Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8583e379-1578-4044-8426-ddcb4a4a8192/931e4e2d-3bcc-3715-ab16-01a4485334ec.roa
File: 931e4e2d-3bcc-3715-ab16-01a4485334ec.roa (raw, json)
Hash identifier: eHeL9ZOSN1VgXxYYp8ljygI4CnxdgXmbdwdvXuekGSg=
Subject key identifier: 70:E3:72:BA:F3:F2:8D:05:C7:0B:AA:20:5A:FC:28:CC:37:7B:5F:90
Certificate issuer: /CN=8583e379-1578-4044-8426-ddcb4a4a8192
Certificate serial: 010D0C9F432858475BDB7E51A30B7E19339D1400
Authority key identifier: 89:C7:5F:3F:CE:A7:5D:0D:C3:10:F9:23:2C:65:92:27:0C:63:1D:62
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8583e379-1578-4044-8426-ddcb4a4a8192.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8583e379-1578-4044-8426-ddcb4a4a8192/931e4e2d-3bcc-3715-ab16-01a4485334ec.roa
Signing time: Sat 28 Sep 2024 01:00:31 +0000
ROA not before: Sat 28 Sep 2024 01:00:31 +0000
ROA not after: Fri 27 Dec 2024 02:00:31 +0000
asID: 397373
IP address blocks: 67.21.32.0/24 maxlen: 24
67.21.33.0/24 maxlen: 24
192.154.201.0/24 maxlen: 24
192.154.203.0/24 maxlen: 24
192.154.206.0/24 maxlen: 24
192.154.207.0/24 maxlen: 24
192.154.241.0/24 maxlen: 24
192.154.250.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:47:5b:db:7e:51:a3:0b:7e:19:33:9d:14:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8583e379-1578-4044-8426-ddcb4a4a8192
Validity
Not Before: Sep 28 01:00:31 2024 GMT
Not After : Dec 27 02:00:31 2024 GMT
Subject: CN=63f88cd3-792f-428d-b5aa-5e76e2396420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c6:5b:1e:e5:4a:e9:01:6b:66:0b:d1:4b:e3:
e7:07:79:28:fa:e8:2d:a0:f4:48:54:5b:1b:fd:5c:
24:70:c3:55:3c:c8:e0:c4:69:df:09:f9:89:ad:d5:
38:f3:5f:3a:b8:c0:49:51:a0:85:07:0d:80:93:cc:
88:5a:57:93:46:34:8a:94:f6:45:b7:e0:47:01:fb:
d1:7a:02:a4:fc:fd:90:e5:42:0c:d9:69:81:b6:50:
c3:84:91:62:f7:04:7a:fb:21:65:69:1f:00:01:a5:
e5:af:8d:1f:9e:38:48:07:1c:8b:83:4d:7d:0a:c7:
69:e0:30:fb:81:11:03:64:31:94:23:3b:d6:d4:45:
89:22:c7:6a:f4:44:ed:33:3b:7a:34:e3:32:84:ae:
0c:d4:f4:a4:78:ba:31:fd:cd:22:84:19:83:04:66:
74:05:2b:60:80:cc:98:bd:d3:be:d5:e3:9d:23:a7:
3c:88:de:94:57:88:e8:e9:3d:78:e6:4f:1c:ba:2c:
ea:6d:65:7b:32:72:78:ed:84:05:e5:c3:20:d2:c4:
47:be:03:37:b2:9e:dd:73:e3:07:12:76:5d:1a:1f:
56:13:9e:c4:46:1c:ed:9e:12:43:80:64:b2:48:16:
0e:5d:03:b3:b7:2e:f5:45:95:1d:af:0f:06:4c:3b:
39:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E3:72:BA:F3:F2:8D:05:C7:0B:AA:20:5A:FC:28:CC:37:7B:5F:90
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8583e379-1578-4044-8426-ddcb4a4a8192/931e4e2d-3bcc-3715-ab16-01a4485334ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8583e379-1578-4044-8426-ddcb4a4a8192/8583e379-1578-4044-8426-ddcb4a4a8192.crl
X509v3 Authority Key Identifier:
keyid:89:C7:5F:3F:CE:A7:5D:0D:C3:10:F9:23:2C:65:92:27:0C:63:1D:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8583e379-1578-4044-8426-ddcb4a4a8192.cer
sbgp-ipAddrBlock: critical
IPv4:
67.21.32.0/23
192.154.201.0/24
192.154.203.0/24
