Route Origin Authorization
$ rpki-client -vvf rpki.multacom.com/repo/MCOMCA/0/34332e3232362e32342e302f32342d3234203d3e20333935363831.roa
File: 34332e3232362e32342e302f32342d3234203d3e20333935363831.roa (raw, json)
Hash identifier: 3Hfd7WDF02bmYwZo693VNAgsghp9N6id7NuV4WDJLOI=
Subject key identifier: 67:74:DF:7B:28:CA:03:A6:35:A8:16:45:71:EF:59:77:60:BE:63:0A
Certificate issuer: /CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
Certificate serial: 6071C1D4BF4AB2EF971A831DD9BA3D090F0CECB3
Authority key identifier: DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer
Subject info access: rsync://rpki.multacom.com/repo/MCOMCA/0/34332e3232362e32342e302f32342d3234203d3e20333935363831.roa
Signing time: Wed 24 May 2023 20:00:01 +0000
ROA not before: Wed 24 May 2023 19:55:01 +0000
ROA not after: Fri 24 May 2024 20:00:01 +0000
asID: 395681
IP address blocks: 43.226.24.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:71:c1:d4:bf:4a:b2:ef:97:1a:83:1d:d9:ba:3d:09:0f:0c:ec:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
Validity
Not Before: May 24 19:55:01 2023 GMT
Not After : May 24 20:00:01 2024 GMT
Subject: CN=3082010A0282010100BF3C35B9868E9A23C56CB08DFEC870C4F59E75551CBDC7A874EB72C67C142E779ACE12059F1DBDC97F5976357BC90F1C6CCB9CA97FD8354C71538279821F7326E02220CED6B26B2EE6CF65A42A14B9702982DDB7832419A60287E69DB01D18E48C955A296147802D9D2CF5DA325AA07D312FE52F3519DCE30D065A7F0928292C67EA35293CC40FCC7B53A5C7280F8DBBF04F881142BFED20D1F70D2B275B7F7169B15D108F4F5FD4EE19A5A2A2EF5B76D77D5BE0D1E24C153AD7790A6F59C505481A0F732B2108F171426FC52EB3D9649FE88A7ACFC412DB289A5CE247B62067A9C079761C4873E9FA7AD5CCEBF7726F80B44D732BFAE7BA17BEC2D022CCD3110203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3c:35:b9:86:8e:9a:23:c5:6c:b0:8d:fe:c8:
70:c4:f5:9e:75:55:1c:bd:c7:a8:74:eb:72:c6:7c:
14:2e:77:9a:ce:12:05:9f:1d:bd:c9:7f:59:76:35:
7b:c9:0f:1c:6c:cb:9c:a9:7f:d8:35:4c:71:53:82:
79:82:1f:73:26:e0:22:20:ce:d6:b2:6b:2e:e6:cf:
65:a4:2a:14:b9:70:29:82:dd:b7:83:24:19:a6:02:
87:e6:9d:b0:1d:18:e4:8c:95:5a:29:61:47:80:2d:
9d:2c:f5:da:32:5a:a0:7d:31:2f:e5:2f:35:19:dc:
e3:0d:06:5a:7f:09:28:29:2c:67:ea:35:29:3c:c4:
0f:cc:7b:53:a5:c7:28:0f:8d:bb:f0:4f:88:11:42:
bf:ed:20:d1:f7:0d:2b:27:5b:7f:71:69:b1:5d:10:
8f:4f:5f:d4:ee:19:a5:a2:a2:ef:5b:76:d7:7d:5b:
e0:d1:e2:4c:15:3a:d7:79:0a:6f:59:c5:05:48:1a:
0f:73:2b:21:08:f1:71:42:6f:c5:2e:b3:d9:64:9f:
e8:8a:7a:cf:c4:12:db:28:9a:5c:e2:47:b6:20:67:
a9:c0:79:76:1c:48:73:e9:fa:7a:d5:cc:eb:f7:72:
6f:80:b4:4d:73:2b:fa:e7:ba:17:be:c2:d0:22:cc:
d3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:74:DF:7B:28:CA:03:A6:35:A8:16:45:71:EF:59:77:60:BE:63:0A
X509v3 Authority Key Identifier:
keyid:DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.multacom.com/repo/MCOMCA/0/DC62768830B1B1201716518D5E6A6525B023593A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.multacom.com/repo/MCOMCA/0/34332e3232362e32342e302f32342d3234203d3e20333935363831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.226.24.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:98:3d:65:d3:1f:3b:ed:7f:cd:85:ad:76:5b:a3:da:f8:eb:
08:ee:d3:36:11:a3:b8:a4:83:87:dc:a7:7e:19:59:65:50:bc:
b4:df:17:50:40:80:08:79:3c:a9:f6:b3:8a:6a:c5:0f:39:90:
b7:70:38:c1:3c:a8:9e:b8:b3:5f:c7:84:02:1a:ac:19:e7:64:
ea:57:89:48:02:51:65:ed:22:48:d6:e5:30:be:86:c2:4c:12:
