Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/df032968-9cdd-3bf5-86fc-4882f64a23c9.roa
File: df032968-9cdd-3bf5-86fc-4882f64a23c9.roa (raw, json)
Hash identifier: DKMAz8DZwTNUxMEUe9cZRnYsi32wA46H4dFaaz75IJY=
Subject key identifier: 7E:03:BC:F6:FC:F1:84:66:26:FB:01:FF:4B:1C:C2:5C:6C:70:F0:C1
Certificate issuer: /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial: 010D0C9F43285842ADC574D8784082AD959B6B08
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/df032968-9cdd-3bf5-86fc-4882f64a23c9.roa
Signing time: Wed 26 Jul 2023 21:17:57 +0000
ROA not before: Wed 26 Jul 2023 21:17:57 +0000
ROA not after: Tue 24 Oct 2023 21:17:57 +0000
asID: 5650
IP address blocks: 104.253.132.0/24 maxlen: 24
50.117.45.0/24 maxlen: 24
23.27.243.0/24 maxlen: 24
23.27.14.0/24 maxlen: 24
23.27.23.0/24 maxlen: 24
23.27.127.0/24 maxlen: 24
23.27.248.0/24 maxlen: 24
23.230.29.0/24 maxlen: 24
23.230.67.0/24 maxlen: 24
50.117.96.0/24 maxlen: 24
50.118.255.0/24 maxlen: 24
104.164.180.0/24 maxlen: 24
104.165.29.0/24 maxlen: 24
104.165.120.0/24 maxlen: 24
104.165.134.0/24 maxlen: 24
104.253.106.0/24 maxlen: 24
104.253.139.0/24 maxlen: 24
104.253.144.0/24 maxlen: 24
104.253.146.0/24 maxlen: 24
104.253.150.0/24 maxlen: 24
107.164.85.0/24 maxlen: 24
107.164.145.0/24 maxlen: 24
107.164.199.0/24 maxlen: 24
107.164.200.0/24 maxlen: 24
107.165.138.0/24 maxlen: 24
107.165.161.0/24 maxlen: 24
107.165.194.0/24 maxlen: 24
107.186.35.0/24 maxlen: 24
136.0.47.0/24 maxlen: 24
136.0.67.0/24 maxlen: 24
136.0.99.0/24 maxlen: 24
136.0.226.0/24 maxlen: 24
142.111.219.0/24 maxlen: 24
142.252.51.0/24 maxlen: 24
142.252.52.0/24 maxlen: 24
166.88.149.0/24 maxlen: 24
172.120.14.0/24 maxlen: 24
172.252.25.0/24 maxlen: 24
172.252.28.0/24 maxlen: 24
172.252.54.0/24 maxlen: 24
172.252.55.0/24 maxlen: 24
172.252.135.0/24 maxlen: 24
172.252.137.0/24 maxlen: 24
172.252.139.0/24 maxlen: 24
172.252.168.0/24 maxlen: 24
172.252.215.0/24 maxlen: 24
173.245.84.0/24 maxlen: 24
205.164.9.0/24 maxlen: 24
205.164.32.0/24 maxlen: 24
205.164.59.0/24 maxlen: 24
209.73.132.0/24 maxlen: 24
209.73.136.0/24 maxlen: 24
209.73.137.0/24 maxlen: 24
216.172.135.0/24 maxlen: 24
216.172.138.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:42:ad:c5:74:d8:78:40:82:ad:95:9b:6b:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
Validity
Not Before: Jul 26 21:17:57 2023 GMT
Not After : Oct 24 21:17:57 2023 GMT
