Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/bc831f6b-71a6-46bb-9f64-2da80ccc244c/77638a94-9bac-3aef-908d-34f195e7a1d5.roa
File: 77638a94-9bac-3aef-908d-34f195e7a1d5.roa (raw, json)
Hash identifier: yCacLTk1teV3DdZsusf/0wVENaj7FU4u1TRScLODlI4=
Subject key identifier: 9E:94:C4:E8:55:B7:BF:10:1C:BC:75:FE:B6:4A:7A:73:ED:9C:69:0E
Certificate issuer: /CN=bc831f6b-71a6-46bb-9f64-2da80ccc244c
Certificate serial: 010D0C9F43285842AB69236B61545BBB3B10D800
Authority key identifier: A9:50:46:A5:5A:7E:BB:0F:CE:06:22:BA:A4:AF:11:59:F2:3E:CD:24
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/bc831f6b-71a6-46bb-9f64-2da80ccc244c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/bc831f6b-71a6-46bb-9f64-2da80ccc244c/77638a94-9bac-3aef-908d-34f195e7a1d5.roa
Signing time: Wed 26 Jul 2023 01:00:16 +0000
ROA not before: Wed 26 Jul 2023 01:00:16 +0000
ROA not after: Tue 24 Oct 2023 01:00:16 +0000
asID: 21859
IP address blocks: 23.249.28.0/24 maxlen: 24
23.249.24.0/24 maxlen: 24
104.143.42.0/24 maxlen: 24
104.143.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:42:ab:69:23:6b:61:54:5b:bb:3b:10:d8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc831f6b-71a6-46bb-9f64-2da80ccc244c
Validity
Not Before: Jul 26 01:00:16 2023 GMT
Not After : Oct 24 01:00:16 2023 GMT
Subject: CN=df9cd7a4-0cd0-493f-9eb4-e3787bb74bd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f6:3c:51:8e:db:3f:8c:35:61:14:11:44:18:
71:72:5d:a8:35:13:04:ae:17:3a:f4:00:bb:3a:81:
fc:f9:fd:00:3e:c8:59:04:a6:6e:01:a0:dd:b6:11:
94:5e:cb:7d:44:b0:18:ab:30:44:7a:8c:20:3a:7d:
e0:05:96:f8:e1:e9:71:8a:00:81:c0:93:20:a3:0d:
7c:bc:8c:43:9b:62:26:c1:5d:8a:87:9e:b3:7d:98:
f0:9c:54:26:20:63:63:97:ff:d2:0f:b1:da:36:4e:
a8:77:e9:06:f2:9e:14:74:8b:5c:54:01:4a:9e:85:
2f:c5:b6:66:28:e3:20:ef:40:82:90:4d:8a:7f:4c:
bd:15:c7:4b:f1:3a:f4:d2:d4:c9:ab:25:e2:99:21:
26:3f:b4:86:e2:8d:ff:05:15:15:c5:d4:b8:04:2c:
d0:6c:b0:0a:2e:13:53:d1:c5:ed:4b:01:90:6f:8a:
66:23:63:26:32:8a:f0:f6:ab:84:25:4f:2b:a8:43:
75:15:b1:d5:72:fa:72:97:e4:00:e1:66:62:73:cd:
c1:8a:62:c8:8f:68:21:f8:10:03:4b:b9:cd:70:31:
1b:41:bc:0e:97:87:5d:e0:fb:05:0e:f8:0b:68:48:
f9:83:28:4b:49:4e:1d:45:f8:4a:9b:dc:3f:17:f2:
9c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:94:C4:E8:55:B7:BF:10:1C:BC:75:FE:B6:4A:7A:73:ED:9C:69:0E
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/bc831f6b-71a6-46bb-9f64-2da80ccc244c/77638a94-9bac-3aef-908d-34f195e7a1d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/bc831f6b-71a6-46bb-9f64-2da80ccc244c/bc831f6b-71a6-46bb-9f64-2da80ccc244c.crl
X509v3 Authority Key Identifier:
keyid:A9:50:46:A5:5A:7E:BB:0F:CE:06:22:BA:A4:AF:11:59:F2:3E:CD:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/bc831f6b-71a6-46bb-9f64-2da80ccc244c.cer
sbgp-ipAddrBlock: critical
IPv4:
23.249.24.0/24
23.249.28.0/24
