Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/b980a020-518f-3ace-9491-81be40118ad1.roa
File: b980a020-518f-3ace-9491-81be40118ad1.roa (raw, json)
Hash identifier: Nk+5jbYw4XF9VpGZhOazxGdKXOFlVd98xV/xYQ2jXs8=
Subject key identifier: 49:AB:1A:FF:5F:17:3B:10:69:58:20:C3:03:F5:10:FC:F4:64:13:39
Certificate issuer: /CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Certificate serial: 010D0C9F43285848A4FF98BA1F568B955AB2ED20
Authority key identifier: A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/b980a020-518f-3ace-9491-81be40118ad1.roa
Signing time: Thu 23 Jan 2025 22:34:27 +0000
ROA not before: Thu 23 Jan 2025 22:34:27 +0000
ROA not after: Wed 23 Apr 2025 21:34:27 +0000
asID: 36352
IP address blocks: 107.150.24.0/24 maxlen: 24
107.150.29.0/24 maxlen: 24
107.161.92.0/24 maxlen: 24
167.160.160.0/24 maxlen: 24
167.160.176.0/24 maxlen: 24
167.160.178.0/24 maxlen: 24
173.44.34.0/24 maxlen: 24
173.254.196.0/24 maxlen: 24
173.254.197.0/24 maxlen: 24
173.254.199.0/24 maxlen: 24
173.254.200.0/24 maxlen: 24
173.254.203.0/24 maxlen: 24
173.254.206.0/24 maxlen: 24
173.254.207.0/24 maxlen: 24
173.254.210.0/24 maxlen: 24
173.254.214.0/24 maxlen: 24
173.254.224.0/24 maxlen: 24
173.254.226.0/24 maxlen: 24
173.254.227.0/24 maxlen: 24
173.254.229.0/24 maxlen: 24
173.254.230.0/24 maxlen: 24
173.254.245.0/24 maxlen: 24
173.254.247.0/24 maxlen: 24
173.254.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:48:a4:ff:98:ba:1f:56:8b:95:5a:b2:ed:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Validity
Not Before: Jan 23 22:34:27 2025 GMT
Not After : Apr 23 21:34:27 2025 GMT
Subject: CN=8000ffce-2d08-41d9-82e3-54e805a4e0a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c9:70:68:b5:64:c0:dc:72:09:db:71:44:75:
da:83:3f:43:41:60:0c:ce:8b:7c:29:29:97:aa:d5:
5d:8d:e8:ef:6d:9e:e0:5f:bf:d8:90:18:01:a8:15:
89:c3:d1:9e:65:a4:cf:7d:db:17:30:ce:d4:4a:b7:
41:63:08:fd:4d:bf:5d:4d:cf:10:f5:33:01:79:a7:
41:f4:24:0a:54:96:64:48:ee:50:9c:cc:c4:70:5c:
a3:9f:aa:18:bb:67:81:24:8d:49:ae:c0:f8:20:72:
3d:dd:be:75:4c:c6:4a:36:a9:66:4a:d2:e3:bd:cf:
e9:4f:4d:2e:b8:2f:fc:9c:6e:96:55:41:15:fb:bd:
c3:a2:25:db:0b:ef:b3:12:e9:fa:28:d1:0b:b4:60:
af:89:f5:3e:d1:22:02:5d:83:cd:42:98:ea:3b:dc:
aa:41:e9:ef:e9:45:a7:00:e5:f2:ca:ce:f7:f1:75:
2f:00:c9:34:86:37:9c:a3:eb:78:0a:39:d5:79:7b:
ab:77:9d:83:20:32:59:6a:75:5f:fc:5c:14:c0:49:
e3:d3:be:bd:11:e7:23:b2:13:18:3b:93:cf:e9:aa:
b7:61:7a:e9:6e:be:4e:d4:0f:54:76:5c:bb:f1:9a:
47:e1:da:07:29:fe:4a:bb:bc:f9:5e:1b:9d:d1:9d:
b8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:AB:1A:FF:5F:17:3B:10:69:58:20:C3:03:F5:10:FC:F4:64:13:39
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/b980a020-518f-3ace-9491-81be40118ad1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.crl
X509v3 Authority Key Identifier:
keyid:A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
sbgp-ipAddrBlock: critical
IPv4:
107.150.24.0/24
107.150.29.0/24
107.161.92.0/24
167.160.160.0/24
167.160.176.0/24
167.160.178.0/24
173.44.34.0/24
173.254.196.0/23
173.254.199.0-173.254.200.255
