Route Origin Authorization
$ rpki-client -vvf rpki.multacom.com/repo/MCOMCA/0/3230382e37302e37322e302f32312d3234203d3e203335393136.roa
File: 3230382e37302e37322e302f32312d3234203d3e203335393136.roa (raw, json)
Hash identifier: kaH7DLxdXRbYBd6Or107q8DiEOu1oRxrOipoKcTVA2I=
Subject key identifier: FB:94:D3:90:C6:6C:59:F5:DD:DD:1A:4A:44:AE:EB:50:07:24:F8:D9
Certificate issuer: /CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
Certificate serial: 55D345BB420AEB648ECB32520ACD0871F8843F3A
Authority key identifier: DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer
Subject info access: rsync://rpki.multacom.com/repo/MCOMCA/0/3230382e37302e37322e302f32312d3234203d3e203335393136.roa
Signing time: Sun 30 Jul 2023 02:00:00 +0000
ROA not before: Sun 30 Jul 2023 01:55:00 +0000
ROA not after: Tue 30 Jul 2024 02:00:00 +0000
asID: 35916
IP address blocks: 208.70.72.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:d3:45:bb:42:0a:eb:64:8e:cb:32:52:0a:cd:08:71:f8:84:3f:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
Validity
Not Before: Jul 30 01:55:00 2023 GMT
Not After : Jul 30 02:00:00 2024 GMT
Subject: CN=3082010A02820101009CEE3B8F07C799B9806AE7F7F11B4F089C4B1431D9797C61995919799131D04E5555CDB94DAC7D43A0D911AA5828D78FAEC75DC238324A19578182999902D57D87579C0E4AD775B6C18E4C343FF993D5FA648E8A386042CDA0CF29FF6BEEAD18BFF534A5780D2AA92FA1CBBD3AABA604DCB0BD8EB6127966A307703D193A6F55807CFC51383C07869DCB7E134DB6F57B216647DE49E5FDDAEB2950177D200BCFD7426FF8BB5812EE67F99A2E2256C9634181506EB99360E284E6F999AC90E187EDCD94A9FA19C197BCF801E2F8FBC5B9F6C5821CA760ADDB7CA7994C3691A9E10E463A483CD458D68A1AF94374D9794DD9AB5F64BF2160C14F6B5D05225D6B2F0203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ee:3b:8f:07:c7:99:b9:80:6a:e7:f7:f1:1b:
4f:08:9c:4b:14:31:d9:79:7c:61:99:59:19:79:91:
31:d0:4e:55:55:cd:b9:4d:ac:7d:43:a0:d9:11:aa:
58:28:d7:8f:ae:c7:5d:c2:38:32:4a:19:57:81:82:
99:99:02:d5:7d:87:57:9c:0e:4a:d7:75:b6:c1:8e:
4c:34:3f:f9:93:d5:fa:64:8e:8a:38:60:42:cd:a0:
cf:29:ff:6b:ee:ad:18:bf:f5:34:a5:78:0d:2a:a9:
2f:a1:cb:bd:3a:ab:a6:04:dc:b0:bd:8e:b6:12:79:
66:a3:07:70:3d:19:3a:6f:55:80:7c:fc:51:38:3c:
07:86:9d:cb:7e:13:4d:b6:f5:7b:21:66:47:de:49:
