Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/ef9ac143-3f26-4b9b-8997-3d3fbd310f8f/2aa9e17b-41cd-39a0-97de-3a0b4cdf6a25.roa
File: 2aa9e17b-41cd-39a0-97de-3a0b4cdf6a25.roa (raw, json)
Hash identifier: tpaBmTXIE21jVN5by4PcfNuARAswcr+8wcGBpa/eFbE=
Subject key identifier: AF:77:09:62:A7:AE:9D:36:02:5C:A2:21:94:D1:CB:D5:F0:E9:B8:EA
Certificate issuer: /CN=ef9ac143-3f26-4b9b-8997-3d3fbd310f8f
Certificate serial: 010D0C9F43285843411AF8435DD1877EAE6AED40
Authority key identifier: 09:6A:67:2E:DB:60:79:88:AA:30:A8:4E:AC:8E:B8:A2:3D:59:18:96
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/ef9ac143-3f26-4b9b-8997-3d3fbd310f8f.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/ef9ac143-3f26-4b9b-8997-3d3fbd310f8f/2aa9e17b-41cd-39a0-97de-3a0b4cdf6a25.roa
Signing time: Sun 17 Sep 2023 15:54:05 +0000
ROA not before: Sun 17 Sep 2023 15:54:05 +0000
ROA not after: Sat 16 Dec 2023 16:54:05 +0000
asID: 13911
IP address blocks: 66.51.96.0/20 maxlen: 20
198.161.206.0/24 maxlen: 24
216.194.64.0/21 maxlen: 21
216.234.160.0/21 maxlen: 21
216.234.184.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:43:41:1a:f8:43:5d:d1:87:7e:ae:6a:ed:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9ac143-3f26-4b9b-8997-3d3fbd310f8f
Validity
Not Before: Sep 17 15:54:05 2023 GMT
Not After : Dec 16 16:54:05 2023 GMT
Subject: CN=5c5547c4-b15f-458a-bdbc-ba1bb267fe2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8c:73:ad:db:8f:fa:42:63:ce:11:a5:54:5b:
a5:a0:a3:a4:7a:32:db:6f:d1:56:4e:05:71:70:2d:
40:0c:71:0b:29:5b:b0:b2:ca:a5:67:21:42:74:e7:
a4:9d:0b:d5:fb:85:14:30:79:2d:0f:06:d9:4d:73:
85:bb:10:d9:23:17:7d:85:9b:28:c7:aa:b9:86:d5:
3a:92:dd:8c:65:d7:dd:34:f6:e9:28:c2:77:c5:a4:
6d:84:12:c2:17:28:8f:19:06:93:50:b4:b5:48:56:
98:1c:5e:27:d1:d8:1d:a5:22:d7:96:a1:2d:01:d9:
31:85:a8:0f:1c:a8:1a:8e:b1:5a:34:00:d9:3f:02:
6f:ae:79:75:1b:da:f9:2e:a4:07:0f:f5:54:11:a7:
00:93:6d:0f:50:c8:e3:19:f8:d8:48:40:64:16:70:
fe:40:49:b9:8e:43:6b:3b:d9:cc:39:fa:a9:cb:ad:
40:a5:56:44:36:a2:db:d6:7b:03:83:9d:24:3e:a4:
99:5b:6a:88:e2:cd:93:1d:6a:e0:30:52:e5:1e:76:
2e:49:45:a0:6c:89:bd:bd:b6:31:51:1e:2d:aa:91:
ae:47:43:11:df:6b:bd:c3:11:11:8e:0d:66:f8:64:
40:c5:4a:83:ce:29:ce:dc:d4:ce:55:95:0b:a5:3a:
4f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:77:09:62:A7:AE:9D:36:02:5C:A2:21:94:D1:CB:D5:F0:E9:B8:EA
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/ef9ac143-3f26-4b9b-8997-3d3fbd310f8f/2aa9e17b-41cd-39a0-97de-3a0b4cdf6a25.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/ef9ac143-3f26-4b9b-8997-3d3fbd310f8f/ef9ac143-3f26-4b9b-8997-3d3fbd310f8f.crl
X509v3 Authority Key Identifier:
keyid:09:6A:67:2E:DB:60:79:88:AA:30:A8:4E:AC:8E:B8:A2:3D:59:18:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/ef9ac143-3f26-4b9b-8997-3d3fbd310f8f.cer
sbgp-ipAddrBlock: critical
IPv4:
66.51.96.0/20