104.143.35.0/24
104.143.42.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
34:14:67:8c:2f:4a:2c:8c:ef:37:2f:c5:dd:9e:f6:5d:2e:2f:
35:b9:23:40:86:8a:03:06:4f:e8:db:a9:04:26:5e:a4:4b:a1:
8c:7c:e7:d2:d2:85:b8:65:da:4f:ae:ca:7c:b4:a1:ce:dd:ab:
96:06:85:4e:8f:f5:50:d1:37:04:06:76:f7:e8:c8:49:4b:84:
59:a8:6e:05:5c:fd:c5:7b:64:cf:58:70:48:6e:96:a0:9a:e9:
ec:e6:c9:87:36:a4:80:f2:ac:73:fa:25:3a:9b:3d:0f:17:02:
9f:51:bd:6c:5e:de:11:5c:64:3f:d7:1b:17:04:2c:4c:2b:fa:
93:b4:16:ec:1a:17:d3:c7:c0:da:32:2c:89:12:3a:6d:0e:16:
25:97:22:c0:0f:5e:bd:2e:30:e2:69:6a:47:27:36:da:dc:a4:
32:3f:d3:ce:07:7a:9a:64:fa:08:fe:47:06:84:a4:a8:d9:d1:
48:6d:8b:47:38:b6:16:a0:71:f0:72:08:b2:8a:fb:cb:00:d4:
4a:d8:88:14:8e:0f:1e:47:ff:f7:22:9f:55:60:cf:8b:dd:3b:
60:c0:32:91:7f:66:75:13:8b:c3:47:b4:23:70:2a:d1:89:d3:
4f:92:de:e5:37:e5:5c:94:df:8f:a5:9b:31:ce:f7:26:68:8d:
01:79:c3:bd
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgIUAQ0Mn0MoWEKraSNrYVRbuzsQ2AAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYmM4MzFmNmItNzFhNi00NmJiLTlmNjQtMmRhODBjY2My
NDRjMB4XDTIzMDcyNjAxMDAxNloXDTIzMTAyNDAxMDAxNlowLzEtMCsGA1UEAxMk
ZGY5Y2Q3YTQtMGNkMC00OTNmLTllYjQtZTM3ODdiYjc0YmQzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/Y8UY7bP4w1YRQRRBhxcl2oNRMErhc69AC7
OoH8+f0APshZBKZuAaDdthGUXst9RLAYqzBEeowgOn3gBZb44elxigCBwJMgow18
vIxDm2ImwV2Kh56zfZjwnFQmIGNjl//SD7HaNk6od+kG8p4UdItcVAFKnoUvxbZm
KOMg70CCkE2Kf0y9FcdL8Tr00tTJqyXimSEmP7SG4o3/BRUVxdS4BCzQbLAKLhNT
0cXtSwGQb4pmI2MmMorw9quEJU8rqEN1FbHVcvpyl+QA4WZic83BimLIj2gh+BAD
S7nNcDEbQbwOl4dd4PsFDvgLaEj5gyhLSU4dRfhKm9w/F/KcEQIDAQABo4IDZzCC
A2MwHQYDVR0OBBYEFJ6UxOhVt78QHLx1/rZKenPtnGkOMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iYzgz
MWY2Yi03MWE2LTQ2YmItOWY2NC0yZGE4MGNjYzI0NGMvNzc2MzhhOTQtOWJhYy0z
YWVmLTkwOGQtMzRmMTk1ZTdhMWQ1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvYmM4MzFmNmItNzFhNi00NmJiLTlm
NjQtMmRhODBjY2MyNDRjL2JjODMxZjZiLTcxYTYtNDZiYi05ZjY0LTJkYTgwY2Nj
MjQ0Yy5jcmwwHwYDVR0jBBgwFoAUqVBGpVp+uw/OBiK6pK8RWfI+zSQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS9iYzgzMWY2Yi03MWE2LTQ2YmItOWY2NC0yZGE4
MGNjYzI0NGMuY2VyMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAF/kYAwQA
F/kcAwQAaI8jAwQAaI8qMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4Bggr
BgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3Bz
Lmh0bWwwDQYJKoZIhvcNAQELBQADggEBADQUZ4wvSiyM7zcvxd2e9l0uLzW5I0CG
igMGT+jbqQQmXqRLoYx859LShbhl2k+uyny0oc7dq5YGhU6P9VDRNwQGdvfoyElL
hFmobgVc/cV7ZM9YcEhulqCa6ezmyYc2pIDyrHP6JTqbPQ8XAp9RvWxe3hFcZD/X
GxcELEwr+pO0FuwaF9PHwNoyLIkSOm0OFiWXIsAPXr0uMOJpakcnNtrcpDI/084H
eppk+gj+RwaEpKjZ0Uhti0c4thagcfByCLKK+8sA1ErYiBSODx5H//cin1Vgz4vd
O2DAMpF/ZnUTi8NHtCNwKtGJ00+S3uU35VyU34+lmzHO9yZojQF5w70=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:47:55 2024 by rpki-client on console-ams.rpki-client.org