Route Origin Authorization
$ rpki-client -vvf rpki.multacom.com/repo/MCOMCA/0/3230382e36342e3232342e302f32312d3234203d3e203335393136.roa
File: 3230382e36342e3232342e302f32312d3234203d3e203335393136.roa (raw, json)
Hash identifier: R53IN7E/PWUx7mpEpND8MA+w8MP9btI8hyeSKWF82Sw=
Subject key identifier: EC:0D:C3:D6:6D:E6:EE:A7:69:60:27:65:60:1C:CC:E2:BB:69:0D:12
Certificate issuer: /CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
Certificate serial: 498D04F5B39F3FC3AEB4C133E96192E97BCB12F5
Authority key identifier: DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer
Subject info access: rsync://rpki.multacom.com/repo/MCOMCA/0/3230382e36342e3232342e302f32312d3234203d3e203335393136.roa
Signing time: Sun 30 Jul 2023 02:00:01 +0000
ROA not before: Sun 30 Jul 2023 01:55:01 +0000
ROA not after: Tue 30 Jul 2024 02:00:01 +0000
asID: 35916
IP address blocks: 208.64.224.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:8d:04:f5:b3:9f:3f:c3:ae:b4:c1:33:e9:61:92:e9:7b:cb:12:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
Validity
Not Before: Jul 30 01:55:01 2023 GMT
Not After : Jul 30 02:00:01 2024 GMT
Subject: CN=3082010A0282010100A500A76307269EECDC053D961987758DB90779F1820DC7E1A318B6633566CC889FACDEE916A9FA7A051CA82AFF9BA53C71D9BA26B0FBC4F04E726CB9EE2570DED65AD533AFD6EC68F0867A25981F1C7869B85A77366934897EF53E41806A9FC8F9921DF2C3DE4CF722846AAFE997DD0082A6BB1B5DB024E377A8E9B619A200E9C4EBC4016FD6564FC285B79A15E7192D9F89997E6F98A6E26EAEBED8CCC2593E24A8C8DBDB430C2656524EFA2484B6892777563DF78205488A5261771E18E3E7C896D0EC64C1DFEB73809DE99AC7E6A7CBA0215F79558D26E0FDCA8206BC0C045F6ED7B517250A1D6A19FFE57190B7AB340364BD9263EB3B3F4568F8BB688A2D0203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:00:a7:63:07:26:9e:ec:dc:05:3d:96:19:87:
75:8d:b9:07:79:f1:82:0d:c7:e1:a3:18:b6:63:35:
66:cc:88:9f:ac:de:e9:16:a9:fa:7a:05:1c:a8:2a:
ff:9b:a5:3c:71:d9:ba:26:b0:fb:c4:f0:4e:72:6c:
b9:ee:25:70:de:d6:5a:d5:33:af:d6:ec:68:f0:86:
7a:25:98:1f:1c:78:69:b8:5a:77:36:69:34:89:7e:
f5:3e:41:80:6a:9f:c8:f9:92:1d:f2:c3:de:4c:f7:
22:84:6a:af:e9:97:dd:00:82:a6:bb:1b:5d:b0:24:
e3:77:a8:e9:b6:19:a2:00:e9:c4:eb:c4:01:6f:d6:
56:4f:c2:85:b7:9a:15:e7:19:2d:9f:89:99:7e:6f:
