Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/ab991ee4-f5ad-4c54-a01e-156f24bac9fb/77182df8-3adc-355e-890d-a5f18c621283.roa
File: 77182df8-3adc-355e-890d-a5f18c621283.roa (raw, json)
Hash identifier: C+c8hnpceqNVWr735guv5iqQ6C3xOHPnqFDTr5iKVo8=
Subject key identifier: AC:8A:37:4C:7A:D7:BE:32:59:CC:0B:F7:3B:98:3D:57:12:17:D8:7D
Certificate issuer: /CN=ab991ee4-f5ad-4c54-a01e-156f24bac9fb
Certificate serial: 010D0C9F432858498769A92BBAAEE6BC024A5EE0
Authority key identifier: E4:0D:FE:CF:B8:01:76:80:41:B5:02:2C:01:CC:03:13:BF:00:2A:57
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/ab991ee4-f5ad-4c54-a01e-156f24bac9fb.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/ab991ee4-f5ad-4c54-a01e-156f24bac9fb/77182df8-3adc-355e-890d-a5f18c621283.roa
Signing time: Tue 15 Apr 2025 01:00:47 +0000
ROA not before: Tue 15 Apr 2025 01:00:47 +0000
ROA not after: Mon 14 Jul 2025 01:00:47 +0000
asID: 6079
IP address blocks: 156.2.176.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:49:87:69:a9:2b:ba:ae:e6:bc:02:4a:5e:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab991ee4-f5ad-4c54-a01e-156f24bac9fb
Validity
Not Before: Apr 15 01:00:47 2025 GMT
Not After : Jul 14 01:00:47 2025 GMT
Subject: CN=1a8c028e-483e-4e18-a599-28d32cc95d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:46:d0:16:7e:3c:0b:69:51:3e:95:0c:1a:62:
b5:cd:08:cd:63:3b:88:aa:1f:09:b5:71:b0:e2:d9:
10:62:95:57:49:f4:26:dd:16:a3:ab:d5:bf:e5:be:
34:ee:64:19:55:57:9f:e2:76:af:3b:f6:3e:e5:ad:
9d:50:05:9e:e2:0c:dd:c0:06:88:22:23:39:27:55:
ee:92:c7:07:ca:49:60:e1:39:ae:fc:96:05:0c:05:
ad:8a:17:2b:78:2a:c6:e1:7e:d8:0e:08:08:ec:f6:
95:c3:7d:96:b7:bf:52:34:ba:23:cc:e3:51:13:11:
62:b5:95:a0:11:fa:1c:50:7c:6a:88:e5:a8:fd:e6:
b0:4b:de:f7:2f:3c:f3:bb:26:70:1f:b3:3b:e7:62:
bd:31:79:a2:87:76:32:c9:a8:4c:3a:d9:e2:3c:0c:
be:cf:d0:5b:ee:3c:88:52:20:47:41:5d:1e:4b:1e:
0b:7f:bf:0c:2d:b6:d0:60:bb:ea:7e:4a:59:f6:06:
e2:67:cd:8c:a0:c5:bf:0e:bc:a9:ba:76:5e:9c:b7:
43:9d:dc:a5:0d:8d:0a:cd:cd:e3:a4:05:53:78:7f:
12:cf:7c:30:07:3a:85:9e:ab:39:8d:8b:48:ed:9a:
a9:02:73:8b:bf:c0:9b:5f:58:c8:37:61:8a:e1:ca:
fc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8A:37:4C:7A:D7:BE:32:59:CC:0B:F7:3B:98:3D:57:12:17:D8:7D
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/ab991ee4-f5ad-4c54-a01e-156f24bac9fb/77182df8-3adc-355e-890d-a5f18c621283.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/ab991ee4-f5ad-4c54-a01e-156f24bac9fb/ab991ee4-f5ad-4c54-a01e-156f24bac9fb.crl
X509v3 Authority Key Identifier:
keyid:E4:0D:FE:CF:B8:01:76:80:41:B5:02:2C:01:CC:03:13:BF:00:2A:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/ab991ee4-f5ad-4c54-a01e-156f24bac9fb.cer
sbgp-ipAddrBlock: critical
IPv4:
156.2.176.0/20
