Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/d974f93a-74c0-3783-a18c-e7f9d1b856cd.roa
File: d974f93a-74c0-3783-a18c-e7f9d1b856cd.roa (raw, json)
Hash identifier: CVVuFNOMFpbeCFCdXmc4uf8QvQ5NXxiZ2B3fZlBlcbI=
Subject key identifier: 37:42:86:07:95:6F:8F:9E:C4:1B:BE:91:58:31:9B:3C:B2:4E:2E:3F
Certificate issuer: /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial: 010D0C9F43285845655835EE94433760CC779420
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/d974f93a-74c0-3783-a18c-e7f9d1b856cd.roa
Signing time: Mon 01 Apr 2024 01:00:26 +0000
ROA not before: Mon 01 Apr 2024 01:00:26 +0000
ROA not after: Sun 30 Jun 2024 01:00:26 +0000
asID: 7922
IP address blocks: 172.121.3.0/24 maxlen: 24
166.88.66.0/24 maxlen: 24
166.88.44.0/24 maxlen: 24
166.88.34.0/24 maxlen: 24
166.88.32.0/24 maxlen: 24
107.164.215.0/24 maxlen: 24
107.164.61.0/24 maxlen: 24
107.164.47.0/24 maxlen: 24
107.165.203.0/24 maxlen: 24
142.111.161.0/24 maxlen: 24
142.252.219.0/24 maxlen: 24
142.111.252.0/24 maxlen: 24
142.111.240.0/24 maxlen: 24
142.111.220.0/24 maxlen: 24
142.111.216.0/24 maxlen: 24
142.111.189.0/24 maxlen: 24
136.0.223.0/24 maxlen: 24
107.186.81.0/24 maxlen: 24
107.186.62.0/24 maxlen: 24
142.252.53.0/24 maxlen: 24
142.252.41.0/24 maxlen: 24
142.252.216.0/24 maxlen: 24
142.252.212.0/24 maxlen: 24
142.252.174.0/24 maxlen: 24
172.121.7.0/24 maxlen: 24
142.252.173.0/24 maxlen: 24
142.252.158.0/24 maxlen: 24
142.252.139.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:45:65:58:35:ee:94:43:37:60:cc:77:94:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
Validity
Not Before: Apr 1 01:00:26 2024 GMT
Not After : Jun 30 01:00:26 2024 GMT
Subject: CN=a5cc0020-a23c-4bd0-bdce-e696fc12f441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:dc:a8:90:71:4d:ff:f8:7a:c0:4e:91:3a:1d:
e3:f2:e7:a3:88:8c:49:20:76:31:21:62:ca:ef:59:
75:54:24:31:c5:e3:96:ae:f4:b7:01:39:4b:70:b6:
6f:3b:fe:c6:d4:d4:5d:4d:62:63:e9:41:a8:f3:4b:
3a:be:e4:dd:0a:98:e0:5d:01:12:a0:cd:03:b0:e3:
26:7a:d6:01:a2:7b:95:72:77:73:79:cd:e8:e9:e0:
ae:80:bf:77:7d:ba:4e:06:9d:e9:70:65:cd:60:65:
13:44:f0:fa:f1:7c:50:28:8f:da:8a:7f:26:7d:36:
2f:4c:9e:81:35:81:71:ad:f1:60:7a:5f:85:80:a5:
fe:55:8a:1b:87:18:ac:90:84:bc:6b:44:ba:db:bc:
5b:e9:04:9c:95:f9:b9:6d:82:7f:34:94:58:aa:66:
37:4c:fc:24:46:9c:7b:1b:1b:2d:28:3b:5a:4e:ad:
79:86:5f:f9:6d:eb:68:3d:81:af:2c:ba:88:11:9a:
a8:8c:d7:5b:00:63:41:f0:2f:86:40:33:4c:e6:79:
8d:36:73:30:e9:5d:04:14:9f:3f:81:67:56:d8:b5:
a8:3e:2d:af:36:3a:3b:d5:c4:e1:93:f5:f5:db:98:
5a:5e:57:0b:6d:46:53:30:42:7f:e4:ce:71:47:2f:
9b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:42:86:07:95:6F:8F:9E:C4:1B:BE:91:58:31:9B:3C:B2:4E:2E:3F
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/d974f93a-74c0-3783-a18c-e7f9d1b856cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl
X509v3 Authority Key Identifier:
keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
sbgp-ipAddrBlock: critical
IPv4:
107.164.47.0/24
107.164.61.0/24
