Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/db3f111b-fe1e-3935-9713-6f2abe629560.roa
File: db3f111b-fe1e-3935-9713-6f2abe629560.roa (raw, json)
Hash identifier: 2vabZWw1pRYxexQmO/nHcUGhaSd6EtmQQTh9eC1ppmY=
Subject key identifier: 10:5C:0C:C0:E2:3E:74:B0:6C:59:3D:21:B3:CF:6D:B9:DC:D5:C4:97
Certificate issuer: /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial: 010D0C9F432858454B5834AF07633B04FE378C60
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/db3f111b-fe1e-3935-9713-6f2abe629560.roa
Signing time: Fri 22 Mar 2024 17:29:25 +0000
ROA not before: Fri 22 Mar 2024 17:29:25 +0000
ROA not after: Thu 20 Jun 2024 17:29:25 +0000
asID: 3257
IP address blocks: 68.68.107.0/24 maxlen: 24
45.38.206.0/24 maxlen: 24
23.230.121.0/24 maxlen: 24
23.27.8.0/24 maxlen: 24
23.230.1.0/24 maxlen: 24
23.230.64.0/24 maxlen: 24
23.230.186.0/24 maxlen: 24
23.230.234.0/24 maxlen: 24
23.230.235.0/24 maxlen: 24
45.38.234.0/24 maxlen: 24
45.39.66.0/24 maxlen: 24
45.39.77.0/24 maxlen: 24
45.39.95.0/24 maxlen: 24
45.39.161.0/24 maxlen: 24
45.39.174.0/24 maxlen: 24
68.68.96.0/24 maxlen: 24
68.68.108.0/24 maxlen: 24
104.165.105.0/24 maxlen: 24
104.165.199.0/24 maxlen: 24
107.165.128.0/24 maxlen: 24
107.165.134.0/24 maxlen: 24
107.165.143.0/24 maxlen: 24
107.165.152.0/24 maxlen: 24
107.165.166.0/24 maxlen: 24
107.165.183.0/24 maxlen: 24
107.165.188.0/24 maxlen: 24
107.165.191.0/24 maxlen: 24
107.165.204.0/24 maxlen: 24
107.165.207.0/24 maxlen: 24
107.165.225.0/24 maxlen: 24
107.186.144.0/24 maxlen: 24
107.187.33.0/24 maxlen: 24
107.187.125.0/24 maxlen: 24
136.0.48.0/24 maxlen: 24
142.111.132.0/24 maxlen: 24
142.111.138.0/24 maxlen: 24
142.111.163.0/24 maxlen: 24
142.111.164.0/24 maxlen: 24
142.111.165.0/24 maxlen: 24
142.111.166.0/24 maxlen: 24
142.111.179.0/24 maxlen: 24
142.111.185.0/24 maxlen: 24
142.111.195.0/24 maxlen: 24
142.111.196.0/24 maxlen: 24
142.111.198.0/24 maxlen: 24
142.111.200.0/24 maxlen: 24
142.111.209.0/24 maxlen: 24
142.111.251.0/24 maxlen: 24
142.252.38.0/24 maxlen: 24
142.252.60.0/22 maxlen: 24
142.252.89.0/24 maxlen: 24
142.252.117.0/24 maxlen: 24
142.252.138.0/24 maxlen: 24
142.252.148.0/22 maxlen: 24
142.252.192.0/22 maxlen: 24
142.252.209.0/24 maxlen: 24
166.88.45.0/24 maxlen: 24
166.88.181.0/24 maxlen: 24
166.88.212.0/24 maxlen: 24
172.120.26.0/24 maxlen: 24
172.121.109.0/24 maxlen: 24
172.121.141.0/24 maxlen: 24
172.121.156.0/24 maxlen: 24
172.121.160.0/20 maxlen: 24
172.121.192.0/19 maxlen: 24
172.121.232.0/24 maxlen: 24
172.121.236.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:45:4b:58:34:af:07:63:3b:04:fe:37:8c:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