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
1a:a9:1d:20:7f:28:0d:5c:2f:ab:12:ad:f2:5e:02:df:e7:9b:
bb:c0:86:27:95:bb:90:7b:ee:02:90:2e:3e:5d:a8:61:bd:0a:
c9:9c:ed:93:9d:86:f6:e7:84:b0:a6:5e:18:43:cc:3b:d7:e4:
f8:4a:4f:96:20:6f:43:73:43:3c:4a:6b:1c:78:cf:83:4b:1c:
74:1b:b2:74:d9:4d:63:2d:69:34:c9:83:84:44:d5:99:61:5f:
0e:a1:3a:f4:1c:d7:4d:45:fd:37:7f:d0:06:3e:a7:e0:1b:98:
e4:63:a7:cf:ee:1b:88:e9:9b:03:ca:74:df:c9:ab:cb:b2:30:
5b:d9:63:3d:80:9c:29:50:a2:85:46:d4:e7:c7:7b:40:ea:b5:
93:32:41:19:29:17:4c:6e:55:62:4f:d2:bb:38:f6:72:b8:79:
fe:5a:f5:c9:4d:14:79:e4:7b:64:0f:d7:2e:94:c3:2c:aa:4f:
d9:8d:53:19:a0:0f:6a:e2:f2:74:f2:28:70:ae:b5:7d:b0:96:
8d:d6:0f:fa:9f:9d:b4:27:48:47:e0:a2:b0:1f:93:a8:91:38:
5d:1a:cd:a7:c5:a2:66:12:f3:8a:53:cf:a8:e1:86:cb:09:11:
da:a1:2a:b9:ce:67:06:f1:58:e0:3e:b1:3e:b0:89:7c:78:36:
99:98:28:12
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEmHaakruq7mvAJKXuAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYWI5OTFlZTQtZjVhZC00YzU0LWEwMWUtMTU2ZjI0YmFj
OWZiMB4XDTI1MDQxNTAxMDA0N1oXDTI1MDcxNDAxMDA0N1owLzEtMCsGA1UEAxMk
MWE4YzAyOGUtNDgzZS00ZTE4LWE1OTktMjhkMzJjYzk1ZDIwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9EbQFn48C2lRPpUMGmK1zQjNYzuIqh8JtXGw
4tkQYpVXSfQm3Rajq9W/5b407mQZVVef4navO/Y+5a2dUAWe4gzdwAaIIiM5J1Xu
kscHyklg4Tmu/JYFDAWtihcreCrG4X7YDggI7PaVw32Wt79SNLojzONRExFitZWg
EfocUHxqiOWo/eawS973LzzzuyZwH7M752K9MXmih3YyyahMOtniPAy+z9Bb7jyI
UiBHQV0eSx4Lf78MLbbQYLvqfkpZ9gbiZ82MoMW/DrypunZenLdDndylDY0Kzc3j
pAVTeH8Sz3wwBzqFnqs5jYtI7ZqpAnOLv8CbX1jIN2GK4cr8ywIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKyKN0x6174yWcwL9zuYPVcSF9h9MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Q5ZDE1NzJmLTZjYmItNGNmNy1iNTk5LWU5ZDBlOTgxZDliZi9hYjk5
MWVlNC1mNWFkLTRjNTQtYTAxZS0xNTZmMjRiYWM5ZmIvNzcxODJkZjgtM2FkYy0z
NTVlLTg5MGQtYTVmMThjNjIxMjgzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9kOWQxNTcyZi02
Y2JiLTRjZjctYjU5OS1lOWQwZTk4MWQ5YmYvYWI5OTFlZTQtZjVhZC00YzU0LWEw
MWUtMTU2ZjI0YmFjOWZiL2FiOTkxZWU0LWY1YWQtNGM1NC1hMDFlLTE1NmYyNGJh
YzlmYi5jcmwwHwYDVR0jBBgwFoAU5A3+z7gBdoBBtQIsAcwDE78AKlcwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Q5ZDE1NzJmLTZjYmItNGNm
Ny1iNTk5LWU5ZDBlOTgxZDliZi9hYjk5MWVlNC1mNWFkLTRjNTQtYTAxZS0xNTZm
MjRiYWM5ZmIuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnAKwMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBABqpHSB/KA1cL6sSrfJeAt/nm7vAhieVu5B77gKQLj5dqGG9Csmc7ZOd
hvbnhLCmXhhDzDvX5PhKT5Ygb0NzQzxKaxx4z4NLHHQbsnTZTWMtaTTJg4RE1Zlh
Xw6hOvQc101F/Td/0AY+p+AbmORjp8/uG4jpmwPKdN/Jq8uyMFvZYz2AnClQooVG
1OfHe0DqtZMyQRkpF0xuVWJP0rs49nK4ef5a9clNFHnke2QP1y6UwyyqT9mNUxmg
D2ri8nTyKHCutX2wlo3WD/qfnbQnSEfgorAfk6iROF0azafFomYS84pTz6jhhssJ
EdqhKrnOZwbxWOA+sT6wiXx4NpmYKBI=
-----END CERTIFICATE-----
Generated at Mon Jun 16 03:26:17 2025 by rpki-client