e5:fd:da:eb:29:50:17:7d:20:0b:cf:d7:42:6f:f8:
bb:58:12:ee:67:f9:9a:2e:22:56:c9:63:41:81:50:
6e:b9:93:60:e2:84:e6:f9:99:ac:90:e1:87:ed:cd:
94:a9:fa:19:c1:97:bc:f8:01:e2:f8:fb:c5:b9:f6:
c5:82:1c:a7:60:ad:db:7c:a7:99:4c:36:91:a9:e1:
0e:46:3a:48:3c:d4:58:d6:8a:1a:f9:43:74:d9:79:
4d:d9:ab:5f:64:bf:21:60:c1:4f:6b:5d:05:22:5d:
6b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:94:D3:90:C6:6C:59:F5:DD:DD:1A:4A:44:AE:EB:50:07:24:F8:D9
X509v3 Authority Key Identifier:
keyid:DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.multacom.com/repo/MCOMCA/0/DC62768830B1B1201716518D5E6A6525B023593A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.multacom.com/repo/MCOMCA/0/3230382e37302e37322e302f32312d3234203d3e203335393136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
208.70.72.0/21
Signature Algorithm: sha256WithRSAEncryption
89:c5:78:c0:e7:e2:99:9f:47:7f:2d:ff:2d:c6:a0:42:33:3a:
a7:ef:e1:ac:c7:6a:3b:b3:6b:5f:0f:eb:5a:fa:2b:12:37:61:
ec:16:c9:9b:60:6e:61:e2:e8:74:e0:04:84:0b:71:c1:8d:e7:
0b:5f:c6:d9:42:97:da:7c:62:14:2f:2c:fb:f8:2d:a5:cf:7a:
48:c7:49:00:53:f0:d7:99:fe:c2:89:e2:a5:95:9f:d8:25:f9:
22:03:6a:4b:61:48:12:12:02:98:90:ba:64:b7:84:05:d6:a9:
f4:63:fe:18:0c:00:73:80:b2:b7:d2:fc:56:df:46:7c:af:7e:
d4:bd:2e:1e:f2:73:68:02:20:c9:31:4f:ff:d5:f6:b0:b4:f3:
70:21:89:88:13:77:50:ef:7a:7d:69:ea:d0:c5:c4:75:bc:30:
8f:16:27:29:c4:57:46:2f:45:02:30:66:47:70:cd:71:6c:62:
a4:01:d1:98:ef:bb:f3:83:a1:b5:be:b9:36:4a:3d:2e:cd:5d:
f5:80:5b:55:15:84:87:d5:32:d1:3c:a5:11:fc:ce:0d:54:9a:
55:a1:49:31:a8:9d:3d:91:02:82:49:b1:59:57:b6:15:af:df:
34:96:97:27:1f:0f:83:c1:fe:5b:57:2c:b6:2a:39:a4:12:51:
fb:ff:b1:0f
-----BEGIN CERTIFICATE-----
MIIHZjCCBk6gAwIBAgIUVdNFu0IK62SOyzJSCs0IcfiEPzowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyODkwMTk0MDU5N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIx
ZjFmMjBhZGU2ODU2OGU1YjEwHhcNMjMwNzMwMDE1NTAwWhcNMjQwNzMwMDIwMDAw
WjCCAi0xggIpMIICJQYDVQQDE4ICHDMwODIwMTBBMDI4MjAxMDEwMDlDRUUzQjhG
MDdDNzk5Qjk4MDZBRTdGN0YxMUI0RjA4OUM0QjE0MzFEOTc5N0M2MTk5NTkxOTc5
OTEzMUQwNEU1NTU1Q0RCOTREQUM3RDQzQTBEOTExQUE1ODI4RDc4RkFFQzc1REMy
MzgzMjRBMTk1NzgxODI5OTk5MDJENTdEODc1NzlDMEU0QUQ3NzVCNkMxOEU0QzM0
M0ZGOTkzRDVGQTY0OEU4QTM4NjA0MkNEQTBDRjI5RkY2QkVFQUQxOEJGRjUzNEE1
