Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/816df2da-1c2e-3cc5-bfe6-13844550fecd.roa
File: 816df2da-1c2e-3cc5-bfe6-13844550fecd.roa (raw, json)
Hash identifier: 7fMX9b2d4MEx+b1rDwmoqWFbUMHAMjiNNP63AYR7O4s=
Subject key identifier: E5:D5:DB:54:1C:A0:EF:E2:08:C4:42:C2:4D:B5:65:09:59:A2:6F:77
Certificate issuer: /CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Certificate serial: 010D0C9F432858486EF5BE16E524521C0DF0F600
Authority key identifier: A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/816df2da-1c2e-3cc5-bfe6-13844550fecd.roa
Signing time: Sat 04 Jan 2025 14:00:51 +0000
ROA not before: Sat 04 Jan 2025 14:00:51 +0000
ROA not after: Fri 04 Apr 2025 13:00:51 +0000
asID: 23470
IP address blocks: 204.152.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:48:6e:f5:be:16:e5:24:52:1c:0d:f0:f6:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Validity
Not Before: Jan 4 14:00:51 2025 GMT
Not After : Apr 4 13:00:51 2025 GMT
Subject: CN=d97b2401-5bcf-4b6c-b913-1127a7bae336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a2:49:a2:80:84:e0:0c:f8:e1:bf:15:01:bd:
98:4a:17:11:9e:1f:72:97:f1:f9:69:c7:40:18:40:
d9:a7:84:a0:89:14:96:48:db:5d:46:0a:c2:e7:ba:
37:82:8a:7b:af:34:e4:91:0e:54:ec:47:7f:14:27:
31:74:d8:b9:96:5e:9a:e6:dc:92:1e:70:ee:9c:32:
d0:f5:81:b3:b8:fa:23:79:d2:e9:81:45:92:39:fa:
88:c9:fd:9e:27:ed:d9:e4:0a:1c:80:ac:bd:01:38:
b0:85:14:26:2c:98:f0:dd:36:e4:68:d8:50:da:1c:
fd:60:4d:f0:d3:2e:1a:f9:70:b2:28:77:ab:ea:26:
22:3e:fc:41:e1:e4:66:6f:3c:56:8e:d5:f5:48:23:
e7:23:de:48:26:d5:2f:4e:9c:d6:55:f7:27:cd:9a:
e8:6c:5a:f6:ce:56:00:f0:67:b8:2f:e4:7f:6a:31:
7b:3c:b2:28:e2:1c:fe:4b:7f:b2:2b:32:25:3e:27:
e1:0d:28:cf:9d:80:40:32:8f:a2:f1:d8:ea:53:32:
50:ee:29:6d:98:a1:7d:80:60:75:50:33:62:a3:62:
01:63:8d:40:17:18:0f:0f:e3:d6:9e:ad:cc:ae:fe:
3e:9e:0e:dc:3d:d1:2a:bf:99:fb:ba:47:37:d6:b9:
c6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D5:DB:54:1C:A0:EF:E2:08:C4:42:C2:4D:B5:65:09:59:A2:6F:77
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/816df2da-1c2e-3cc5-bfe6-13844550fecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.crl
X509v3 Authority Key Identifier:
keyid:A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
sbgp-ipAddrBlock: critical
IPv4:
204.152.221.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
16:ed:4b:cc:fe:c3:e8:be:45:72:31:24:76:fe:05:7a:7b:59:
35:55:bc:b4:9f:25:97:e6:68:65:51:5b:78:2a:86:ca:1e:09:
