Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/a6f551d8-c97f-31bf-bf3b-22ebe76ae67e.roa
File: a6f551d8-c97f-31bf-bf3b-22ebe76ae67e.roa (raw, json)
Hash identifier: 03FzbYlPRzwP4SADgjmJ3MRgNeKyzpQU1gVAYfFN2Rw=
Subject key identifier: 3C:F9:5D:EE:05:9A:A3:7C:4C:21:7B:94:B2:5A:DC:17:46:10:C2:B0
Certificate issuer: /CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Certificate serial: 010D0C9F43285848A6B656415652D94A7BD6F280
Authority key identifier: A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/a6f551d8-c97f-31bf-bf3b-22ebe76ae67e.roa
Signing time: Fri 24 Jan 2025 13:18:28 +0000
ROA not before: Fri 24 Jan 2025 13:18:28 +0000
ROA not after: Thu 24 Apr 2025 12:18:28 +0000
asID: 36352
IP address blocks: 64.188.1.0/24 maxlen: 24
64.188.4.0/24 maxlen: 24
64.188.7.0/24 maxlen: 24
64.188.12.0/24 maxlen: 24
64.188.14.0/24 maxlen: 24
64.188.17.0/24 maxlen: 24
64.188.31.0/24 maxlen: 24
66.212.20.0/24 maxlen: 24
67.215.226.0/24 maxlen: 24
72.11.132.0/24 maxlen: 24
96.44.161.0/24 maxlen: 24
104.129.16.0/24 maxlen: 24
104.223.63.0/24 maxlen: 24
104.223.86.0/24 maxlen: 24
104.223.87.0/24 maxlen: 24
107.150.17.0/24 maxlen: 24
107.161.91.0/24 maxlen: 24
167.160.181.0/24 maxlen: 24
173.254.215.0/24 maxlen: 24
192.161.60.0/24 maxlen: 24
192.161.61.0/24 maxlen: 24
204.44.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:48:a6:b6:56:41:56:52:d9:4a:7b:d6:f2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Validity
Not Before: Jan 24 13:18:28 2025 GMT
Not After : Apr 24 12:18:28 2025 GMT
Subject: CN=f6b7a8d7-25cb-4f8d-b2b2-231cb821511f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2b:d1:1c:e5:85:4c:7a:84:d8:97:85:d4:3b:
d6:80:8c:91:85:de:0f:27:0c:0e:44:f3:a7:e7:29:
0c:5e:1b:ff:cb:36:5a:d3:6a:5e:cd:6d:c9:0b:35:
31:df:1a:c3:ac:af:d6:f3:ac:15:c6:ff:40:d4:8c:
05:28:3c:5a:dc:21:65:5b:60:c3:f1:b9:e9:51:7e:
91:43:76:67:f0:db:64:7c:c7:81:5f:92:49:80:14:
31:b2:a8:3e:26:3a:eb:b7:26:86:7d:0f:55:cd:6e:
be:ae:23:0e:94:dd:ea:9b:62:9e:42:e9:f6:2e:12:
f6:d1:66:3f:86:91:2b:ef:d5:04:69:3e:b5:43:ae:
88:3e:57:79:1a:f5:a5:90:da:1a:2b:f9:c8:c5:f9:
91:20:4d:57:86:79:49:d5:5f:39:97:cc:bf:1d:59:
d3:b4:0e:aa:25:03:1d:2f:c1:cf:32:53:f2:c6:4e:
f5:f4:41:ce:9e:dd:5b:46:c1:46:6a:21:41:05:75:
a9:3d:6b:3e:4e:45:b9:66:ce:bc:fe:c8:bf:f0:8e:
0b:e2:e9:c4:17:12:9b:d7:1a:51:a0:b2:da:ca:f2:
64:00:2e:4f:f0:e5:d9:d2:99:8e:1b:c9:ab:57:fb:
e7:a2:65:85:7e:5e:2c:c6:0b:23:ef:5b:5d:88:28:
36:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F9:5D:EE:05:9A:A3:7C:4C:21:7B:94:B2:5A:DC:17:46:10:C2:B0
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/a6f551d8-c97f-31bf-bf3b-22ebe76ae67e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.crl
X509v3 Authority Key Identifier:
keyid:A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
sbgp-ipAddrBlock: critical
IPv4:
64.188.1.0/24
64.188.4.0/24
64.188.7.0/24
64.188.12.0/24
64.188.14.0/24
64.188.17.0/24
64.188.31.0/24
66.212.20.0/24
67.215.226.0/24
72.11.132.0/24
96.44.161.0/24
104.129.16.0/24