98:a6:e2:6e:ae:be:d8:cc:c2:59:3e:24:a8:c8:db:
db:43:0c:26:56:52:4e:fa:24:84:b6:89:27:77:56:
3d:f7:82:05:48:8a:52:61:77:1e:18:e3:e7:c8:96:
d0:ec:64:c1:df:eb:73:80:9d:e9:9a:c7:e6:a7:cb:
a0:21:5f:79:55:8d:26:e0:fd:ca:82:06:bc:0c:04:
5f:6e:d7:b5:17:25:0a:1d:6a:19:ff:e5:71:90:b7:
ab:34:03:64:bd:92:63:eb:3b:3f:45:68:f8:bb:68:
8a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:0D:C3:D6:6D:E6:EE:A7:69:60:27:65:60:1C:CC:E2:BB:69:0D:12
X509v3 Authority Key Identifier:
keyid:DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.multacom.com/repo/MCOMCA/0/DC62768830B1B1201716518D5E6A6525B023593A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.multacom.com/repo/MCOMCA/0/3230382e36342e3232342e302f32312d3234203d3e203335393136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
208.64.224.0/21
Signature Algorithm: sha256WithRSAEncryption
78:fb:e2:74:e1:20:7f:4e:4d:e0:d1:cc:f3:18:04:f7:d1:3f:
25:08:9c:f0:e8:1b:ef:16:f8:bd:19:c5:97:8b:d5:98:b7:d4:
ab:ce:b2:b7:d1:fa:4f:52:60:ca:55:41:74:8b:84:6a:3f:9f:
c4:cf:d3:a8:7f:50:1c:e5:52:00:19:e6:b1:98:d1:48:a9:ba:
c4:0e:1c:54:42:22:b5:82:49:a4:40:69:b8:a3:e0:60:ec:f6:
18:74:26:8f:98:b6:03:b9:e2:cc:bf:e2:7e:cb:ca:1c:6b:33:
b8:03:a5:c5:23:f5:6c:ed:90:ad:50:93:ae:65:ab:a3:97:40:
22:38:d3:f1:08:36:27:00:ae:cd:cd:2e:e4:fc:df:26:6d:68:
b6:48:71:8b:fe:2c:97:01:69:1f:6e:e4:18:cb:93:9b:f9:f0:
7d:7a:4b:b6:e5:a2:1f:7b:2f:4b:9e:35:0c:3d:39:74:ec:cb:
a5:bf:21:b2:21:84:c1:23:ca:e0:9a:b0:f3:4a:88:dc:a6:ab:
75:18:2e:ee:51:bd:ff:af:b5:85:99:98:14:80:47:d9:78:a6:
dc:6f:20:7b:45:49:41:5e:bf:e2:13:5b:c3:e5:ce:80:e7:38:
e5:16:29:67:06:0b:b5:41:3d:bc:36:b3:d7:ed:02:47:0b:24:
5f:25:ee:56
-----BEGIN CERTIFICATE-----
MIIHaDCCBlCgAwIBAgIUSY0E9bOfP8OutMEz6WGS6XvLEvUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyODkwMTk0MDU5N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIx
ZjFmMjBhZGU2ODU2OGU1YjEwHhcNMjMwNzMwMDE1NTAxWhcNMjQwNzMwMDIwMDAx
WjCCAi0xggIpMIICJQYDVQQDE4ICHDMwODIwMTBBMDI4MjAxMDEwMEE1MDBBNzYz
MDcyNjlFRUNEQzA1M0Q5NjE5ODc3NThEQjkwNzc5RjE4MjBEQzdFMUEzMThCNjYz
MzU2NkNDODg5RkFDREVFOTE2QTlGQTdBMDUxQ0E4MkFGRjlCQTUzQzcxRDlCQTI2
QjBGQkM0RjA0RTcyNkNCOUVFMjU3MERFRDY1QUQ1MzNBRkQ2RUM2OEYwODY3QTI1
