YgVsf59i+lH5Dmcc+cqnJqvx7jGSAiPZt7THCtkP5NPWgBiYFHoik9
pbNspQoUjNYZJdd/3cGVCkG5GPUKfPDJZRzWoDyaq393kJofz9BU7JnpzRw+0k7F
2Cj2IVN2LFIq88vlzEr+s6MbnY/92hvGlPyeWlCa4JxX2xiF08ncEEl/GGijCNx8
J98UPuOITPaKY5dWjaCqAM6uPufajk0jCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:42:09 2024 by rpki-client on console-ams.rpki-client.org