Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/fe03b2e7-4dea-37f3-bd58-6709b9366800.roa
File: fe03b2e7-4dea-37f3-bd58-6709b9366800.roa (raw, json)
Hash identifier: n8Pl/XtPtr2ILW7ZyC1OALEsCmFg9zoWvMoTZ0shn9s=
Subject key identifier: 6A:17:A6:B9:90:58:B5:CF:92:2C:29:80:1E:00:E2:89:C5:28:58:A9
Certificate issuer: /CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Certificate serial: 010D0C9F43285848A4C644CF51612B0D5F80B280
Authority key identifier: A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/fe03b2e7-4dea-37f3-bd58-6709b9366800.roa
Signing time: Thu 23 Jan 2025 20:38:57 +0000
ROA not before: Thu 23 Jan 2025 20:38:57 +0000
ROA not after: Wed 23 Apr 2025 19:38:57 +0000
asID: 36352
IP address blocks: 104.129.1.0/24 maxlen: 24
104.129.2.0/24 maxlen: 24
104.129.11.0/24 maxlen: 24
104.129.13.0/24 maxlen: 24
104.129.58.0/24 maxlen: 24
104.129.59.0/24 maxlen: 24
104.129.61.0/24 maxlen: 24
104.129.62.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:48:a4:c6:44:cf:51:61:2b:0d:5f:80:b2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Validity
Not Before: Jan 23 20:38:57 2025 GMT
Not After : Apr 23 19:38:57 2025 GMT
Subject: CN=7081323c-4e74-4978-889b-fdd78a279c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a4:60:34:f0:70:33:18:cb:d1:cc:1b:cf:1b:
94:d4:01:8b:c5:ff:67:bd:f5:54:78:f7:7b:97:c0:
ae:17:44:d4:42:a8:e3:e8:8a:21:c8:08:fc:d7:ef:
4e:08:6d:77:80:75:9d:6d:1d:90:bf:ca:25:9f:ad:
14:41:40:bf:55:92:55:c2:48:48:03:a3:49:f4:e3:
94:40:2a:c2:03:fd:19:30:5b:a1:7b:8b:32:aa:b8:
fd:72:20:c9:21:1e:d3:50:2b:eb:01:e7:28:07:e5:
6a:af:d6:84:cd:ba:e4:af:a6:6d:f4:0f:ca:91:a3:
66:d5:f9:e4:47:9f:29:e3:d6:74:6e:40:1b:8e:9b:
b6:c7:c3:ea:37:ca:15:91:15:b6:48:d3:be:9d:2f:
e5:a2:b3:bf:a7:9d:9c:9c:6b:74:97:82:c7:6f:ab:
43:fc:62:9e:89:59:e7:d9:5c:ff:6a:5e:ac:75:fa:
62:82:7b:95:3a:6a:bd:8b:1f:00:9f:89:aa:db:03:
72:59:d8:f3:b6:65:28:bb:5e:03:ef:27:05:a2:b5:
a8:4c:b6:10:ed:ec:c3:7d:af:60:42:fc:4f:0c:96:
8a:8b:ce:ac:c7:b7:bf:a4:76:20:1c:8d:a0:13:8c:
ba:0f:73:38:a8:7c:51:67:d7:7f:31:77:61:1b:ba:
ec:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:17:A6:B9:90:58:B5:CF:92:2C:29:80:1E:00:E2:89:C5:28:58:A9
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/fe03b2e7-4dea-37f3-bd58-6709b9366800.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.crl
X509v3 Authority Key Identifier:
keyid:A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
sbgp-ipAddrBlock: critical
IPv4:
104.129.1.0-104.129.2.255
104.129.11.0/24
104.129.13.0/24
104.129.58.0/23
104.129.61.0-104.129.62.255
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
7d:5a:e6:4b:fc:57:4b:ae:bc:53:dd:75:c1:c3:4e:be:cc:e4:
