Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/e34257a5-a205-3c75-a5be-1597be2d92be.roa
File: e34257a5-a205-3c75-a5be-1597be2d92be.roa (raw, json)
Hash identifier: Sd+CTuZI6C7dpux+TO+i2njfN2Keno6jULneuppYLiI=
Subject key identifier: 6B:27:DF:75:88:EA:79:E2:20:AC:0F:CB:C4:77:68:E9:47:86:49:EC
Certificate issuer: /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial: 010D0C9F43285845327A9C0E20D3164373A26580
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/e34257a5-a205-3c75-a5be-1597be2d92be.roa
Signing time: Wed 13 Mar 2024 19:43:32 +0000
ROA not before: Wed 13 Mar 2024 19:43:32 +0000
ROA not after: Tue 11 Jun 2024 19:43:32 +0000
asID: 6939
IP address blocks: 142.252.92.0/24 maxlen: 24
142.252.19.0/24 maxlen: 24
142.252.5.0/24 maxlen: 24
136.0.246.0/24 maxlen: 24
136.0.252.0/24 maxlen: 24
136.0.241.0/24 maxlen: 24
136.0.245.0/24 maxlen: 24
136.0.229.0/24 maxlen: 24
136.0.231.0/24 maxlen: 24
136.0.201.0/24 maxlen: 24
136.0.204.0/24 maxlen: 24
136.0.113.0/24 maxlen: 24
136.0.130.0/24 maxlen: 24
136.0.83.0/24 maxlen: 24
136.0.94.0/24 maxlen: 24
136.0.54.0/24 maxlen: 24
136.0.72.0/24 maxlen: 24
136.0.34.0/24 maxlen: 24
136.0.53.0/24 maxlen: 24
142.252.16.0/24 maxlen: 24
142.252.18.0/24 maxlen: 24
142.252.40.0/24 maxlen: 24
142.252.48.0/24 maxlen: 24
142.252.56.0/24 maxlen: 24
142.252.205.0/24 maxlen: 24
172.120.9.0/24 maxlen: 24
172.120.15.0/24 maxlen: 24
172.121.255.0/24 maxlen: 24
172.252.10.0/24 maxlen: 24
172.252.22.0/24 maxlen: 24
172.252.94.0/24 maxlen: 24
172.252.181.0/24 maxlen: 24
172.252.196.0/24 maxlen: 24
172.252.198.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:45:32:7a:9c:0e:20:d3:16:43:73:a2:65:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
Validity
Not Before: Mar 13 19:43:32 2024 GMT
Not After : Jun 11 19:43:32 2024 GMT
Subject: CN=531713eb-b540-4548-99ec-cfbd4a973576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e5:0d:67:67:02:2c:f9:0b:d5:a1:6d:c1:14:
7b:1f:88:c2:9e:8f:37:0a:a8:74:3f:c6:38:e9:b1:
93:88:29:91:40:49:54:9a:56:1c:db:fa:c3:a6:b4:
f2:00:e0:68:72:b0:66:3a:da:b3:6e:75:08:c8:5b:
18:5c:64:cc:6a:34:0e:49:35:72:fe:7d:a7:03:56:
5c:03:09:44:ad:9e:5f:6c:b3:64:7e:54:5b:54:e1:
50:32:d5:af:59:fd:8e:86:d6:7e:f1:90:00:1f:26:
2f:b9:2b:fd:2a:fc:e8:75:a0:12:bf:08:9b:cd:04:
79:0d:2a:6b:c6:49:b7:99:17:48:83:45:08:7c:a9:
7b:de:2e:48:83:43:4d:a4:1f:6c:10:65:0d:a0:32:
c4:60:04:bc:02:f2:39:df:d9:5d:39:66:51:e6:aa:
9c:a9:98:e0:ba:60:34:cd:70:f1:68:1f:2c:ce:f6:
ec:e7:c8:fb:bd:ae:39:88:30:30:c6:4e:85:15:c3:
64:65:b0:65:05:de:4d:f6:78:eb:2e:1c:68:ce:f4:
df:63:77:57:b5:92:c6:0f:ee:b5:00:b1:40:ac:df:
36:b3:ba:a1:a3:24:3f:f5:96:90:05:22:c6:d9:0e:
5b:cb:37:81:1f:9b:88:79:67:44:dd:e2:b3:ab:16:
a4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:27:DF:75:88:EA:79:E2:20:AC:0F:CB:C4:77:68:E9:47:86:49:EC
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/e34257a5-a205-3c75-a5be-1597be2d92be.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl
X509v3 Authority Key Identifier:
keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
sbgp-ipAddrBlock: critical
IPv4:
136.0.34.0/24
136.0.53.0-136.0.54.255
136.0.72.0/24
136.0.83.0/24
136.0.94.0/24
136.0.113.0/24
136.0.130.0/24
136.0.201.0/24
136.0.204.0/24
136.0.229.0/24
136.0.231.0/24
136.0.241.0/24
136.0.245.0-136.0.246.255
136.0.252.0/24
142.252.5.0/24
142.252.16.0/24
142.252.18.0/23
142.252.40.0/24
142.252.48.0/24
142.252.56.0/24
142.252.92.0/24
142.252.205.0/24
172.120.9.0/24
172.120.15.0/24
172.121.255.0/24
172.252.10.0/24
172.252.22.0/24
172.252.94.0/24
172.252.181.0/24
172.252.196.0/24
172.252.198.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
0f:16:db:75:64:ac:81:db:57:0a:04:4d:42:af:0a:58:c8:ab:
e2:73:90:80:f8:6f:6c:7e:2b:33:74:95:6e:d5:61:c5:4b:f4:
31:49:e4:47:53:0b:68:7a:d3:b8:7a:9b:a9:8e:10:05:5d:6f:
27:3e:fd:50:86:a2:9d:87:a9:48:95:34:0e:d9:bd:3f:35:4b:
a7:cd:1c:f7:d7:51:85:c0:67:d3:fd:a5:8a:e2:2a:09:19:96:
ef:c4:69:73:15:63:e3:a7:e0:bf:ce:2b:43:51:4b:1f:96:04:
f7:7f:4b:9c:1f:c7:d7:17:d8:24:d2:be:4c:a4:37:d8:61:70:
50:af:aa:8b:1a:14:de:c6:35:99:02:d3:84:c7:60:82:de:12:
6e:73:b1:a9:59:de:c7:0f:bb:f1:14:fd:94:9f:c9:06:b3:2b:
7d:be:6d:9e:19:e7:61:39:ed:38:06:7a:db:af:14:d1:65:b0:
7f:e2:21:a6:02:53:bb:b6:67:54:2a:16:cf:16:c1:17:f3:f8:
62:51:ef:0d:c2:9c:36:94:4d:58:d3:0f:d5:37:13:88:f9:da:
52:83:d6:f5:71:b5:14:a4:ee:76:e5:6c:6b:6a:93:46:f8:41:
e6:39:58:bf:f4:4a:59:ed:95:bb:15:d1:eb:48:0c:11:bf:4c:
00:e5:9e:10
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgIUAQ0Mn0MoWEUyepwOINMWQ3OiZYAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDMxMzE5NDMzMloXDTI0MDYxMTE5NDMzMlowLzEtMCsGA1UEAxMk
NTMxNzEzZWItYjU0MC00NTQ4LTk5ZWMtY2ZiZDRhOTczNTc2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieUNZ2cCLPkL1aFtwRR7H4jCno83Cqh0P8Y4
6bGTiCmRQElUmlYc2/rDprTyAOBocrBmOtqzbnUIyFsYXGTMajQOSTVy/n2nA1Zc
AwlErZ5fbLNkflRbVOFQMtWvWf2OhtZ+8ZAAHyYvuSv9KvzodaASvwibzQR5DSpr
xkm3mRdIg0UIfKl73i5Ig0NNpB9sEGUNoDLEYAS8AvI539ldOWZR5qqcqZjgumA0
zXDxaB8szvbs58j7va45iDAwxk6FFcNkZbBlBd5N9njrLhxozvTfY3dXtZLGD+61
ALFArN82s7qhoyQ/9ZaQBSLG2Q5byzeBH5uIeWdE3eKzqxak7QIDAQABo4IEHjCC
BBowHQYDVR0OBBYEFGsn33WI6nniIKwPy8R3aOlHhknsMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvZTM0MjU3YTUtYTIwNS0z
Yzc1LWE1YmUtMTU5N2JlMmQ5MmJlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBACI
ACIwDAMEAIgANQMEAIgANgMEAIgASAMEAIgAUwMEAIgAXgMEAIgAcQMEAIgAggME
AIgAyQMEAIgAzAMEAIgA5QMEAIgA5wMEAIgA8TAMAwQAiAD1AwQAiAD2AwQAiAD8
AwQAjvwFAwQAjvwQAwQBjvwSAwQAjvwoAwQAjvwwAwQAjvw4AwQAjvxcAwQAjvzN
AwQArHgJAwQArHgPAwQArHn/AwQArPwKAwQArPwWAwQArPxeAwQArPy1AwQArPzE
AwQArPzGMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYs
aHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJ
KoZIhvcNAQELBQADggEBAA8W23VkrIHbVwoETUKvCljIq+JzkID4b2x+KzN0lW7V
YcVL9DFJ5EdTC2h607h6m6mOEAVdbyc+/VCGop2HqUiVNA7ZvT81S6fNHPfXUYXA
Z9P9pYriKgkZlu/EaXMVY+On4L/OK0NRSx+WBPd/S5wfx9cX2CTSvkykN9hhcFCv
qosaFN7GNZkC04THYILeEm5zsalZ3scPu/EU/ZSfyQazK32+bZ4Z52E57TgGetuv
FNFlsH/iIaYCU7u2Z1QqFs8WwRfz+GJR7w3CnDaUTVjTD9U3E4j52lKD1vVxtRSk
7nblbGtqk0b4QeY5WL/0SlntlbsV0etIDBG/TADlnhA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:42:13 2024 by rpki-client on console-ams.rpki-client.org