107.164.215.0/24
107.165.203.0/24
107.186.62.0/24
107.186.81.0/24
136.0.223.0/24
142.111.161.0/24
142.111.189.0/24
142.111.216.0/24
142.111.220.0/24
142.111.240.0/24
142.111.252.0/24
142.252.41.0/24
142.252.53.0/24
142.252.139.0/24
142.252.158.0/24
142.252.173.0-142.252.174.255
142.252.212.0/24
142.252.216.0/24
142.252.219.0/24
166.88.32.0/24
166.88.34.0/24
166.88.44.0/24
166.88.66.0/24
172.121.3.0/24
172.121.7.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
85:14:dc:40:9b:e6:35:34:1d:99:f7:52:8a:18:9f:55:71:d3:
e9:f7:6c:06:aa:35:ec:12:59:86:d0:4e:82:d1:bb:d7:0e:86:
6b:d5:a9:6a:05:b6:18:65:9f:09:22:d5:06:06:a2:ab:dc:d2:
4b:a7:03:05:41:8c:92:00:ce:b7:64:81:bd:36:46:77:b4:ff:
0d:0d:ca:0d:86:75:c1:ab:f8:71:6a:a5:55:0e:c1:7c:5b:e7:
1a:b9:8c:30:2f:a2:87:01:0e:6c:04:e5:d9:d1:7a:7d:2a:35:
ea:da:f5:b9:16:c2:6d:cd:c8:64:57:93:80:30:ea:b2:7d:c8:
60:c8:88:a3:94:d9:b1:bd:c0:54:85:9b:b2:23:85:6b:ad:bb:
ed:00:90:25:a2:ec:1d:22:58:03:e8:90:20:a9:2c:36:6f:9f:
4d:7b:71:6f:d8:b3:14:96:be:58:fb:08:fa:cc:62:7d:36:64:
03:97:36:90:5f:3d:f7:88:69:24:52:07:33:0c:bf:46:32:11:
43:08:bd:22:e2:b9:e2:e5:8f:ca:73:60:f4:d9:4f:74:0e:bc:
a0:c6:ca:9a:57:ab:4f:62:47:5c:91:31:4f:a9:95:9e:e5:0a:
17:a7:93:9f:7c:e7:82:ad:4b:da:e4:70:5c:0b:8a:a7:b3:d3:
b3:ed:ee:ca
-----BEGIN CERTIFICATE-----
MIIG7DCCBdSgAwIBAgIUAQ0Mn0MoWEVlWDXulEM3YMx3lCAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDQwMTAxMDAyNloXDTI0MDYzMDAxMDAyNlowLzEtMCsGA1UEAxMk
YTVjYzAwMjAtYTIzYy00YmQwLWJkY2UtZTY5NmZjMTJmNDQxMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9yokHFN//h6wE6ROh3j8uejiIxJIHYxIWLK
71l1VCQxxeOWrvS3ATlLcLZvO/7G1NRdTWJj6UGo80s6vuTdCpjgXQESoM0DsOMm
etYBonuVcndzec3o6eCugL93fbpOBp3pcGXNYGUTRPD68XxQKI/ain8mfTYvTJ6B
NYFxrfFgel+FgKX+VYobhxiskIS8a0S627xb6QSclfm5bYJ/NJRYqmY3TPwkRpx7
GxstKDtaTq15hl/5betoPYGvLLqIEZqojNdbAGNB8C+GQDNM5nmNNnMw6V0EFJ8/
gWdW2LWoPi2vNjo71cThk/X125haXlcLbUZTMEJ/5M5xRy+bbwIDAQABo4ID/jCC
A/owHQYDVR0OBBYEFDdChgeVb4+exBu+kVgxmzyyTi4/MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvZDk3NGY5M2EtNzRjMC0z
NzgzLWExOGMtZTdmOWQxYjg1NmNkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBABr
pC8DBABrpD0DBABrpNcDBABrpcsDBABruj4DBABrulEDBACIAN8DBACOb6EDBACO
b70DBACOb9gDBACOb9wDBACOb/ADBACOb/wDBACO/CkDBACO/DUDBACO/IsDBACO
/J4wDAMEAI78rQMEAI78rgMEAI781AMEAI782AMEAI782wMEAKZYIAMEAKZYIgME
AKZYLAMEAKZYQgMEAKx5AwMEAKx5BzBUBgNVHSABAf8ESjBIMEYGCCsGAQUFBw4C
MDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jlc291cmNlcy9y
cGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUAA4IBAQCFFNxAm+Y1NB2Z91KKGJ9V
cdPp92wGqjXsElmG0E6C0bvXDoZr1alqBbYYZZ8JItUGBqKr3NJLpwMFQYySAM63
ZIG9NkZ3tP8NDcoNhnXBq/hxaqVVDsF8W+cauYwwL6KHAQ5sBOXZ0Xp9KjXq2vW5
FsJtzchkV5OAMOqyfchgyIijlNmxvcBUhZuyI4VrrbvtAJAlouwdIlgD6JAgqSw2
b59Ne3Fv2LMUlr5Y+wj6zGJ9NmQDlzaQXz33iGkkUgczDL9GMhFDCL0i4rni5Y/K
c2D02U90DrygxsqaV6tPYkdckTFPqZWe5QoXp5OffOeCrUva5HBcC4qns9Oz7e7K
-----END CERTIFICATE-----
Generated at Fri Apr 12 19:21:38 2024 by rpki-client on console-fra.rpki-client.org