Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8bd5bc1a-5f48-4ce7-b952-b94b8ece87ff/ca524647-f98d-390b-ab07-9cba43409f7b.roa
File: ca524647-f98d-390b-ab07-9cba43409f7b.roa (raw, json)
Hash identifier: NqriwyLTbvYIzvh0IXafxf0ZwZljTdPOyS00cHcz0SU=
Subject key identifier: 15:59:A2:9C:84:7F:7F:D2:93:40:0A:BF:52:4D:0B:22:F7:A1:B8:43
Certificate issuer: /CN=8bd5bc1a-5f48-4ce7-b952-b94b8ece87ff
Certificate serial: 010D0C9F432858485F9AE5F93896C661DF5F3500
Authority key identifier: 61:A2:CD:53:94:CD:6E:75:69:56:72:39:F6:0B:34:15:6C:1C:75:87
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8bd5bc1a-5f48-4ce7-b952-b94b8ece87ff.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8bd5bc1a-5f48-4ce7-b952-b94b8ece87ff/ca524647-f98d-390b-ab07-9cba43409f7b.roa
Signing time: Mon 30 Dec 2024 02:00:39 +0000
ROA not before: Mon 30 Dec 2024 02:00:39 +0000
ROA not after: Sun 30 Mar 2025 01:00:39 +0000
asID: 46873
IP address blocks: 68.233.32.0/24 maxlen: 24
68.233.33.0/24 maxlen: 24
68.233.34.0/24 maxlen: 24
68.233.35.0/24 maxlen: 24
68.233.36.0/24 maxlen: 24
68.233.45.0/24 maxlen: 24
68.233.46.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:48:5f:9a:e5:f9:38:96:c6:61:df:5f:35:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bd5bc1a-5f48-4ce7-b952-b94b8ece87ff
Validity
Not Before: Dec 30 02:00:39 2024 GMT
Not After : Mar 30 01:00:39 2025 GMT
Subject: CN=5250e874-ffde-4f21-99eb-eda77660722f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a0:28:03:6c:02:d9:d5:38:93:d7:f0:09:f1:
35:f2:16:a9:63:a0:2c:2c:8d:6a:cd:dc:77:bd:79:
39:42:ec:38:69:02:7c:c9:f7:a0:59:a1:36:a5:56:
3d:39:31:e1:11:3a:78:6c:e9:13:b9:7e:f8:ef:ad:
6e:50:db:75:66:75:05:df:31:00:15:26:a1:cb:ad:
ce:5a:57:02:7b:e4:e5:34:b0:a4:63:ba:ed:13:15:
b1:b4:7c:2f:cb:fc:e0:cc:e7:c7:86:7e:ba:c5:a6:
59:7e:a1:34:c0:cd:e9:0d:da:51:32:af:29:67:1a:
12:14:e9:e1:2e:40:7d:23:f9:9f:5c:f7:0d:f9:4e:
4b:82:b7:12:13:76:85:47:a3:92:29:2b:a7:e6:9d:
1f:45:f0:93:8e:32:c4:92:47:07:9c:5c:64:d5:eb:
03:39:41:46:b5:53:4f:5b:b7:9e:cc:0a:6c:84:72:
ba:2d:4b:51:7a:1a:39:25:c9:c5:c5:2b:84:a3:3d:
b3:1f:03:c5:ce:aa:dc:f7:98:fa:b7:ee:64:68:d2:
ed:04:ae:09:30:91:ae:9c:a1:12:8c:ae:0b:c0:86:
e8:49:f8:3c:e4:1d:47:e3:52:2b:48:80:79:3f:e7:
72:43:4c:16:28:72:11:4f:4f:1a:13:db:ad:52:a5:
ad:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:59:A2:9C:84:7F:7F:D2:93:40:0A:BF:52:4D:0B:22:F7:A1:B8:43
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8bd5bc1a-5f48-4ce7-b952-b94b8ece87ff/ca524647-f98d-390b-ab07-9cba43409f7b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8bd5bc1a-5f48-4ce7-b952-b94b8ece87ff/8bd5bc1a-5f48-4ce7-b952-b94b8ece87ff.crl
X509v3 Authority Key Identifier:
keyid:61:A2:CD:53:94:CD:6E:75:69:56:72:39:F6:0B:34:15:6C:1C:75:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8bd5bc1a-5f48-4ce7-b952-b94b8ece87ff.cer
sbgp-ipAddrBlock: critical
IPv4:
68.233.32.0-68.233.36.255