198.161.206.0/24
216.194.64.0/21
216.234.160.0/21
216.234.184.0/21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
68:71:f9:14:d2:23:7a:7b:77:96:c5:8b:8d:e4:cf:2e:95:5f:
38:56:eb:e3:56:e3:de:52:63:12:00:ff:57:44:1c:33:a2:af:
9a:6d:62:56:50:7a:ae:fb:0e:4e:4a:9a:51:96:53:03:64:b2:
f3:ce:d6:10:4d:12:62:65:75:05:96:49:7f:c9:5f:1b:f4:c1:
b2:fc:a9:bc:1b:81:65:6e:67:ae:1d:51:8e:6a:a5:00:ea:8a:
bd:cc:cf:a2:55:8d:0c:fc:35:cd:81:33:c0:79:16:1b:1b:9e:
c2:fa:d2:af:0f:8c:38:6a:c6:9a:39:16:88:b2:67:e4:42:d9:
c6:96:c8:99:6d:05:33:54:60:b2:2f:85:51:b7:c5:de:d5:54:
01:a1:6f:ec:ae:e3:97:f0:4a:c9:42:4b:b9:6d:87:4b:53:3d:
da:21:00:68:49:89:a4:00:a1:ec:a3:41:4d:54:8b:97:fc:e0:
aa:8a:d1:86:cc:37:3a:08:6e:d9:4b:3c:22:36:00:6a:bb:c5:
e1:28:d9:bf:14:84:d2:75:76:35:fa:35:9f:70:79:1a:5d:82:
b3:8f:fa:8a:2f:e4:1a:09:0f:8d:60:26:7b:b5:ec:cf:66:89:
14:1d:b6:88:7b:b8:1f:97:ce:55:b4:24:6d:f8:2d:55:0f:f1:
e5:3a:3b:98
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgIUAQ0Mn0MoWENBGvhDXdGHfq5q7UAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZWY5YWMxNDMtM2YyNi00YjliLTg5OTctM2QzZmJkMzEw
ZjhmMB4XDTIzMDkxNzE1NTQwNVoXDTIzMTIxNjE2NTQwNVowLzEtMCsGA1UEAxMk
NWM1NTQ3YzQtYjE1Zi00NThhLWJkYmMtYmExYmIyNjdmZTJlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIxzrduP+kJjzhGlVFuloKOkejLbb9FWTgVx
cC1ADHELKVuwssqlZyFCdOeknQvV+4UUMHktDwbZTXOFuxDZIxd9hZsox6q5htU6
kt2MZdfdNPbpKMJ3xaRthBLCFyiPGQaTULS1SFaYHF4n0dgdpSLXlqEtAdkxhagP
HKgajrFaNADZPwJvrnl1G9r5LqQHD/VUEacAk20PUMjjGfjYSEBkFnD+QEm5jkNr
O9nMOfqpy61ApVZENqLb1nsDg50kPqSZW2qI4s2THWrgMFLlHnYuSUWgbIm9vbYx
UR4tqpGuR0MR32u9wxERjg1m+GRAxUqDzinO3NTOVZULpTpPYQIDAQABo4IDbTCC
A2kwHQYDVR0OBBYEFK93CWKnrp02AlyiIZTRy9Xw6bjqMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9lZjlh
YzE0My0zZjI2LTRiOWItODk5Ny0zZDNmYmQzMTBmOGYvMmFhOWUxN2ItNDFjZC0z
OWEwLTk3ZGUtM2EwYjRjZGY2YTI1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvZWY5YWMxNDMtM2YyNi00YjliLTg5
OTctM2QzZmJkMzEwZjhmL2VmOWFjMTQzLTNmMjYtNGI5Yi04OTk3LTNkM2ZiZDMx
MGY4Zi5jcmwwHwYDVR0jBBgwFoAUCWpnLttgeYiqMKhOrI64oj1ZGJYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS9lZjlhYzE0My0zZjI2LTRiOWItODk5Ny0zZDNm
YmQzMTBmOGYuY2VyMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEQjNgAwQA
xqHOAwQD2MJAAwQD2OqgAwQD2Oq4MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIw
OjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jw
a2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBAGhx+RTSI3p7d5bFi43kzy6V
XzhW6+NW495SYxIA/1dEHDOir5ptYlZQeq77Dk5KmlGWUwNksvPO1hBNEmJldQWW
SX/JXxv0wbL8qbwbgWVuZ64dUY5qpQDqir3Mz6JVjQz8Nc2BM8B5FhsbnsL60q8P
jDhqxpo5FoiyZ+RC2caWyJltBTNUYLIvhVG3xd7VVAGhb+yu45fwSslCS7lth0tT
PdohAGhJiaQAoeyjQU1Ui5f84KqK0YbMNzoIbtlLPCI2AGq7xeEo2b8UhNJ1djX6
NZ9weRpdgrOP+oov5BoJD41gJnu17M9miRQdtoh7uB+XzlW0JG34LVUP8eU6O5g=
-----END CERTIFICATE-----
Generated at Sun Jun 15 15:25:50 2025 by rpki-client