ec:02:ed:b4:92:54:61:f0:80:1d:94:4f:7a:f4:3b:13:03:de:
a7:88:ff:44:4b:2d:fc:f2:9f:85:fc:bf:49:eb:47:97:a6:3e:
4d:97:43:f6:0c:19:7a:5e:e9:fc:82:32:63:59:c1:46:4d:56:
b8:e0:f8:cf:73:0f:f1:cd:93:51:33:e6:36:ae:90:b0:bd:5e:
fb:7c:9b:f3:54:ca:17:69:17:41:f8:d2:f0:19:49:d1:52:88:
d7:51:cb:4e:49:6f:a7:3b:28:05:04:65:e2:7c:20:df:bf:03:
3b:a8:f3:f7:c6:b9:45:91:9a:c1:c3:e3:95:d3:b9:c5:34:ed:
f3:5b:13:3f:c0:f7:b6:59:81:d9:77:b0:95:72:c2:41:d2:49:
9d:f7:75:89:3c:3e:9c:21:aa:6d:dc:1d:5d:d1:d7:4c:eb:52:
27:d1:ff:22:db:b7:ca:17:42:83:9c:34:ab:ae:15:ba:9d:37:
22:f5:f3:c1:13:f2:98:a1:1e:42:bf:94:b5:f0:66:03:3b:88:
66:b6:52:ff:ff:97:e6:7a:69:aa:55:00:ac:41:45:b0:e0:7d:
43:66:cc:f7:49:93:ef:cd:9a:cc:c0:24:2f:95:cd:e6:da:8f:
9c:d7:25:dc
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgIUAQ0Mn0MoWEikxkTPUWErDV+AsoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjg3NmQ1YTgtNWRkNi00NDBhLTk3ZTItNWUyMGI5ZTAw
ZjVjMB4XDTI1MDEyMzIwMzg1N1oXDTI1MDQyMzE5Mzg1N1owLzEtMCsGA1UEAxMk
NzA4MTMyM2MtNGU3NC00OTc4LTg4OWItZmRkNzhhMjc5YzFkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6RgNPBwMxjL0cwbzxuU1AGLxf9nvfVUePd7
l8CuF0TUQqjj6IohyAj81+9OCG13gHWdbR2Qv8oln60UQUC/VZJVwkhIA6NJ9OOU
QCrCA/0ZMFuhe4syqrj9ciDJIR7TUCvrAecoB+Vqr9aEzbrkr6Zt9A/KkaNm1fnk
R58p49Z0bkAbjpu2x8PqN8oVkRW2SNO+nS/lorO/p52cnGt0l4LHb6tD/GKeiVnn
2Vz/al6sdfpignuVOmq9ix8An4mq2wNyWdjztmUou14D7ycForWoTLYQ7ezDfa9g
QvxPDJaKi86sx7e/pHYgHI2gE4y6D3M4qHxRZ9d/MXdhG7rs3wIDAQABo4IDfTCC
A3kwHQYDVR0OBBYEFGoXprmQWLXPkiwpgB4A4onFKFipMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2
ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIwYjllMDBmNWMvZmUwM2IyZTctNGRlYS0z
N2YzLWJkNTgtNjcwOWI5MzY2ODAwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjg3NmQ1YTgtNWRkNi00NDBhLTk3
ZTItNWUyMGI5ZTAwZjVjLzY4NzZkNWE4LTVkZDYtNDQwYS05N2UyLTVlMjBiOWUw
MGY1Yy5jcmwwHwYDVR0jBBgwFoAUoSduxM+Q6aeKON2MubjRHPAXmrMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIw
YjllMDBmNWMuY2VyMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBABogQED
BABogQIDBABogQsDBABogQ0DBAFogTowDAMEAGiBPQMEAGiBPjBUBgNVHSABAf8E
SjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3LmFyaW4u
bmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUAA4IBAQB9
WuZL/FdLrrxT3XXBw06+zOTsAu20klRh8IAdlE969DsTA96niP9ESy388p+F/L9J
60eXpj5Nl0P2DBl6Xun8gjJjWcFGTVa44PjPcw/xzZNRM+Y2rpCwvV77fJvzVMoX
aRdB+NLwGUnRUojXUctOSW+nOygFBGXifCDfvwM7qPP3xrlFkZrBw+OV07nFNO3z
WxM/wPe2WYHZd7CVcsJB0kmd93WJPD6cIapt3B1d0ddM61In0f8i27fKF0KDnDSr
rhW6nTci9fPBE/KYoR5Cv5S18GYDO4hmtlL//5fmemmqVQCsQUWw4H1DZsz3SZPv
zZrMwCQvlc3m2o+c1yXc
-----END CERTIFICATE-----
Generated at Mon Apr 28 18:31:02 2025 by rpki-client