45:bc:44:29:24:df:38:f6:d2:26:d7:f7:05:e8:65:28:4f:29:
8d:1c:b8:71:4b:14:34:4d:47:52:cd:62:24:b6:bc:67:cf:ba:
bd:a9:b6:ff:ca:14:bc:68:40:ca:60:de:1a:d0:13:46:22:26:
bd:53:4b:b6:f8:60:46:ac:21:e9:e1:26:25:45:43:0c:9b:a8:
7a:75:1c:7d:36:59:26:58:06:99:45:5b:7f:47:34:cc:0d:c8:
42:c6:22:ab:45:46:f5:66:87:b2:a5:de:80:b6:22:a9:21:b6:
c8:7b:82:9b:5f:6d:30:b3:a4:75:95:25:f5:ec:64:55:c4:be:
a4:ac:63:da:18:11:7a:67:f6:6d:55:d8:5e:97:5b:fd:96:02:
5b:b7:b5:91:67:f9:51:15:68:83:59:3c:f1:26:e6:26:e7:8f:
70:9e:07:11
-----BEGIN CERTIFICATE-----
MIIHaDCCBlCgAwIBAgIUYHHB1L9Ksu+XGoMd2bo9CQ8M7LMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyODkwMTk0MDU5N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIx
ZjFmMjBhZGU2ODU2OGU1YjEwHhcNMjMwNTI0MTk1NTAxWhcNMjQwNTI0MjAwMDAx
WjCCAi0xggIpMIICJQYDVQQDE4ICHDMwODIwMTBBMDI4MjAxMDEwMEJGM0MzNUI5
ODY4RTlBMjNDNTZDQjA4REZFQzg3MEM0RjU5RTc1NTUxQ0JEQzdBODc0RUI3MkM2
N0MxNDJFNzc5QUNFMTIwNTlGMURCREM5N0Y1OTc2MzU3QkM5MEYxQzZDQ0I5Q0E5
N0ZEODM1NEM3MTUzODI3OTgyMUY3MzI2RTAyMjIwQ0VENkIyNkIyRUU2Q0Y2NUE0
MkExNEI5NzAyOTgyRERCNzgzMjQxOUE2MDI4N0U2OURCMDFEMThFNDhDOTU1QTI5
NjE0NzgwMkQ5RDJDRjVEQTMyNUFBMDdEMzEyRkU1MkYzNTE5RENFMzBEMDY1QTdG
MDkyODI5MkM2N0VBMzUyOTNDQzQwRkNDN0I1M0E1QzcyODBGOERCQkYwNEY4ODEx
NDJCRkVEMjBEMUY3MEQyQjI3NUI3RjcxNjlCMTVEMTA4RjRGNUZENEVFMTlBNUEy
QTJFRjVCNzZENzdENUJFMEQxRTI0QzE1M0FENzc5MEE2RjU5QzUwNTQ4MUEwRjcz
MkIyMTA4RjE3MTQyNkZDNTJFQjNEOTY0OUZFODhBN0FDRkM0MTJEQjI4OUE1Q0Uy
NDdCNjIwNjdBOUMwNzk3NjFDNDg3M0U5RkE3QUQ1Q0NFQkY3NzI2RjgwQjQ0RDcz
MkJGQUU3QkExN0JFQzJEMDIyQ0NEMzExMDIwMzAxMDAwMTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAL88NbmGjpojxWywjf7IcMT1nnVVHL3HqHTrcsZ8
FC53ms4SBZ8dvcl/WXY1e8kPHGzLnKl/2DVMcVOCeYIfcybgIiDO1rJrLubPZaQq
FLlwKYLdt4MkGaYCh+adsB0Y5IyVWilhR4AtnSz12jJaoH0xL+UvNRnc4w0GWn8J
KCksZ+o1KTzED8x7U6XHKA+Nu/BPiBFCv+0g0fcNKydbf3FpsV0Qj09f1O4ZpaKi
71t2131b4NHiTBU613kKb1nFBUgaD3MrIQjxcUJvxS6z2WSf6Ip6z8QS2yiaXOJH
tiBnqcB5dhxIc+n6etXM6/dyb4C0TXMr+ue6F77C0CLM0xECAwEAAaOCAmwwggJo
MB0GA1UdDgQWBBRndN97KMoDpjWoFkVx71l3YL5jCjAfBgNVHSMEGDAWgBTcYnaI
MLGxIBcWUY1eamUlsCNZOjAOBgNVHQ8BAf8EBAMCB4AwZQYDVR0fBF4wXDBaoFig
VoZUcnN5bmM6Ly9ycGtpLm11bHRhY29tLmNvbS9yZXBvL01DT01DQS8wL0RDNjI3
Njg4MzBCMUIxMjAxNzE2NTE4RDVFNkE2NTI1QjAyMzU5M0EuY3JsMIHzBggrBgEF
BQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQv
cmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMt
MjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlh
OC80ZGMwN2JhNi1kMzYwLTRjYTUtYTg2MC02MmU0ZTU0NzZmODQvODkwMTk0MDU5
N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIxZjFmMjBhZGU2ODU2OGU1YjEuY2VyMH4G
CCsGAQUFBwELBHIwcDBuBggrBgEFBQcwC4ZicnN5bmM6Ly9ycGtpLm11bHRhY29t
LmNvbS9yZXBvL01DT01DQS8wLzM0MzMyZTMyMzIzNjJlMzIzNDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMzMzkzNTM2MzgzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACviGDANBgkqhkiG
9w0BAQsFAAOCAQEAL5g9ZdMfO+1/zYWtdluj2vjrCO7TNhGjuKSDh9ynfhlZZVC8
tN8XUECACHk8qfazimrFDzmQt3A4wTyonrizX8eEAhqsGedk6leJSAJRZe0iSNbl
ML6GwkwSRbxEKSTfOPbSJtf3BehlKE8pjRy4cUsUNE1HUs1iJLa8Z8+6vam2/8oU
vGhAymDeGtATRiImvVNLtvhgRqwh6eEmJUVDDJuoenUcfTZZJlgGmUVbf0c0zA3I
QsYiq0VG9WaHsqXegLYiqSG2yHuCm19tMLOkdZUl9exkVcS+pKxj2hgRemf2bVXY
Xpdb/ZYCW7e1kWf5URVog1k88SbmJuePcJ4HEQ==
-----END CERTIFICATE-----
Generated at Wed Aug 9 22:59:11 2023 by rpki-client on console-ams.rpki-client.org