Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/8a51dfd1-7ee3-4268-b22f-5f94c97d631b/06eabd72-0ccd-31a6-a7f2-88f82217c124.roa
File: 06eabd72-0ccd-31a6-a7f2-88f82217c124.roa (raw, json)
Hash identifier: wpsbYuHBv966inEha6jdwMAh/jvGiQ816IoeTMbT/ys=
Subject key identifier: 36:F0:A5:DB:D6:CD:2D:D8:28:EF:DB:1D:A5:01:BB:93:7F:68:7C:69
Certificate issuer: /CN=8a51dfd1-7ee3-4268-b22f-5f94c97d631b
Certificate serial: 010D0C9F4328584523DAF651AEB3CA35C1F8BD80
Authority key identifier: 1B:67:24:CF:BE:F2:80:32:84:08:FD:2A:D7:1B:E5:9B:BB:A4:4F:DA
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/8a51dfd1-7ee3-4268-b22f-5f94c97d631b.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/8a51dfd1-7ee3-4268-b22f-5f94c97d631b/06eabd72-0ccd-31a6-a7f2-88f82217c124.roa
Signing time: Fri 08 Mar 2024 14:00:30 +0000
ROA not before: Fri 08 Mar 2024 14:00:30 +0000
ROA not after: Thu 06 Jun 2024 13:00:30 +0000
asID: 33361
IP address blocks: 199.83.240.0/22 maxlen: 24
208.89.48.0/22 maxlen: 24
204.15.32.0/21 maxlen: 24
2605:b000::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:45:23:da:f6:51:ae:b3:ca:35:c1:f8:bd:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a51dfd1-7ee3-4268-b22f-5f94c97d631b
Validity
Not Before: Mar 8 14:00:30 2024 GMT
Not After : Jun 6 13:00:30 2024 GMT
Subject: CN=5f61b358-e2e3-4c8c-8a71-f7e323e26b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:82:42:ca:f8:dd:00:51:76:1a:25:1a:df:b8:
ec:77:36:4a:26:6d:19:de:70:78:ba:1f:b2:62:44:
26:28:ca:27:7a:8a:ed:2a:f7:b9:69:b8:c1:ae:ea:
57:9a:8c:27:27:28:57:b9:f8:60:fa:cd:ee:21:cf:
3d:76:6c:8c:bd:34:fd:2c:eb:a9:8a:09:c9:7d:b9:
d7:31:dc:61:ca:f6:bd:e7:5e:d6:bb:5a:33:6c:20:
b9:28:84:36:99:78:10:18:44:16:a2:7e:1d:f0:d5:
d6:96:5b:1b:0b:e6:15:cc:44:dd:e3:87:52:27:75:
a5:15:bd:fc:e0:29:eb:98:b3:6a:cd:89:63:ad:9f:
64:c5:55:89:9f:b2:5c:92:14:b6:b3:0d:57:69:ce:
e8:dd:a6:f3:91:28:fa:1c:6c:b7:66:7e:20:b1:a2:
f6:af:82:18:50:70:4c:93:24:7d:38:bd:00:bd:79:
2a:80:e4:9a:16:b4:b8:b5:7c:3a:a7:16:9a:52:b5:
c5:76:60:82:4f:4b:08:76:9f:ac:d5:45:1f:56:40:
76:e5:2e:28:c0:96:7e:c9:8d:52:41:98:4a:59:20:
76:48:ca:cc:d0:eb:b9:76:28:db:dd:5e:04:9f:18:
ce:fa:cc:1c:4b:2d:3e:87:68:32:35:3a:bd:24:51:
b6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F0:A5:DB:D6:CD:2D:D8:28:EF:DB:1D:A5:01:BB:93:7F:68:7C:69
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/8a51dfd1-7ee3-4268-b22f-5f94c97d631b/06eabd72-0ccd-31a6-a7f2-88f82217c124.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/8a51dfd1-7ee3-4268-b22f-5f94c97d631b/8a51dfd1-7ee3-4268-b22f-5f94c97d631b.crl
X509v3 Authority Key Identifier:
keyid:1B:67:24:CF:BE:F2:80:32:84:08:FD:2A:D7:1B:E5:9B:BB:A4:4F:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/8a51dfd1-7ee3-4268-b22f-5f94c97d631b.cer
sbgp-ipAddrBlock: critical
IPv4:
199.83.240.0/22
204.15.32.0/21
208.89.48.0/22
