Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/ed313ca7-81e7-42e2-bf38-c96bb839ecf4/35e5f7de-3d03-37f0-b927-9f8f60a8ee4b.roa
File: 35e5f7de-3d03-37f0-b927-9f8f60a8ee4b.roa (raw, json)
Hash identifier: sCqApPOKTa9tFf/8cqOqraPvKp0YeSvERPKHkE4ylYI=
Subject key identifier: 85:3D:D2:5B:3B:F5:55:D7:3D:74:EA:2C:C6:24:3A:29:41:7C:AF:BC
Certificate issuer: /CN=ed313ca7-81e7-42e2-bf38-c96bb839ecf4
Certificate serial: 010D0C9F43285848100A8227D49DDC8F19A5BAC0
Authority key identifier: 5D:97:76:7A:E5:5A:DA:95:2E:FE:14:AC:9E:8B:EE:E4:E8:FD:92:DF
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/ed313ca7-81e7-42e2-bf38-c96bb839ecf4.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/ed313ca7-81e7-42e2-bf38-c96bb839ecf4/35e5f7de-3d03-37f0-b927-9f8f60a8ee4b.roa
Signing time: Sun 01 Dec 2024 14:00:51 +0000
ROA not before: Sun 01 Dec 2024 14:00:51 +0000
ROA not after: Sat 01 Mar 2025 14:00:51 +0000
asID: 8038
IP address blocks: 67.221.240.0/24 maxlen: 24
67.221.241.0/24 maxlen: 24
67.221.242.0/24 maxlen: 24
67.221.243.0/24 maxlen: 24
67.221.248.0/24 maxlen: 24
67.221.249.0/24 maxlen: 24
67.221.250.0/24 maxlen: 24
67.221.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:48:10:0a:82:27:d4:9d:dc:8f:19:a5:ba:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed313ca7-81e7-42e2-bf38-c96bb839ecf4
Validity
Not Before: Dec 1 14:00:51 2024 GMT
Not After : Mar 1 14:00:51 2025 GMT
Subject: CN=d7660443-e362-4ead-a0a1-ada7d0e05176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:44:0c:e4:64:28:82:0c:37:f3:18:59:69:52:
e3:a4:b8:8d:f5:f3:b6:30:42:0f:64:78:ba:02:8d:
6d:dd:8f:5a:03:60:4e:00:62:78:4d:86:4d:54:e2:
7a:cd:17:15:20:a9:34:9f:f6:29:57:15:1b:38:14:
d0:11:90:f0:da:1c:44:df:02:f2:69:fb:10:60:81:
68:a2:48:3d:dd:20:c3:98:6b:95:b9:19:0c:da:16:
4a:cb:70:1d:9f:24:ef:df:4a:ca:96:a8:2b:0c:17:
8f:34:c8:b1:e6:d9:1a:21:50:5f:c7:93:06:f7:30:
4a:92:70:28:a7:34:53:11:46:3e:3d:7b:ac:0d:41:
5a:67:de:ba:04:58:d2:2a:ec:77:83:40:77:b7:83:
6f:d2:cd:1e:c9:85:65:ba:15:09:b6:f3:0e:e1:81:
12:ea:96:51:ca:a7:67:f4:67:db:1b:3c:66:3b:b6:
95:c3:1b:43:92:68:72:ad:c8:1c:eb:cd:0a:9f:9f:
a7:dd:49:32:c3:03:67:5b:fc:b0:c7:ed:1d:75:94:
2c:08:f8:14:5a:16:db:bf:91:cb:95:93:54:75:7c:
fa:1c:7f:e6:92:15:03:61:fc:ff:b8:7a:37:dc:ac:
71:3b:c7:f3:8e:25:50:0d:45:25:4b:44:1a:39:3f:
b3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3D:D2:5B:3B:F5:55:D7:3D:74:EA:2C:C6:24:3A:29:41:7C:AF:BC
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/ed313ca7-81e7-42e2-bf38-c96bb839ecf4/35e5f7de-3d03-37f0-b927-9f8f60a8ee4b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/ed313ca7-81e7-42e2-bf38-c96bb839ecf4/ed313ca7-81e7-42e2-bf38-c96bb839ecf4.crl
X509v3 Authority Key Identifier:
keyid:5D:97:76:7A:E5:5A:DA:95:2E:FE:14:AC:9E:8B:EE:E4:E8:FD:92:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/ed313ca7-81e7-42e2-bf38-c96bb839ecf4.cer