NzgwRDJBQTkyRkExQ0JCRDNBQUJBNjA0RENCMEJEOEVCNjEyNzk2NkEzMDc3MDNE
MTkzQTZGNTU4MDdDRkM1MTM4M0MwNzg2OURDQjdFMTM0REI2RjU3QjIxNjY0N0RF
NDlFNUZEREFFQjI5NTAxNzdEMjAwQkNGRDc0MjZGRjhCQjU4MTJFRTY3Rjk5QTJF
MjI1NkM5NjM0MTgxNTA2RUI5OTM2MEUyODRFNkY5OTlBQzkwRTE4N0VEQ0Q5NEE5
RkExOUMxOTdCQ0Y4MDFFMkY4RkJDNUI5RjZDNTgyMUNBNzYwQUREQjdDQTc5OTRD
MzY5MUE5RTEwRTQ2M0E0ODNDRDQ1OEQ2OEExQUY5NDM3NEQ5Nzk0REQ5QUI1RjY0
QkYyMTYwQzE0RjZCNUQwNTIyNUQ2QjJGMDIwMzAxMDAwMTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAJzuO48Hx5m5gGrn9/EbTwicSxQx2Xl8YZlZGXmR
MdBOVVXNuU2sfUOg2RGqWCjXj67HXcI4MkoZV4GCmZkC1X2HV5wOStd1tsGOTDQ/
+ZPV+mSOijhgQs2gzyn/a+6tGL/1NKV4DSqpL6HLvTqrpgTcsL2OthJ5ZqMHcD0Z
Om9VgHz8UTg8B4ady34TTbb1eyFmR95J5f3a6ylQF30gC8/XQm/4u1gS7mf5mi4i
VsljQYFQbrmTYOKE5vmZrJDhh+3NlKn6GcGXvPgB4vj7xbn2xYIcp2Ct23ynmUw2
kanhDkY6SDzUWNaKGvlDdNl5TdmrX2S/IWDBT2tdBSJday8CAwEAAaOCAmowggJm
MB0GA1UdDgQWBBT7lNOQxmxZ9d3dGkpErutQByT42TAfBgNVHSMEGDAWgBTcYnaI
MLGxIBcWUY1eamUlsCNZOjAOBgNVHQ8BAf8EBAMCB4AwZQYDVR0fBF4wXDBaoFig
VoZUcnN5bmM6Ly9ycGtpLm11bHRhY29tLmNvbS9yZXBvL01DT01DQS8wL0RDNjI3
Njg4MzBCMUIxMjAxNzE2NTE4RDVFNkE2NTI1QjAyMzU5M0EuY3JsMIHzBggrBgEF
BQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQv
cmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMt
MjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlh
OC80ZGMwN2JhNi1kMzYwLTRjYTUtYTg2MC02MmU0ZTU0NzZmODQvODkwMTk0MDU5
N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIxZjFmMjBhZGU2ODU2OGU1YjEuY2VyMHwG
CCsGAQUFBwELBHAwbjBsBggrBgEFBQcwC4ZgcnN5bmM6Ly9ycGtpLm11bHRhY29t
LmNvbS9yZXBvL01DT01DQS8wLzMyMzAzODJlMzczMDJlMzczMjJlMzAyZjMyMzEy
ZDMyMzQyMDNkM2UyMDMzMzUzOTMxMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPQRkgwDQYJKoZIhvcN
AQELBQADggEBAInFeMDn4pmfR38t/y3GoEIzOqfv4azHajuza18P61r6KxI3YewW
yZtgbmHi6HTgBIQLccGN5wtfxtlCl9p8YhQvLPv4LaXPekjHSQBT8NeZ/sKJ4qWV
n9gl+SIDakthSBISApiQumS3hAXWqfRj/hgMAHOAsrfS/FbfRnyvftS9Lh7yc2gC
IMkxT//V9rC083AhiYgTd1Dven1p6tDFxHW8MI8WJynEV0YvRQIwZkdwzXFsYqQB
0Zjvu/ODobW+uTZKPS7NXfWAW1UVhIfVMtE8pRH8zg1UmlWhSTGonT2RAoJJsVlX
thWv3zSWlycfD4PB/ltXLLYqOaQSUfv/sQ8=
-----END CERTIFICATE-----
Generated at Wed Aug 9 22:59:11 2023 by rpki-client on console-ams.rpki-client.org