IPv6:
2605:b000::/32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
2f:14:10:b3:bd:ec:f4:cb:ca:9c:e6:0d:47:2d:7c:18:81:82:
70:ac:f8:b9:d9:9f:a6:bc:70:61:e7:0f:7a:40:8a:eb:6d:68:
19:c4:7f:6b:03:64:ca:96:25:d7:5d:a8:08:db:b9:6c:8c:e8:
11:7a:3b:f1:21:3a:37:bc:16:65:16:bc:cd:60:ba:5b:95:a3:
31:e5:de:84:c9:d0:dc:da:f7:21:7b:86:25:0b:a8:95:9f:28:
53:8a:0e:83:31:1a:89:23:d6:88:a4:09:f3:f1:bc:4a:40:f9:
b4:0c:59:28:a9:66:8f:f2:7a:7a:83:6f:d3:37:3b:4e:94:99:
ea:62:c9:bd:6c:fd:ac:d0:5a:c1:73:14:82:ff:3a:a3:49:70:
11:8f:3a:28:c4:2a:9e:f1:ea:86:3d:65:39:f3:04:de:b3:fd:
b2:e5:7f:ad:69:ab:88:29:2b:45:16:67:10:36:30:7f:c5:18:
80:47:1f:cd:83:8e:50:41:25:22:e4:a9:02:62:5d:60:f9:47:
61:e5:f1:ad:21:13:76:d3:e8:31:63:71:d6:18:1e:78:fa:37:
33:73:df:70:66:57:5c:41:4c:04:4e:bd:23:97:da:06:03:b6:
3f:35:8b:fc:79:58:09:77:39:23:17:dc:de:70:25:61:f4:02:
fa:db:9a:df
-----BEGIN CERTIFICATE-----
MIIGXjCCBUagAwIBAgIUAQ0Mn0MoWEUj2vZRrrPKNcH4vYAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkOGE1MWRmZDEtN2VlMy00MjY4LWIyMmYtNWY5NGM5N2Q2
MzFiMB4XDTI0MDMwODE0MDAzMFoXDTI0MDYwNjEzMDAzMFowLzEtMCsGA1UEAxMk
NWY2MWIzNTgtZTJlMy00YzhjLThhNzEtZjdlMzIzZTI2YjU4MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYJCyvjdAFF2GiUa37jsdzZKJm0Z3nB4uh+y
YkQmKMoneortKve5abjBrupXmownJyhXufhg+s3uIc89dmyMvTT9LOupignJfbnX
Mdxhyva9517Wu1ozbCC5KIQ2mXgQGEQWon4d8NXWllsbC+YVzETd44dSJ3WlFb38
4CnrmLNqzYljrZ9kxVWJn7JckhS2sw1Xac7o3abzkSj6HGy3Zn4gsaL2r4IYUHBM
kyR9OL0AvXkqgOSaFrS4tXw6pxaaUrXFdmCCT0sIdp+s1UUfVkB25S4owJZ+yY1S
QZhKWSB2SMrM0Ou5dijb3V4EnxjO+swcSy0+h2gyNTq9JFG2gwIDAQABo4IDcDCC
A2wwHQYDVR0OBBYEFDbwpdvWzS3YKO/bHaUBu5N/aHxpMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS84YTUx
ZGZkMS03ZWUzLTQyNjgtYjIyZi01Zjk0Yzk3ZDYzMWIvMDZlYWJkNzItMGNjZC0z
MWE2LWE3ZjItODhmODIyMTdjMTI0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvOGE1MWRmZDEtN2VlMy00MjY4LWIy
MmYtNWY5NGM5N2Q2MzFiLzhhNTFkZmQxLTdlZTMtNDI2OC1iMjJmLTVmOTRjOTdk
NjMxYi5jcmwwHwYDVR0jBBgwFoAUG2ckz77ygDKECP0q1xvlm7ukT9owDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS84YTUxZGZkMS03ZWUzLTQyNjgtYjIyZi01Zjk0
Yzk3ZDYzMWIuY2VyMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCx1PwAwQD
zA8gAwQC0FkwMA0EAgACMAcDBQAmBbAAMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUH
DgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2Vz
L3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBAC8UELO97PTLypzmDUct
fBiBgnCs+LnZn6a8cGHnD3pAiuttaBnEf2sDZMqWJdddqAjbuWyM6BF6O/EhOje8
FmUWvM1guluVozHl3oTJ0Nza9yF7hiULqJWfKFOKDoMxGokj1oikCfPxvEpA+bQM
WSipZo/yenqDb9M3O06Umepiyb1s/azQWsFzFIL/OqNJcBGPOijEKp7x6oY9ZTnz
BN6z/bLlf61pq4gpK0UWZxA2MH/FGIBHH82DjlBBJSLkqQJiXWD5R2Hl8a0hE3bT
6DFjcdYYHnj6NzNz33BmV1xBTAROvSOX2gYDtj81i/x5WAl3OSMX3N5wJWH0Avrb
mt8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:47:40 2024 by rpki-client on console-ams.rpki-client.org