Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/5fb4e21a-53ad-3754-aa91-451ed1cb4aa6.roa
File: 5fb4e21a-53ad-3754-aa91-451ed1cb4aa6.roa (raw, json)
Hash identifier: XCOl/2WQ6t3WXbaTRfP88rthTo2ISf0jnMsFMuxieKs=
Subject key identifier: 4A:70:62:A8:68:7E:40:59:95:2F:86:82:CF:49:19:48:DD:B9:5F:62
Certificate issuer: /CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Certificate serial: 010D0C9F43285848A501D85EE57995C973928440
Authority key identifier: A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/5fb4e21a-53ad-3754-aa91-451ed1cb4aa6.roa
Signing time: Thu 23 Jan 2025 22:38:59 +0000
ROA not before: Thu 23 Jan 2025 22:38:59 +0000
ROA not after: Wed 23 Apr 2025 21:38:59 +0000
asID: 36352
IP address blocks: 64.188.16.0/24 maxlen: 24
64.188.30.0/24 maxlen: 24
66.63.172.0/24 maxlen: 24
66.63.173.0/24 maxlen: 24
66.63.177.0/24 maxlen: 24
66.63.184.0/24 maxlen: 24
66.63.190.0/24 maxlen: 24
66.212.16.0/24 maxlen: 24
66.212.17.0/24 maxlen: 24
66.212.29.0/24 maxlen: 24
66.212.30.0/24 maxlen: 24
66.212.31.0/24 maxlen: 24
67.215.224.0/24 maxlen: 24
67.215.229.0/24 maxlen: 24
67.215.232.0/24 maxlen: 24
67.215.241.0/24 maxlen: 24
67.215.243.0/24 maxlen: 24
67.215.245.0/24 maxlen: 24
67.215.246.0/24 maxlen: 24
67.215.247.0/24 maxlen: 24
216.45.48.0/24 maxlen: 24
216.45.54.0/24 maxlen: 24
216.45.58.0/24 maxlen: 24
216.45.59.0/24 maxlen: 24
216.144.224.0/24 maxlen: 24
216.144.239.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:48:a5:01:d8:5e:e5:79:95:c9:73:92:84:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Validity
Not Before: Jan 23 22:38:59 2025 GMT
Not After : Apr 23 21:38:59 2025 GMT
Subject: CN=c9712b61-2348-48c8-b36d-726ef3bdbcaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:74:d7:6e:11:ba:ba:0c:b5:b3:2f:ca:44:80:
25:78:9d:86:f5:cc:a8:d7:cd:eb:92:f1:d2:fa:cc:
0e:96:44:68:e0:9e:59:e1:80:0a:43:29:cf:c3:aa:
62:64:6e:bb:16:9b:fb:4b:4f:63:33:52:a5:04:0b:
1e:f6:09:70:43:51:b0:fc:3c:26:02:67:44:0c:3b:
53:08:fc:6d:c3:c9:a1:ab:47:bd:73:da:76:1d:a5:
73:f8:13:05:41:78:5e:ee:a5:f8:2d:ae:41:1f:17:
de:ef:db:76:8e:a0:fb:90:fc:be:8f:a5:18:2e:c3:
d1:68:8a:23:5a:93:ed:8e:ab:88:77:ba:f8:f6:ff:
22:90:be:c4:6d:62:40:19:63:8f:9a:8c:90:01:a0:
fb:d3:52:26:3b:c5:f5:a4:7e:65:e7:f4:6f:64:47:
b5:a0:d0:cb:39:f1:b4:f7:b6:cb:54:f1:44:2e:35:
6e:c3:df:7b:e1:13:21:e8:b4:ad:ef:b8:c9:18:87:
af:a8:42:ba:00:52:14:23:54:a7:6e:79:6d:e5:ab:
94:ce:62:2a:39:80:a3:75:8e:81:2e:19:f9:5c:33:
56:42:ef:86:5b:fb:cd:bb:c4:df:08:a6:b8:30:19:
af:d9:04:8d:a4:0d:bc:d5:c1:3f:f3:fd:b8:68:79:
b8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:70:62:A8:68:7E:40:59:95:2F:86:82:CF:49:19:48:DD:B9:5F:62
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/5fb4e21a-53ad-3754-aa91-451ed1cb4aa6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.crl
X509v3 Authority Key Identifier:
keyid:A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
sbgp-ipAddrBlock: critical
IPv4:
64.188.16.0/24
64.188.30.0/24
66.63.172.0/23
66.63.177.0/24
66.63.184.0/24
66.63.190.0/24
66.212.16.0/23
66.212.29.0-66.212.31.255