192.154.206.0/23
192.154.241.0/24
192.154.250.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
48:70:74:c9:16:ff:79:3a:d1:35:db:c9:dc:18:6a:69:a2:0a:
65:71:12:e0:6a:1c:18:b9:7a:d3:f7:ef:ce:86:f2:9d:5e:6d:
5b:7c:33:63:3a:3e:52:58:ae:91:88:2e:64:4e:da:b9:25:8c:
5f:03:3f:59:a6:e6:eb:20:2d:79:86:5e:9b:2c:a6:c5:87:ed:
7d:29:9f:17:0b:69:10:37:f0:cb:59:12:f7:d1:21:e3:d1:ea:
89:80:f4:ef:2c:81:d1:02:b9:fb:3f:5d:e3:7b:93:d5:09:24:
81:de:e2:40:18:ab:a6:2c:c3:f5:20:21:eb:cc:34:f0:a3:65:
4e:ab:d4:be:2f:48:77:7c:53:b5:c0:81:26:8a:a4:04:2e:b8:
5f:e7:fd:cf:bc:bd:3b:a0:43:31:c8:5c:0b:4f:19:8e:27:6c:
4f:00:1d:c8:46:69:f1:84:13:de:11:b3:a8:c4:6b:f0:09:da:
f7:e1:7e:72:99:e6:24:3a:f0:1f:7e:ef:e6:4c:19:c5:30:b0:
9e:06:b9:be:59:27:86:0a:82:b8:ba:f7:85:56:3a:0a:d3:fc:
61:a5:6d:69:60:eb:8e:3e:01:77:79:29:61:cc:9e:08:a7:ca:
55:cc:8a:e2:63:2b:c0:58:90:2a:55:73:bb:dc:33:ee:75:8c:
71:fe:d5:89
-----BEGIN CERTIFICATE-----
MIIGYTCCBUmgAwIBAgIUAQ0Mn0MoWEdb235Rowt+GTOdFAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkODU4M2UzNzktMTU3OC00MDQ0LTg0MjYtZGRjYjRhNGE4
MTkyMB4XDTI0MDkyODAxMDAzMVoXDTI0MTIyNzAyMDAzMVowLzEtMCsGA1UEAxMk
NjNmODhjZDMtNzkyZi00MjhkLWI1YWEtNWU3NmUyMzk2NDIwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsZbHuVK6QFrZgvRS+PnB3ko+ugtoPRIVFsb
/VwkcMNVPMjgxGnfCfmJrdU48186uMBJUaCFBw2Ak8yIWleTRjSKlPZFt+BHAfvR
egKk/P2Q5UIM2WmBtlDDhJFi9wR6+yFlaR8AAaXlr40fnjhIBxyLg019Csdp4DD7
gREDZDGUIzvW1EWJIsdq9ETtMzt6NOMyhK4M1PSkeLox/c0ihBmDBGZ0BStggMyY
vdO+1eOdI6c8iN6UV4jo6T145k8cuizqbWV7MnJ47YQF5cMg0sRHvgM3sp7dc+MH
EnZdGh9WE57ERhztnhJDgGSySBYOXQOzty71RZUdrw8GTDs5QQIDAQABo4IDczCC
A28wHQYDVR0OBBYEFHDjcrrz8o0FxwuqIFr8KMw3e1+QMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIwMy1iZGE3LTFiZTIwNDkzM2FlNS84NTgz
ZTM3OS0xNTc4LTQwNDQtODQyNi1kZGNiNGE0YTgxOTIvOTMxZTRlMmQtM2JjYy0z
NzE1LWFiMTYtMDFhNDQ4NTMzNGVjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9hNzM0MjBjYi1i
M2NjLTRiMDMtYmRhNy0xYmUyMDQ5MzNhZTUvODU4M2UzNzktMTU3OC00MDQ0LTg0
MjYtZGRjYjRhNGE4MTkyLzg1ODNlMzc5LTE1NzgtNDA0NC04NDI2LWRkY2I0YTRh
ODE5Mi5jcmwwHwYDVR0jBBgwFoAUicdfP86nXQ3DEPkjLGWSJwxjHWIwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIw
My1iZGE3LTFiZTIwNDkzM2FlNS84NTgzZTM3OS0xNTc4LTQwNDQtODQyNi1kZGNi
NGE0YTgxOTIuY2VyMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBQxUgAwQA
wJrJAwQAwJrLAwQBwJrOAwQAwJrxAwQAwJr6MFQGA1UdIAEB/wRKMEgwRgYIKwYB
BQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3Vy
Y2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBAEhwdMkW/3k60TXb
ydwYammiCmVxEuBqHBi5etP3786G8p1ebVt8M2M6PlJYrpGILmRO2rkljF8DP1mm
5usgLXmGXpsspsWH7X0pnxcLaRA38MtZEvfRIePR6omA9O8sgdECufs/XeN7k9UJ
JIHe4kAYq6Ysw/UgIevMNPCjZU6r1L4vSHd8U7XAgSaKpAQuuF/n/c+8vTugQzHI
XAtPGY4nbE8AHchGafGEE94Rs6jEa/AJ2vfhfnKZ5iQ68B9+7+ZMGcUwsJ4Gub5Z
J4YKgri694VWOgrT/GGlbWlg644+AXd5KWHMnginylXMiuJjK8BYkCpVc7vcM+51
jHH+1Yk=
-----END CERTIFICATE-----
Generated at Thu Nov 7 15:01:50 2024 by rpki-client on console-fra.rpki-client.org