sbgp-ipAddrBlock: critical
IPv4:
67.221.240.0/22
67.221.248.0-67.221.250.255
67.221.254.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
8e:23:9e:02:31:1d:19:a2:bd:8a:f8:48:46:42:ac:2b:06:85:
97:7a:07:72:8d:04:d7:8a:f2:2d:fe:e7:3b:4b:66:fc:d6:bb:
b6:fa:d6:aa:2f:aa:53:f3:ea:76:c2:c1:fd:55:10:2d:f3:ca:
a5:98:2e:6a:d6:07:96:6c:16:f2:3a:70:76:67:75:f4:0b:ef:
75:66:f2:2e:a1:42:da:02:bc:a2:5f:6b:31:db:7c:3f:a4:9f:
aa:c3:6a:55:0f:fe:af:f9:90:0a:83:b7:b9:0f:88:03:b6:32:
86:14:27:c9:52:4e:f0:90:f6:91:30:77:2b:7b:b0:37:78:27:
c8:ad:47:8b:4e:92:07:23:e7:d6:5e:34:de:fe:95:10:b8:61:
3b:44:7d:18:cb:98:08:ac:fa:a3:ed:0c:29:70:6c:6a:a9:38:
00:3a:55:73:c3:95:36:36:65:75:3d:66:ce:b8:22:1b:9a:b9:
06:35:63:86:b8:ab:b9:06:01:b8:93:dd:74:42:c6:19:05:0f:
f9:b8:17:46:e8:39:a6:f7:4e:c5:12:b8:24:35:cd:55:63:07:
3d:40:6c:c6:51:80:4a:22:3d:fe:f0:09:cd:96:a8:56:4f:ca:
9b:79:6b:cc:07:25:c3:9f:1c:b0:fc:48:aa:e2:f7:09:98:a7:
19:1b:dc:48
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgIUAQ0Mn0MoWEgQCoIn1J3cjxmlusAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZWQzMTNjYTctODFlNy00MmUyLWJmMzgtYzk2YmI4Mzll
Y2Y0MB4XDTI0MTIwMTE0MDA1MVoXDTI1MDMwMTE0MDA1MVowLzEtMCsGA1UEAxMk
ZDc2NjA0NDMtZTM2Mi00ZWFkLWEwYTEtYWRhN2QwZTA1MTc2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEQM5GQoggw38xhZaVLjpLiN9fO2MEIPZHi6
Ao1t3Y9aA2BOAGJ4TYZNVOJ6zRcVIKk0n/YpVxUbOBTQEZDw2hxE3wLyafsQYIFo
okg93SDDmGuVuRkM2hZKy3AdnyTv30rKlqgrDBePNMix5tkaIVBfx5MG9zBKknAo
pzRTEUY+PXusDUFaZ966BFjSKux3g0B3t4Nv0s0eyYVluhUJtvMO4YES6pZRyqdn
9GfbGzxmO7aVwxtDkmhyrcgc680Kn5+n3UkywwNnW/ywx+0ddZQsCPgUWhbbv5HL
lZNUdXz6HH/mkhUDYfz/uHo33KxxO8fzjiVQDUUlS0QaOT+zdQIDAQABo4IDaTCC
A2UwHQYDVR0OBBYEFIU90ls79VXXPXTqLMYkOilBfK+8MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC9lZDMx
M2NhNy04MWU3LTQyZTItYmYzOC1jOTZiYjgzOWVjZjQvMzVlNWY3ZGUtM2QwMy0z
N2YwLWI5MjctOWY4ZjYwYThlZTRiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvZWQzMTNjYTctODFlNy00MmUyLWJm
MzgtYzk2YmI4MzllY2Y0L2VkMzEzY2E3LTgxZTctNDJlMi1iZjM4LWM5NmJiODM5
ZWNmNC5jcmwwHwYDVR0jBBgwFoAUXZd2euVa2pUu/hSsnovu5Oj9kt8wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC9lZDMxM2NhNy04MWU3LTQyZTItYmYzOC1jOTZi
YjgzOWVjZjQuY2VyMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCQ93wMAwD
BAND3fgDBABD3foDBABD3f4wVAYDVR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgG
CCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9j
cHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAjiOeAjEdGaK9ivhIRkKsKwaFl3oH
co0E14ryLf7nO0tm/Na7tvrWqi+qU/PqdsLB/VUQLfPKpZguatYHlmwW8jpwdmd1
9AvvdWbyLqFC2gK8ol9rMdt8P6SfqsNqVQ/+r/mQCoO3uQ+IA7YyhhQnyVJO8JD2
kTB3K3uwN3gnyK1Hi06SByPn1l403v6VELhhO0R9GMuYCKz6o+0MKXBsaqk4ADpV
c8OVNjZldT1mzrgiG5q5BjVjhriruQYBuJPddELGGQUP+bgXRug5pvdOxRK4JDXN
VWMHPUBsxlGASiI9/vAJzZaoVk/Km3lrzAclw58csPxIquL3CZinGRvcSA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 11:03:45 2025 by rpki-client