Subject: CN=cec7e3b9-263b-49e0-b132-b3a3b0db6379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0d:00:b7:65:a2:bf:ac:75:a1:d8:52:4e:53:
ac:e2:d4:d0:1f:99:09:9b:0a:13:60:22:57:9a:03:
86:1c:2f:e3:ff:81:cd:79:bb:8a:2d:68:2e:c2:0a:
66:40:37:3c:d3:41:a1:eb:0e:ec:8d:7c:18:65:12:
96:e0:a2:97:6a:c9:8b:c0:9a:25:7d:41:bb:9f:01:
ce:62:eb:0b:22:ce:b3:03:ac:fe:b3:a0:ec:8b:4e:
3d:09:e2:21:90:a6:71:a9:57:3f:51:7b:d7:60:f2:
fd:1f:c4:a8:dd:37:e3:5f:8e:d6:1c:d9:c5:5d:76:
ca:0b:c7:fb:42:6a:92:28:07:d9:6c:e7:0d:f9:fc:
8b:dd:c8:1b:3e:37:59:2e:70:0f:fc:70:6b:d3:88:
c4:d3:2f:ca:e2:c2:c7:10:6d:3d:49:18:13:65:fa:
3f:51:e9:66:ef:b9:86:00:da:c5:4e:e5:8d:9e:82:
02:ed:f3:77:41:e5:ba:48:c4:2b:48:17:5c:e2:8c:
5f:bc:36:91:92:ee:aa:84:33:57:be:fc:be:bc:17:
01:86:c2:75:51:9e:f8:cf:2f:c7:fe:91:54:76:50:
04:ae:ba:5b:3a:ac:cf:cd:03:bc:18:58:9b:ba:fd:
40:9a:a9:05:89:eb:3f:31:0b:c0:bb:fc:05:af:43:
88:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:03:BC:F6:FC:F1:84:66:26:FB:01:FF:4B:1C:C2:5C:6C:70:F0:C1
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/df032968-9cdd-3bf5-86fc-4882f64a23c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl
X509v3 Authority Key Identifier:
keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
sbgp-ipAddrBlock: critical
IPv4:
23.27.14.0/24
23.27.23.0/24
23.27.127.0/24
23.27.243.0/24
23.27.248.0/24
23.230.29.0/24
23.230.67.0/24
50.117.45.0/24
50.117.96.0/24
50.118.255.0/24
104.164.180.0/24
104.165.29.0/24
104.165.120.0/24
104.165.134.0/24
104.253.106.0/24
104.253.132.0/24
104.253.139.0/24
104.253.144.0/24
104.253.146.0/24
104.253.150.0/24
107.164.85.0/24
107.164.145.0/24
107.164.199.0-107.164.200.255
107.165.138.0/24
107.165.161.0/24
107.165.194.0/24
107.186.35.0/24
136.0.47.0/24
136.0.67.0/24
136.0.99.0/24
136.0.226.0/24
142.111.219.0/24
142.252.51.0-142.252.52.255
166.88.149.0/24
172.120.14.0/24
172.252.25.0/24
172.252.28.0/24
172.252.54.0/23
172.252.135.0/24
172.252.137.0/24
172.252.139.0/24
172.252.168.0/24
172.252.215.0/24
173.245.84.0/24
205.164.9.0/24
205.164.32.0/24
205.164.59.0/24
209.73.132.0/24
209.73.136.0/23
216.172.135.0/24
216.172.138.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
91:f6:57:1f:2f:26:6b:6b:80:f2:f4:01:d1:e2:e7:8a:11:72:
54:09:06:16:49:b4:f5:9d:64:1b:f5:41:b7:fb:cc:30:7f:cf:
22:5a:7b:f0:2e:d2:a9:d9:fa:82:dc:d4:f4:e8:36:97:9b:21:
d5:c3:12:13:4c:7d:cd:62:70:c0:90:d8:9a:97:3e:48:65:31:
90:10:d6:f1:f0:46:4c:67:64:ee:4a:f4:38:30:61:58:4e:df:
be:0d:41:fb:e9:69:41:7c:8a:d2:8c:53:e2:db:71:29:42:41:
3c:71:2a:fa:dd:d3:61:bb:0d:16:a4:88:29:e5:fb:38:52:c2:
39:12:58:58:13:7a:4e:68:7e:14:3a:2d:11:9c:30:f7:18:7c:
94:14:9c:a0:46:87:f2:e5:8f:5d:5b:dd:22:7f:1c:07:e8:50:
8e:5b:25:6d:ed:7f:e8:a7:eb:7f:f2:02:16:b5:dd:cf:1a:98:
5d:87:47:0e:f2:76:58:a6:00:55:70:15:40:3b:29:70:f6:b3:
6d:5b:ed:0e:c4:34:81:4d:81:93:74:9f:b6:94:47:66:f5:b9:
28:18:f4:57:8d:2f:cc:e8:6f:b4:74:8f:95:31:23:f5:a4:48:
0a:13:55:35:d5:ab:02:b8:98:e7:f7:ab:ab:e1:86:1a:54:14:
b9:42:44:ec
-----BEGIN CERTIFICATE-----
MIIHiTCCBnGgAwIBAgIUAQ0Mn0MoWEKtxXTYeECCrZWbawgwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIzMDcyNjIxMTc1N1oXDTIzMTAyNDIxMTc1N1owLzEtMCsGA1UEAxMk
Y2VjN2UzYjktMjYzYi00OWUwLWIxMzItYjNhM2IwZGI2Mzc5MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ0At2Wiv6x1odhSTlOs4tTQH5kJmwoTYCJX
mgOGHC/j/4HNebuKLWguwgpmQDc800Gh6w7sjXwYZRKW4KKXasmLwJolfUG7nwHO
YusLIs6zA6z+s6Dsi049CeIhkKZxqVc/UXvXYPL9H8So3TfjX47WHNnFXXbKC8f7
QmqSKAfZbOcN+fyL3cgbPjdZLnAP/HBr04jE0y/K4sLHEG09SRgTZfo/Uelm77mG
ANrFTuWNnoIC7fN3QeW6SMQrSBdc4oxfvDaRku6qhDNXvvy+vBcBhsJ1UZ74zy/H
/pFUdlAErrpbOqzPzQO8GFibuv1AmqkFies/MQvAu/wFr0OIPQIDAQABo4IEmzCC
BJcwHQYDVR0OBBYEFH4DvPb88YRmJvsB/0scwlxscPDBMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvZGYwMzI5NjgtOWNkZC0z
YmY1LTg2ZmMtNDg4MmY2NGEyM2M5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIIBYwYIKwYBBQUHAQcBAf8EggFSMIIBTjCCAUoEAgABMIIB
QgMEABcbDgMEABcbFwMEABcbfwMEABcb8wMEABcb+AMEABfmHQMEABfmQwMEADJ1
LQMEADJ1YAMEADJ2/wMEAGiktAMEAGilHQMEAGileAMEAGilhgMEAGj9agMEAGj9
hAMEAGj9iwMEAGj9kAMEAGj9kgMEAGj9lgMEAGukVQMEAGukkTAMAwQAa6THAwQA
a6TIAwQAa6WKAwQAa6WhAwQAa6XCAwQAa7ojAwQAiAAvAwQAiABDAwQAiABjAwQA
iADiAwQAjm/bMAwDBACO/DMDBACO/DQDBACmWJUDBACseA4DBACs/BkDBACs/BwD
BAGs/DYDBACs/IcDBACs/IkDBACs/IsDBACs/KgDBACs/NcDBACt9VQDBADNpAkD
BADNpCADBADNpDsDBADRSYQDBAHRSYgDBADYrIcDBADYrIowVAYDVR0gAQH/BEow
SDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5l
dC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAkfZX
Hy8ma2uA8vQB0eLnihFyVAkGFkm09Z1kG/VBt/vMMH/PIlp78C7Sqdn6gtzU9Og2
l5sh1cMSE0x9zWJwwJDYmpc+SGUxkBDW8fBGTGdk7kr0ODBhWE7fvg1B++lpQXyK
0oxT4ttxKUJBPHEq+t3TYbsNFqSIKeX7OFLCORJYWBN6Tmh+FDotEZww9xh8lBSc
oEaH8uWPXVvdIn8cB+hQjlslbe1/6Kfrf/ICFrXdzxqYXYdHDvJ2WKYAVXAVQDsp
cPazbVvtDsQ0gU2Bk3SftpRHZvW5KBj0V40vzOhvtHSPlTEj9aRIChNVNdWrAriY
5/erq+GGGlQUuUJE7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:42:12 2024 by rpki-client on console-ams.rpki-client.org