104.223.63.0/24
104.223.86.0/23
107.150.17.0/24
107.161.91.0/24
167.160.181.0/24
173.254.215.0/24
192.161.60.0/23
204.44.97.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
00:b8:1e:45:ab:8a:4f:a2:8c:c4:26:ac:d6:52:69:85:2f:74:
82:4c:13:e5:c7:7a:1b:16:e9:0d:20:68:7b:b7:03:dd:2b:85:
a2:d8:fb:3d:ca:8e:8a:97:60:84:a1:75:19:54:e5:ef:3b:e9:
d9:51:80:4e:4e:96:8e:9e:f5:8e:34:5e:47:8b:a2:86:57:06:
d7:86:76:d1:7d:d3:d3:0c:e3:10:af:1c:25:da:82:2c:a4:d3:
e5:c0:c3:6d:d8:a2:81:45:19:25:7a:ad:06:3c:f5:26:9e:9b:
df:28:0b:05:60:4e:05:4f:a3:49:e7:4e:f1:dc:8f:e4:74:9b:
ca:87:d3:8e:19:4e:b8:a4:51:ff:a0:ee:28:c0:91:b3:9a:1e:
97:f3:98:7f:ca:3d:90:43:18:60:5b:5b:76:59:f5:a5:69:47:
a6:c9:ca:2e:2e:93:6f:93:af:9b:91:c2:cf:5f:13:98:e1:5c:
0d:db:d5:92:f6:71:9d:42:02:3c:2b:8e:7b:62:b4:90:7d:ac:
ce:2c:bd:83:b8:55:65:b0:b1:11:61:3d:c4:25:39:c7:40:6a:
91:30:e9:74:8a:70:1e:48:b6:e4:ea:f8:e6:c9:3f:ce:7f:73:
7b:eb:7e:ee:ac:9e:6b:46:85:6e:d8:3e:2a:2d:56:5b:08:ab:
76:0f:12:70
-----BEGIN CERTIFICATE-----
MIIGuDCCBaCgAwIBAgIUAQ0Mn0MoWEimtlZBVlLZSnvW8oAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjg3NmQ1YTgtNWRkNi00NDBhLTk3ZTItNWUyMGI5ZTAw
ZjVjMB4XDTI1MDEyNDEzMTgyOFoXDTI1MDQyNDEyMTgyOFowLzEtMCsGA1UEAxMk
ZjZiN2E4ZDctMjVjYi00ZjhkLWIyYjItMjMxY2I4MjE1MTFmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSvRHOWFTHqE2JeF1DvWgIyRhd4PJwwORPOn
5ykMXhv/yzZa02pezW3JCzUx3xrDrK/W86wVxv9A1IwFKDxa3CFlW2DD8bnpUX6R
Q3Zn8NtkfMeBX5JJgBQxsqg+JjrrtyaGfQ9VzW6+riMOlN3qm2KeQun2LhL20WY/
hpEr79UEaT61Q66IPld5GvWlkNoaK/nIxfmRIE1XhnlJ1V85l8y/HVnTtA6qJQMd
L8HPMlPyxk719EHOnt1bRsFGaiFBBXWpPWs+TkW5Zs68/si/8I4L4unEFxKb1xpR
oLLayvJkAC5P8OXZ0pmOG8mrV/vnomWFfl4sxgsj71tdiCg2bQIDAQABo4IDyjCC
A8YwHQYDVR0OBBYEFDz5Xe4FmqN8TCF7lLJa3BdGEMKwMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2
ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIwYjllMDBmNWMvYTZmNTUxZDgtYzk3Zi0z
MWJmLWJmM2ItMjJlYmU3NmFlNjdlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjg3NmQ1YTgtNWRkNi00NDBhLTk3
ZTItNWUyMGI5ZTAwZjVjLzY4NzZkNWE4LTVkZDYtNDQwYS05N2UyLTVlMjBiOWUw
MGY1Yy5jcmwwHwYDVR0jBBgwFoAUoSduxM+Q6aeKON2MubjRHPAXmrMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIw
YjllMDBmNWMuY2VyMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAQLwB
AwQAQLwEAwQAQLwHAwQAQLwMAwQAQLwOAwQAQLwRAwQAQLwfAwQAQtQUAwQAQ9fi
AwQASAuEAwQAYCyhAwQAaIEQAwQAaN8/AwQBaN9WAwQAa5YRAwQAa6FbAwQAp6C1
AwQArf7XAwQBwKE8AwQAzCxhMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4
BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kv
Y3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBAAC4HkWrik+ijMQmrNZSaYUvdIJM
E+XHehsW6Q0gaHu3A90rhaLY+z3KjoqXYIShdRlU5e876dlRgE5Olo6e9Y40XkeL
ooZXBteGdtF909MM4xCvHCXagiyk0+XAw23YooFFGSV6rQY89Saem98oCwVgTgVP
o0nnTvHcj+R0m8qH044ZTrikUf+g7ijAkbOaHpfzmH/KPZBDGGBbW3ZZ9aVpR6bJ
yi4uk2+Tr5uRws9fE5jhXA3b1ZL2cZ1CAjwrjntitJB9rM4svYO4VWWwsRFhPcQl
OcdAapEw6XSKcB5ItuTq+ObJP85/c3vrfu6snmtGhW7YPiotVlsIq3YPEnA=
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:29:42 2025 by rpki-client