68.233.45.0-68.233.46.255
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
05:3f:95:7a:19:90:ed:f1:4d:7c:d5:05:4a:e6:09:da:0e:78:
7e:a5:c4:3c:aa:34:09:0a:fc:d0:bd:e8:14:fd:5a:89:18:9a:
5e:ba:16:76:b0:9f:53:08:48:bf:e8:6b:fc:3d:b1:52:1a:45:
44:23:c0:88:29:de:81:e3:93:71:ee:e1:f0:f1:48:fe:4f:0c:
0b:94:f5:07:34:a8:bc:f0:ea:c0:95:89:c8:2d:a7:cb:11:ca:
74:7d:50:65:28:4a:ac:d2:95:db:50:0d:45:85:71:da:38:54:
b2:a9:a4:d9:4c:ed:20:09:9e:43:1e:0a:2c:50:21:b2:7b:d8:
72:52:d5:af:40:d4:4e:77:75:60:0d:82:71:bd:95:8e:f0:b2:
59:10:14:be:30:99:65:33:1d:1c:dd:2c:90:fb:0d:d7:fc:13:
3c:b2:88:d9:df:0b:33:36:18:96:7b:6f:0f:cb:ff:1a:21:5a:
1b:b3:18:f0:e2:f3:17:dd:7c:5a:75:c1:87:26:49:64:6f:09:
54:a4:a1:5f:ce:b6:e7:ca:05:86:78:a6:4f:45:8e:fb:85:3d:
55:4c:1e:0e:3c:cd:46:ac:1e:9e:8e:7f:90:14:3c:80:ab:62:
94:a1:a6:ab:a1:4a:7f:c6:d5:4b:c2:13:86:75:ea:a9:4f:9d:
ee:e6:2c:ff
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgIUAQ0Mn0MoWEhfmuX5OJbGYd9fNQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkOGJkNWJjMWEtNWY0OC00Y2U3LWI5NTItYjk0YjhlY2U4
N2ZmMB4XDTI0MTIzMDAyMDAzOVoXDTI1MDMzMDAxMDAzOVowLzEtMCsGA1UEAxMk
NTI1MGU4NzQtZmZkZS00ZjIxLTk5ZWItZWRhNzc2NjA3MjJmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKAoA2wC2dU4k9fwCfE18hapY6AsLI1qzdx3
vXk5Quw4aQJ8yfegWaE2pVY9OTHhETp4bOkTuX74761uUNt1ZnUF3zEAFSahy63O
WlcCe+TlNLCkY7rtExWxtHwvy/zgzOfHhn66xaZZfqE0wM3pDdpRMq8pZxoSFOnh
LkB9I/mfXPcN+U5LgrcSE3aFR6OSKSun5p0fRfCTjjLEkkcHnFxk1esDOUFGtVNP
W7eezApshHK6LUtReho5JcnFxSuEoz2zHwPFzqrc95j6t+5kaNLtBK4JMJGunKES
jK4LwIboSfg85B1H41IrSIB5P+dyQ0wWKHIRT08aE9utUqWt6wIDAQABo4IDazCC
A2cwHQYDVR0OBBYEFBVZopyEf3/Sk0AKv1JNCyL3obhDMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIwMy1iZGE3LTFiZTIwNDkzM2FlNS84YmQ1
YmMxYS01ZjQ4LTRjZTctYjk1Mi1iOTRiOGVjZTg3ZmYvY2E1MjQ2NDctZjk4ZC0z
OTBiLWFiMDctOWNiYTQzNDA5ZjdiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9hNzM0MjBjYi1i
M2NjLTRiMDMtYmRhNy0xYmUyMDQ5MzNhZTUvOGJkNWJjMWEtNWY0OC00Y2U3LWI5
NTItYjk0YjhlY2U4N2ZmLzhiZDViYzFhLTVmNDgtNGNlNy1iOTUyLWI5NGI4ZWNl
ODdmZi5jcmwwHwYDVR0jBBgwFoAUYaLNU5TNbnVpVnI59gs0FWwcdYcwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIw
My1iZGE3LTFiZTIwNDkzM2FlNS84YmQ1YmMxYS01ZjQ4LTRjZTctYjk1Mi1iOTRi
OGVjZTg3ZmYuY2VyMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAVE6SAD
BABE6SQwDAMEAETpLQMEAETpLjBUBgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDow
OAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtp
L2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUAA4IBAQAFP5V6GZDt8U181QVK5gnaDnh+
pcQ8qjQJCvzQvegU/VqJGJpeuhZ2sJ9TCEi/6Gv8PbFSGkVEI8CIKd6B45Nx7uHw
8Uj+TwwLlPUHNKi88OrAlYnILafLEcp0fVBlKEqs0pXbUA1FhXHaOFSyqaTZTO0g
CZ5DHgosUCGye9hyUtWvQNROd3VgDYJxvZWO8LJZEBS+MJllMx0c3SyQ+w3X/BM8
sojZ3wszNhiWe28Py/8aIVobsxjw4vMX3XxadcGHJklkbwlUpKFfzrbnygWGeKZP
RY77hT1VTB4OPM1GrB6ejn+QFDyAq2KUoaaroUp/xtVLwhOGdeqpT53u5iz/
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:12:09 2025 by rpki-client