Validity
Not Before: Mar 22 17:29:25 2024 GMT
Not After : Jun 20 17:29:25 2024 GMT
Subject: CN=dafc1cd9-5795-434e-bd31-c73c8d5399e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:08:9b:96:88:b1:15:ab:f4:9b:08:56:e9:7a:
9f:55:fa:fa:0c:0e:29:c1:a1:17:4b:5f:eb:5c:e1:
25:f4:48:ee:d4:74:67:11:3e:f9:de:c8:28:ad:0b:
b5:93:58:59:1f:1d:07:6c:17:db:51:89:37:f3:3e:
5f:2c:00:2f:bb:dc:a0:70:67:1e:6f:53:aa:7f:c1:
ef:79:f2:07:be:74:cd:c7:bf:7d:b4:1a:2f:2b:28:
1b:49:e4:15:88:6a:e6:52:51:0d:20:4c:88:ae:d5:
d3:c3:7f:82:a9:9e:db:f9:a4:de:1b:ae:83:36:48:
e8:e5:36:70:d0:d8:01:22:1c:d6:da:73:c4:ab:a2:
ea:45:ff:b1:4f:88:9c:f0:be:69:63:16:8d:b3:9c:
04:db:99:5e:44:14:c1:c8:29:9c:b0:dd:fd:40:6f:
42:64:ea:e7:a2:43:45:3d:1f:1f:86:04:65:48:d6:
ab:c3:82:77:ac:e4:6c:90:8e:11:92:c7:5a:63:3c:
88:db:e2:46:29:fc:39:4b:09:16:25:86:5f:f9:a2:
de:db:02:27:bd:78:0c:8e:b6:eb:75:1e:92:4c:24:
2d:7a:a8:8a:72:ff:47:3b:d1:e1:5a:5b:00:0e:69:
28:77:50:d1:2a:16:24:a9:c2:48:0b:a0:2e:8a:6a:
12:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:5C:0C:C0:E2:3E:74:B0:6C:59:3D:21:B3:CF:6D:B9:DC:D5:C4:97
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/db3f111b-fe1e-3935-9713-6f2abe629560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl
X509v3 Authority Key Identifier:
keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
sbgp-ipAddrBlock: critical
IPv4:
23.27.8.0/24
23.230.1.0/24
23.230.64.0/24
23.230.121.0/24
23.230.186.0/24
23.230.234.0/23
45.38.206.0/24
45.38.234.0/24
45.39.66.0/24
45.39.77.0/24
45.39.95.0/24
45.39.161.0/24
45.39.174.0/24
68.68.96.0/24
68.68.107.0-68.68.108.255
104.165.105.0/24
104.165.199.0/24
107.165.128.0/24
107.165.134.0/24
107.165.143.0/24
107.165.152.0/24
107.165.166.0/24
107.165.183.0/24
107.165.188.0/24
107.165.191.0/24
107.165.204.0/24
107.165.207.0/24
107.165.225.0/24
107.186.144.0/24
107.187.33.0/24
107.187.125.0/24
136.0.48.0/24
142.111.132.0/24
142.111.138.0/24
142.111.163.0-142.111.166.255
142.111.179.0/24
142.111.185.0/24
142.111.195.0-142.111.196.255
142.111.198.0/24
142.111.200.0/24
142.111.209.0/24
142.111.251.0/24
142.252.38.0/24
142.252.60.0/22
142.252.89.0/24
142.252.117.0/24
142.252.138.0/24
142.252.148.0/22
142.252.192.0/22
142.252.209.0/24
166.88.45.0/24
166.88.181.0/24
166.88.212.0/24
172.120.26.0/24
172.121.109.0/24
172.121.141.0/24
172.121.156.0/24
172.121.160.0/20
172.121.192.0/19
172.121.232.0/24
172.121.236.0/22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
4d:58:53:42:51:eb:aa:7a:af:b7:67:3b:f1:bc:98:8f:43:48:
8f:1a:98:53:38:d4:b3:7e:5e:b1:a6:e8:23:34:84:86:10:52:
91:4e:3f:79:81:07:aa:f4:99:55:15:37:93:96:4f:4a:ec:97:
b1:1e:e6:7f:45:7a:be:fa:0a:15:3c:7c:3e:95:c1:af:b3:b8:
92:9e:2d:df:7b:d9:cc:1d:4f:b6:86:b3:ce:a2:cd:7e:aa:ba:
b7:c0:a1:eb:8b:04:09:be:23:cd:de:88:64:04:fc:88:20:15:
c3:1f:52:ee:a5:5a:04:ed:12:32:f4:d8:4c:35:36:d5:ca:89:
36:f7:e5:71:bf:da:d7:1d:22:cc:1c:b2:a7:9a:50:1e:9e:8e:
33:b6:36:51:11:94:e7:4e:cb:da:bd:99:d4:93:c8:62:ad:48:
6b:da:5b:bf:57:90:50:01:95:75:f1:f6:5e:2f:ae:e6:f3:21:
30:31:99:28:2a:cf:7f:9d:64:93:5e:83:6c:98:9f:bc:4e:54:
a1:79:e2:77:1b:43:46:2f:da:22:ca:30:16:88:a2:cb:ec:d9:
bb:8b:ce:b5:75:a6:4b:61:fd:8e:a2:69:71:94:da:63:3a:e1:
dd:01:6e:3c:bf:78:6f:8a:d9:4d:02:45:6a:e1:35:84:af:9c:
fc:2d:49:62
-----BEGIN CERTIFICATE-----
MIIHzTCCBrWgAwIBAgIUAQ0Mn0MoWEVLWDSvB2M7BP43jGAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDMyMjE3MjkyNVoXDTI0MDYyMDE3MjkyNVowLzEtMCsGA1UEAxMk
ZGFmYzFjZDktNTc5NS00MzRlLWJkMzEtYzczYzhkNTM5OWUyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8gibloixFav0mwhW6XqfVfr6DA4pwaEXS1/r
XOEl9Eju1HRnET753sgorQu1k1hZHx0HbBfbUYk38z5fLAAvu9ygcGceb1Oqf8Hv
efIHvnTNx799tBovKygbSeQViGrmUlENIEyIrtXTw3+CqZ7b+aTeG66DNkjo5TZw
0NgBIhzW2nPEq6LqRf+xT4ic8L5pYxaNs5wE25leRBTByCmcsN39QG9CZOrnokNF
PR8fhgRlSNarw4J3rORskI4RksdaYzyI2+JGKfw5SwkWJYZf+aLe2wInvXgMjrbr
dR6STCQteqiKcv9HO9HhWlsADmkod1DRKhYkqcJIC6AuimoSxwIDAQABo4IE3zCC
BNswHQYDVR0OBBYEFBBcDMDiPnSwbFk9IbPPbbnc1cSXMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvZGIzZjExMWItZmUxZS0z
OTM1LTk3MTMtNmYyYWJlNjI5NTYwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIIBpwYIKwYBBQUHAQcBAf8EggGWMIIBkjCCAY4EAgABMIIB
hgMEABcbCAMEABfmAQMEABfmQAMEABfmeQMEABfmugMEARfm6gMEAC0mzgMEAC0m
6gMEAC0nQgMEAC0nTQMEAC0nXwMEAC0noQMEAC0nrgMEAEREYDAMAwQARERrAwQA
RERsAwQAaKVpAwQAaKXHAwQAa6WAAwQAa6WGAwQAa6WPAwQAa6WYAwQAa6WmAwQA
a6W3AwQAa6W8AwQAa6W/AwQAa6XMAwQAa6XPAwQAa6XhAwQAa7qQAwQAa7shAwQA
a7t9AwQAiAAwAwQAjm+EAwQAjm+KMAwDBACOb6MDBACOb6YDBACOb7MDBACOb7kw
DAMEAI5vwwMEAI5vxAMEAI5vxgMEAI5vyAMEAI5v0QMEAI5v+wMEAI78JgMEAo78
PAMEAI78WQMEAI78dQMEAI78igMEAo78lAMEAo78wAMEAI780QMEAKZYLQMEAKZY
tQMEAKZY1AMEAKx4GgMEAKx5bQMEAKx5jQMEAKx5nAMEBKx5oAMEBax5wAMEAKx5
6AMEAqx57DBUBgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEW
LGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMA0G
CSqGSIb3DQEBCwUAA4IBAQBNWFNCUeuqeq+3ZzvxvJiPQ0iPGphTONSzfl6xpugj
NISGEFKRTj95gQeq9JlVFTeTlk9K7JexHuZ/RXq++goVPHw+lcGvs7iSni3fe9nM
HU+2hrPOos1+qrq3wKHriwQJviPN3ohkBPyIIBXDH1LupVoE7RIy9NhMNTbVyok2
9+Vxv9rXHSLMHLKnmlAeno4ztjZREZTnTsvavZnUk8hirUhr2lu/V5BQAZV18fZe
L67m8yEwMZkoKs9/nWSTXoNsmJ+8TlSheeJ3G0NGL9oiyjAWiKLL7Nm7i861daZL
Yf2OomlxlNpjOuHdAW48v3hvitlNAkVq4TWEr5z8LUli
-----END CERTIFICATE-----
Generated at Fri Apr 12 20:22:47 2024 by rpki-client on console-ams.rpki-client.org