48:62:f0:67:8f:d7:9e:cd:ce:30:b1:39:84:e4:77:58:69:27:
d3:87:a3:fd:29:aa:0a:e8:03:46:0e:11:83:d8:b3:52:34:ac:
2c:f3:96:56:00:c6:cf:95:36:d5:ae:7b:54:22:1e:8f:23:92:
49:7f:7e:b2:51:48:28:f0:62:0f:dd:45:73:52:8a:c8:13:42:
98:18:ab:43:1b:32:c8:44:f6:29:dc:82:de:89:bf:34:bb:a2:
d3:bb:aa:09:58:41:fd:ab:24:19:44:89:52:72:92:d7:02:94:
b3:4e:53:b3:fb:93:f1:7a:4a:5d:60:01:17:a4:16:bf:bb:23:
a6:b5:ee:b6:db:17:41:04:89:9e:ac:ff:c0:3c:ec:40:c7:d7:
24:6e:77:aa:2d:8b:4d:a9:18:4a:25:45:a8:83:91:69:5e:2a:
f4:02:96:b5:20:9f:53:bf:ca:e5:66:bb:ff:fa:4f:35:57:fa:
51:67:07:5c:16:dc:7d:0c:f0:f0:3d:dd:1d:06:a3:8f:e1:96:
1a:9b:9e:a6:73:20:88:7d:e1:3f:b1:e3:f1:d6:71:cf:33:16:
5c:38:6e:fe
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEhu9b4W5SRSHA3w9gAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjg3NmQ1YTgtNWRkNi00NDBhLTk3ZTItNWUyMGI5ZTAw
ZjVjMB4XDTI1MDEwNDE0MDA1MVoXDTI1MDQwNDEzMDA1MVowLzEtMCsGA1UEAxMk
ZDk3YjI0MDEtNWJjZi00YjZjLWI5MTMtMTEyN2E3YmFlMzM2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKJJooCE4Az44b8VAb2YShcRnh9yl/H5acdA
GEDZp4SgiRSWSNtdRgrC57o3gop7rzTkkQ5U7Ed/FCcxdNi5ll6a5tySHnDunDLQ
9YGzuPojedLpgUWSOfqIyf2eJ+3Z5AocgKy9ATiwhRQmLJjw3TbkaNhQ2hz9YE3w
0y4a+XCyKHer6iYiPvxB4eRmbzxWjtX1SCPnI95IJtUvTpzWVfcnzZrobFr2zlYA
8Ge4L+R/ajF7PLIo4hz+S3+yKzIlPifhDSjPnYBAMo+i8djqUzJQ7iltmKF9gGB1
UDNio2IBY41AFxgPD+PWnq3Mrv4+ng7cPdEqv5n7ukc31rnGewIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFOXV21QcoO/iCMRCwk21ZQlZom93MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2
ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIwYjllMDBmNWMvODE2ZGYyZGEtMWMyZS0z
Y2M1LWJmZTYtMTM4NDQ1NTBmZWNkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjg3NmQ1YTgtNWRkNi00NDBhLTk3
ZTItNWUyMGI5ZTAwZjVjLzY4NzZkNWE4LTVkZDYtNDQwYS05N2UyLTVlMjBiOWUw
MGY1Yy5jcmwwHwYDVR0jBBgwFoAUoSduxM+Q6aeKON2MubjRHPAXmrMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIw
YjllMDBmNWMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAzJjdMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBABbtS8z+w+i+RXIxJHb+BXp7WTVVvLSfJZfmaGVRW3gqhsoeCUhi8GeP
157NzjCxOYTkd1hpJ9OHo/0pqgroA0YOEYPYs1I0rCzzllYAxs+VNtWue1QiHo8j
kkl/frJRSCjwYg/dRXNSisgTQpgYq0MbMshE9incgt6JvzS7otO7qglYQf2rJBlE
iVJyktcClLNOU7P7k/F6Sl1gARekFr+7I6a17rbbF0EEiZ6s/8A87EDH1yRud6ot
i02pGEolRaiDkWleKvQClrUgn1O/yuVmu//6TzVX+lFnB1wW3H0M8PA93R0Go4/h
lhqbnqZzIIh94T+x4/HWcc8zFlw4bv4=
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:14:01 2025 by rpki-client