67.215.224.0/24
67.215.229.0/24
67.215.232.0/24
67.215.241.0/24
67.215.243.0/24
67.215.245.0-67.215.247.255
216.45.48.0/24
216.45.54.0/24
216.45.58.0/23
216.144.224.0/24
216.144.239.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
06:55:d8:6b:96:4a:d7:e4:5a:8d:a0:8f:dd:5f:57:3f:f8:30:
d8:cb:7a:93:ca:9d:cb:bd:50:99:ae:df:23:2e:38:e7:33:7a:
a3:c5:54:b6:01:0f:d4:92:d9:2f:64:6f:9e:f8:42:90:4a:c8:
2a:19:b7:e4:52:03:83:d6:2b:35:37:be:b2:fa:d7:af:88:51:
6e:b4:fa:8d:db:f6:6f:2e:5a:ae:8a:0e:4e:58:4c:37:82:43:
00:ac:01:dd:50:73:5a:bb:14:df:3d:61:41:44:26:f2:34:3c:
e1:99:9b:4c:05:ab:99:a7:25:44:cb:5a:10:70:1d:ba:17:37:
79:93:4d:50:26:f6:44:71:7f:90:3c:af:8a:2f:19:40:c8:63:
ad:da:9d:76:14:3b:b2:0f:ea:cd:d7:f7:7f:a1:f5:3c:2e:59:
1b:d4:cc:3f:59:e0:3a:48:eb:80:c2:a6:00:f2:f1:69:2d:81:
0f:8a:58:50:bc:46:d9:fc:1f:d1:0c:43:ff:e0:31:62:77:ef:
3c:21:b5:84:77:21:5f:d0:b0:a8:69:29:c3:72:ad:b8:1b:43:
1f:f0:ad:90:e8:28:99:37:52:56:8b:f8:43:fd:7d:c5:9f:5e:
a1:9e:65:23:1c:40:1d:2a:47:76:d1:ce:3f:21:8f:be:b2:45:
f9:b8:99:13
-----BEGIN CERTIFICATE-----
MIIGxDCCBaygAwIBAgIUAQ0Mn0MoWEilAdhe5XmVyXOShEAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjg3NmQ1YTgtNWRkNi00NDBhLTk3ZTItNWUyMGI5ZTAw
ZjVjMB4XDTI1MDEyMzIyMzg1OVoXDTI1MDQyMzIxMzg1OVowLzEtMCsGA1UEAxMk
Yzk3MTJiNjEtMjM0OC00OGM4LWIzNmQtNzI2ZWYzYmRiY2FmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonTXbhG6ugy1sy/KRIAleJ2G9cyo183rkvHS
+swOlkRo4J5Z4YAKQynPw6piZG67Fpv7S09jM1KlBAse9glwQ1Gw/DwmAmdEDDtT
CPxtw8mhq0e9c9p2HaVz+BMFQXhe7qX4La5BHxfe79t2jqD7kPy+j6UYLsPRaIoj
WpPtjquId7r49v8ikL7EbWJAGWOPmoyQAaD701ImO8X1pH5l5/RvZEe1oNDLOfG0
97bLVPFELjVuw9974RMh6LSt77jJGIevqEK6AFIUI1Snbnlt5auUzmIqOYCjdY6B
Lhn5XDNWQu+GW/vNu8TfCKa4MBmv2QSNpA281cE/8/24aHm4QQIDAQABo4ID1jCC
A9IwHQYDVR0OBBYEFEpwYqhofkBZlS+Ggs9JGUjduV9iMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2
ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIwYjllMDBmNWMvNWZiNGUyMWEtNTNhZC0z
NzU0LWFhOTEtNDUxZWQxY2I0YWE2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjg3NmQ1YTgtNWRkNi00NDBhLTk3
ZTItNWUyMGI5ZTAwZjVjLzY4NzZkNWE4LTVkZDYtNDQwYS05N2UyLTVlMjBiOWUw
MGY1Yy5jcmwwHwYDVR0jBBgwFoAUoSduxM+Q6aeKON2MubjRHPAXmrMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIw
YjllMDBmNWMuY2VyMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBABA
vBADBABAvB4DBAFCP6wDBABCP7EDBABCP7gDBABCP74DBAFC1BAwDAMEAELUHQME
BULUAAMEAEPX4AMEAEPX5QMEAEPX6AMEAEPX8QMEAEPX8zAMAwQAQ9f1AwQDQ9fw
AwQA2C0wAwQA2C02AwQB2C06AwQA2JDgAwQA2JDvMFQGA1UdIAEB/wRKMEgwRgYI
KwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVz
b3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBAAZV2GuWStfk
Wo2gj91fVz/4MNjLepPKncu9UJmu3yMuOOczeqPFVLYBD9SS2S9kb574QpBKyCoZ
t+RSA4PWKzU3vrL616+IUW60+o3b9m8uWq6KDk5YTDeCQwCsAd1Qc1q7FN89YUFE
JvI0POGZm0wFq5mnJUTLWhBwHboXN3mTTVAm9kRxf5A8r4ovGUDIY63anXYUO7IP
6s3X93+h9TwuWRvUzD9Z4DpI64DCpgDy8WktgQ+KWFC8Rtn8H9EMQ//gMWJ37zwh
tYR3IV/QsKhpKcNyrbgbQx/wrZDoKJk3UlaL+EP9fcWfXqGeZSMcQB0qR3bRzj8h
j76yRfm4mRM=
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:39:29 2025 by rpki-client