173.254.203.0/24
173.254.206.0/23
173.254.210.0/24
173.254.214.0/24
173.254.224.0/24
173.254.226.0/23
173.254.229.0-173.254.230.255
173.254.245.0/24
173.254.247.0/24
173.254.249.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
6a:82:60:e1:99:a6:e3:e7:eb:3b:5b:42:76:59:67:07:eb:c3:
39:68:09:8f:ad:e2:ff:d8:4d:ff:e2:bd:ae:3a:88:68:8b:a3:
a8:2f:0c:e0:5c:b8:db:43:ac:d8:5f:5f:3e:4f:d0:4c:08:8e:
71:ff:75:31:65:92:00:32:66:da:22:4a:f6:a3:3a:bf:38:86:
05:d2:eb:ba:74:34:41:db:c8:83:5a:3c:2e:cb:22:c4:2d:1c:
89:fb:e3:ef:f2:cf:ad:ed:e4:0b:a0:70:ec:9a:50:93:c5:dd:
88:ed:14:d8:df:a2:bf:6f:c8:35:33:fc:92:95:33:91:13:44:
5a:92:bf:09:58:54:fc:5f:cb:58:cb:23:51:71:98:4d:dc:74:
dd:70:62:ed:c0:ec:10:12:21:a6:84:1a:dd:7f:8e:50:fe:3a:
fd:bb:af:87:94:cb:e2:21:e8:b0:31:c9:86:53:1c:69:1a:e5:
8a:5d:d0:33:be:ef:f6:2c:e0:26:26:65:4b:69:e5:8f:a9:31:
ec:40:f0:c1:d7:23:f3:bd:cd:8b:15:28:f4:c4:b8:e0:79:59:
78:83:b0:d5:bd:d3:45:17:87:a1:68:17:54:59:b9:41:86:fc:
20:be:d2:4b:5d:49:c7:ae:5a:99:9d:94:8a:5c:47:c3:70:b2:
3f:3b:a2:4d
-----BEGIN CERTIFICATE-----
MIIGxDCCBaygAwIBAgIUAQ0Mn0MoWEik/5i6H1aLlVqy7SAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjg3NmQ1YTgtNWRkNi00NDBhLTk3ZTItNWUyMGI5ZTAw
ZjVjMB4XDTI1MDEyMzIyMzQyN1oXDTI1MDQyMzIxMzQyN1owLzEtMCsGA1UEAxMk
ODAwMGZmY2UtMmQwOC00MWQ5LTgyZTMtNTRlODA1YTRlMGE2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuslwaLVkwNxyCdtxRHXagz9DQWAMzot8KSmX
qtVdjejvbZ7gX7/YkBgBqBWJw9GeZaTPfdsXMM7USrdBYwj9Tb9dTc8Q9TMBeadB
9CQKVJZkSO5QnMzEcFyjn6oYu2eBJI1JrsD4IHI93b51TMZKNqlmStLjvc/pT00u
uC/8nG6WVUEV+73DoiXbC++zEun6KNELtGCvifU+0SICXYPNQpjqO9yqQenv6UWn
AOXyys738XUvAMk0hjeco+t4CjnVeXurd52DIDJZanVf/FwUwEnj0769EecjshMY
O5PP6aq3YXrpbr5O1A9Udly78ZpH4doHKf5Ku7z5Xhud0Z249wIDAQABo4ID1jCC
A9IwHQYDVR0OBBYEFEmrGv9fFzsQaVggwwP1EPz0ZBM5MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2
ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIwYjllMDBmNWMvYjk4MGEwMjAtNTE4Zi0z
YWNlLTk0OTEtODFiZTQwMTE4YWQxLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjg3NmQ1YTgtNWRkNi00NDBhLTk3
ZTItNWUyMGI5ZTAwZjVjLzY4NzZkNWE4LTVkZDYtNDQwYS05N2UyLTVlMjBiOWUw
MGY1Yy5jcmwwHwYDVR0jBBgwFoAUoSduxM+Q6aeKON2MubjRHPAXmrMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIw
YjllMDBmNWMuY2VyMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBABr
lhgDBABrlh0DBABroVwDBACnoKADBACnoLADBACnoLIDBACtLCIDBAGt/sQwDAME
AK3+xwMEAK3+yAMEAK3+ywMEAa3+zgMEAK3+0gMEAK3+1gMEAK3+4AMEAa3+4jAM
AwQArf7lAwQArf7mAwQArf71AwQArf73AwQArf75MFQGA1UdIAEB/wRKMEgwRgYI
KwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVz
b3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBAGqCYOGZpuPn
6ztbQnZZZwfrwzloCY+t4v/YTf/iva46iGiLo6gvDOBcuNtDrNhfXz5P0EwIjnH/
dTFlkgAyZtoiSvajOr84hgXS67p0NEHbyINaPC7LIsQtHIn74+/yz63t5AugcOya
UJPF3YjtFNjfor9vyDUz/JKVM5ETRFqSvwlYVPxfy1jLI1FxmE3cdN1wYu3A7BAS
IaaEGt1/jlD+Ov27r4eUy+Ih6LAxyYZTHGka5Ypd0DO+7/Ys4CYmZUtp5Y+pMexA
8MHXI/O9zYsVKPTEuOB5WXiDsNW900UXh6FoF1RZuUGG/CC+0ktdSceuWpmdlIpc
R8Nwsj87ok0=
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:45:54 2025 by rpki-client