Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/ffd2abe8-0214-317f-913e-d30865c4956a.roa
File: ffd2abe8-0214-317f-913e-d30865c4956a.roa (raw, json)
Hash identifier: SweIkrZoMakndFKUD5KGELhPdy/qNzAjR/BU8nnjpDo=
Subject key identifier: F0:A4:8B:53:57:1F:1E:7D:92:22:6D:1A:7C:15:4A:1B:14:C0:7C:65
Certificate issuer: /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial: 010D0C9F43285843E8C0FF1412315DDF3CFA0400
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/ffd2abe8-0214-317f-913e-d30865c4956a.roa
Signing time: Thu 16 Nov 2023 17:08:36 +0000
ROA not before: Thu 16 Nov 2023 17:08:36 +0000
ROA not after: Wed 14 Feb 2024 17:08:36 +0000
asID: 397373
IP address blocks: 107.165.211.0/24 maxlen: 24
107.164.187.0/24 maxlen: 24
107.164.38.0/24 maxlen: 24
104.164.160.0/24 maxlen: 24
104.253.217.0/24 maxlen: 24
107.164.10.0/24 maxlen: 24
107.164.130.0/24 maxlen: 24
107.164.135.0/24 maxlen: 24
107.164.178.0/24 maxlen: 24
107.165.4.0/24 maxlen: 24
107.165.66.0/24 maxlen: 24
107.165.154.0/24 maxlen: 24
107.165.160.0/24 maxlen: 24
107.165.167.0/24 maxlen: 24
107.165.178.0/24 maxlen: 24
107.165.190.0/24 maxlen: 24
107.165.220.0/24 maxlen: 24
107.165.254.0/24 maxlen: 24
107.186.17.0/24 maxlen: 24
107.186.40.0/24 maxlen: 24
107.186.42.0/24 maxlen: 24
107.186.53.0/24 maxlen: 24
107.186.70.0/24 maxlen: 24
107.186.74.0/24 maxlen: 24
107.186.80.0/24 maxlen: 24
107.186.93.0/24 maxlen: 24
107.186.145.0/24 maxlen: 24
107.186.150.0/24 maxlen: 24
107.186.195.0/24 maxlen: 24
107.186.196.0/24 maxlen: 24
107.186.230.0/24 maxlen: 24
107.187.36.0/24 maxlen: 24
107.187.55.0/24 maxlen: 24
107.187.97.0/24 maxlen: 24
107.187.106.0/24 maxlen: 24
136.0.55.0/24 maxlen: 24
136.0.60.0/24 maxlen: 24
136.0.71.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:43:e8:c0:ff:14:12:31:5d:df:3c:fa:04:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
Validity
Not Before: Nov 16 17:08:36 2023 GMT
Not After : Feb 14 17:08:36 2024 GMT
Subject: CN=abae7108-344f-4c17-81c7-87d74c3a8abe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:23:39:f3:a8:9e:5c:f4:60:78:ef:04:08:1b:
a3:bf:14:fe:5c:d5:f6:47:27:d9:b1:e2:b3:c0:46:
bb:78:ca:7f:25:df:95:a7:e9:81:ec:6f:c0:9d:5f:
ac:71:9b:8f:55:6e:f2:09:5e:58:3a:03:6c:b3:42:
4d:c5:1a:ce:da:37:93:e1:a4:ed:91:9b:3d:f2:b0:
40:2d:86:73:8a:7f:b6:ef:12:d3:71:47:a1:34:75:
89:d8:3c:f3:6d:35:73:93:26:66:eb:b8:81:f6:48:
9f:54:06:8d:a2:72:d8:8d:42:73:04:b2:36:fd:2b:
d2:73:30:85:4e:87:f6:9d:46:7e:81:1c:a4:04:04:
bf:d7:51:c5:36:ef:bd:51:d1:f8:9c:9e:59:0a:ee:
1f:a2:03:89:98:b9:c9:f8:c6:25:2b:f8:e0:cb:85:
7a:0d:59:5b:69:07:72:21:c1:ac:21:d1:9d:bb:c1:
64:ff:4d:68:26:fb:53:b9:7f:24:fe:29:32:ca:8f:
76:ed:20:d1:a6:18:a3:81:0f:52:57:cc:57:05:f5:
ea:71:e3:3c:bd:c8:f4:6e:c8:e9:72:d6:39:ed:97:
8b:04:1d:b3:55:aa:7f:cf:48:61:61:4a:fe:8a:77:
e2:e8:d6:50:b7:5c:b2:3c:44:35:97:5f:41:26:ec:
cf:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A4:8B:53:57:1F:1E:7D:92:22:6D:1A:7C:15:4A:1B:14:C0:7C:65
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/ffd2abe8-0214-317f-913e-d30865c4956a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl
X509v3 Authority Key Identifier:
keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
sbgp-ipAddrBlock: critical
IPv4:
104.164.160.0/24
104.253.217.0/24
107.164.10.0/24
107.164.38.0/24
107.164.130.0/24
107.164.135.0/24
107.164.178.0/24
107.164.187.0/24
107.165.4.0/24
107.165.66.0/24
107.165.154.0/24
107.165.160.0/24
107.165.167.0/24
107.165.178.0/24
107.165.190.0/24
107.165.211.0/24
107.165.220.0/24
107.165.254.0/24
107.186.17.0/24
107.186.40.0/24
107.186.42.0/24
107.186.53.0/24
107.186.70.0/24
107.186.74.0/24
107.186.80.0/24
107.186.93.0/24
107.186.145.0/24
107.186.150.0/24
107.186.195.0-107.186.196.255
107.186.230.0/24
107.187.36.0/24
107.187.55.0/24
107.187.97.0/24
107.187.106.0/24
136.0.55.0/24
136.0.60.0/24
136.0.71.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
18:fb:79:97:5d:3d:05:0b:30:e1:59:db:6b:de:e2:8c:b5:8d:
5d:3b:ff:6f:c7:74:84:6a:e7:03:b3:04:d1:be:08:9d:54:dc:
2e:7b:cf:b2:6e:66:a9:3c:34:98:4a:96:11:83:39:7a:50:a4:
a5:b5:7c:5c:39:3f:a7:57:d3:1c:70:b3:d8:68:08:42:1e:fc:
e0:b2:4e:30:7d:16:ad:33:f0:c1:8e:5d:07:a8:65:04:63:98:
67:f1:65:21:10:c0:03:49:60:8e:ce:79:df:c4:98:66:fa:63:
75:39:06:96:26:c3:15:04:b8:c3:02:cb:b1:c2:22:e2:95:6d:
92:3e:64:cc:fb:94:c3:73:0f:9b:2e:33:8f:20:7f:98:f8:61:
ca:de:d8:d6:08:da:88:67:f2:5d:d2:1d:9a:67:91:9a:85:3e:
ae:64:18:d7:c1:31:26:a9:73:82:ae:f8:41:19:de:94:fe:61:
9d:8c:b2:ce:3b:20:f6:40:ea:76:d9:ad:dc:0c:c6:ae:67:bb:
39:b5:1a:1f:3d:85:0c:a5:00:71:27:5a:ad:54:ea:0e:c6:09:
13:2b:c7:71:e0:f7:2a:4a:53:99:b1:d2:db:64:73:63:9e:85:
07:85:dd:d3:a5:9f:1f:9b:f5:5f:21:30:05:ee:7b:3f:f7:13:
5e:6b:37:f9
-----BEGIN CERTIFICATE-----
MIIHKTCCBhGgAwIBAgIUAQ0Mn0MoWEPowP8UEjFd3zz6BAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIzMTExNjE3MDgzNloXDTI0MDIxNDE3MDgzNlowLzEtMCsGA1UEAxMk
YWJhZTcxMDgtMzQ0Zi00YzE3LTgxYzctODdkNzRjM2E4YWJlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSM586ieXPRgeO8ECBujvxT+XNX2RyfZseKz
wEa7eMp/Jd+Vp+mB7G/AnV+scZuPVW7yCV5YOgNss0JNxRrO2jeT4aTtkZs98rBA
LYZzin+27xLTcUehNHWJ2DzzbTVzkyZm67iB9kifVAaNonLYjUJzBLI2/SvSczCF
Tof2nUZ+gRykBAS/11HFNu+9UdH4nJ5ZCu4fogOJmLnJ+MYlK/jgy4V6DVlbaQdy
IcGsIdGdu8Fk/01oJvtTuX8k/ikyyo927SDRphijgQ9SV8xXBfXqceM8vcj0bsjp
ctY57ZeLBB2zVap/z0hhYUr+infi6NZQt1yyPEQ1l19BJuzPbQIDAQABo4IEOzCC
BDcwHQYDVR0OBBYEFPCki1NXHx59kiJtGnwVShsUwHxlMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvZmZkMmFiZTgtMDIxNC0z
MTdmLTkxM2UtZDMwODY1YzQ5NTZhLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQA
aKSgAwQAaP3ZAwQAa6QKAwQAa6QmAwQAa6SCAwQAa6SHAwQAa6SyAwQAa6S7AwQA
a6UEAwQAa6VCAwQAa6WaAwQAa6WgAwQAa6WnAwQAa6WyAwQAa6W+AwQAa6XTAwQA
a6XcAwQAa6X+AwQAa7oRAwQAa7ooAwQAa7oqAwQAa7o1AwQAa7pGAwQAa7pKAwQA
a7pQAwQAa7pdAwQAa7qRAwQAa7qWMAwDBABrusMDBABrusQDBABruuYDBABruyQD
BABruzcDBABru2EDBABru2oDBACIADcDBACIADwDBACIAEcwVAYDVR0gAQH/BEow
SDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5l
dC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAGPt5
l109BQsw4Vnba97ijLWNXTv/b8d0hGrnA7ME0b4InVTcLnvPsm5mqTw0mEqWEYM5
elCkpbV8XDk/p1fTHHCz2GgIQh784LJOMH0WrTPwwY5dB6hlBGOYZ/FlIRDAA0lg
js5538SYZvpjdTkGlibDFQS4wwLLscIi4pVtkj5kzPuUw3MPmy4zjyB/mPhhyt7Y
1gjaiGfyXdIdmmeRmoU+rmQY18ExJqlzgq74QRnelP5hnYyyzjsg9kDqdtmt3AzG
rme7ObUaHz2FDKUAcSdarVTqDsYJEyvHceD3KkpTmbHS22RzY56FB4Xd06WfH5v1
XyEwBe57P/cTXms3+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:42:14 2024 by rpki-client on console-ams.rpki-client.org