OTgxRjFDNzg2OUI4NUE3NzM2NjkzNDg5N0VGNTNFNDE4MDZBOUZDOEY5OTIxREYy
QzNERTRDRjcyMjg0NkFBRkU5OTdERDAwODJBNkJCMUI1REIwMjRFMzc3QThFOUI2
MTlBMjAwRTlDNEVCQzQwMTZGRDY1NjRGQzI4NUI3OUExNUU3MTkyRDlGODk5OTdF
NkY5OEE2RTI2RUFFQkVEOENDQzI1OTNFMjRBOEM4REJEQjQzMEMyNjU2NTI0RUZB
MjQ4NEI2ODkyNzc3NTYzREY3ODIwNTQ4OEE1MjYxNzcxRTE4RTNFN0M4OTZEMEVD
NjRDMURGRUI3MzgwOURFOTlBQzdFNkE3Q0JBMDIxNUY3OTU1OEQyNkUwRkRDQTgy
MDZCQzBDMDQ1RjZFRDdCNTE3MjUwQTFENkExOUZGRTU3MTkwQjdBQjM0MDM2NEJE
OTI2M0VCM0IzRjQ1NjhGOEJCNjg4QTJEMDIwMzAxMDAwMTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAKUAp2MHJp7s3AU9lhmHdY25B3nxgg3H4aMYtmM1
ZsyIn6ze6Rap+noFHKgq/5ulPHHZuiaw+8TwTnJsue4lcN7WWtUzr9bsaPCGeiWY
Hxx4abhadzZpNIl+9T5BgGqfyPmSHfLD3kz3IoRqr+mX3QCCprsbXbAk43eo6bYZ
ogDpxOvEAW/WVk/ChbeaFecZLZ+JmX5vmKbibq6+2MzCWT4kqMjb20MMJlZSTvok
hLaJJ3dWPfeCBUiKUmF3Hhjj58iW0Oxkwd/rc4Cd6ZrH5qfLoCFfeVWNJuD9yoIG
vAwEX27XtRclCh1qGf/lcZC3qzQDZL2SY+s7P0Vo+Ltoii0CAwEAAaOCAmwwggJo
MB0GA1UdDgQWBBTsDcPWbebup2lgJ2VgHMziu2kNEjAfBgNVHSMEGDAWgBTcYnaI
MLGxIBcWUY1eamUlsCNZOjAOBgNVHQ8BAf8EBAMCB4AwZQYDVR0fBF4wXDBaoFig
VoZUcnN5bmM6Ly9ycGtpLm11bHRhY29tLmNvbS9yZXBvL01DT01DQS8wL0RDNjI3
Njg4MzBCMUIxMjAxNzE2NTE4RDVFNkE2NTI1QjAyMzU5M0EuY3JsMIHzBggrBgEF
BQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQv
cmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMt
MjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlh
OC80ZGMwN2JhNi1kMzYwLTRjYTUtYTg2MC02MmU0ZTU0NzZmODQvODkwMTk0MDU5
N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIxZjFmMjBhZGU2ODU2OGU1YjEuY2VyMH4G
CCsGAQUFBwELBHIwcDBuBggrBgEFBQcwC4ZicnN5bmM6Ly9ycGtpLm11bHRhY29t
LmNvbS9yZXBvL01DT01DQS8wLzMyMzAzODJlMzYzNDJlMzIzMjM0MmUzMDJmMzIz
MTJkMzIzNDIwM2QzZTIwMzMzNTM5MzEzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9BA4DANBgkqhkiG
9w0BAQsFAAOCAQEAePvidOEgf05N4NHM8xgE99E/JQic8Ogb7xb4vRnFl4vVmLfU
q86yt9H6T1JgylVBdIuEaj+fxM/TqH9QHOVSABnmsZjRSKm6xA4cVEIitYJJpEBp
uKPgYOz2GHQmj5i2A7nizL/ifsvKHGszuAOlxSP1bO2QrVCTrmWro5dAIjjT8Qg2
JwCuzc0u5PzfJm1otkhxi/4slwFpH27kGMuTm/nwfXpLtuWiH3svS541DD05dOzL
pb8hsiGEwSPK4Jqw80qI3KardRgu7lG9/6+1hZmYFIBH2Xim3G8ge0VJQV6/4hNb
w+XOgOc45RYpZwYLtUE9vDaz1+0CRwskXyXuVg==
-----END CERTIFICATE-----
Generated at Wed Aug 9 22:59:11 2023 by rpki-client on console-ams.rpki-client.org