Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8583e379-1578-4044-8426-ddcb4a4a8192/3999e7df-d7df-362e-b39b-4acc1b9a3a01.roa
File: 3999e7df-d7df-362e-b39b-4acc1b9a3a01.roa (raw, json)
Hash identifier: 65hHsLPgVzmlVZ+tZZTYOW0C/o6UDNcYmpNab2S2r6k=
Subject key identifier: 7E:4C:CB:6B:38:A3:14:27:B4:92:29:34:40:7F:46:36:3A:3B:C9:EF
Certificate issuer: /CN=8583e379-1578-4044-8426-ddcb4a4a8192
Certificate serial: 010D0C9F43285844BCAF51EE78A9A50D41CA7600
Authority key identifier: 89:C7:5F:3F:CE:A7:5D:0D:C3:10:F9:23:2C:65:92:27:0C:63:1D:62
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8583e379-1578-4044-8426-ddcb4a4a8192.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8583e379-1578-4044-8426-ddcb4a4a8192/3999e7df-d7df-362e-b39b-4acc1b9a3a01.roa
Signing time: Wed 31 Jan 2024 15:04:21 +0000
ROA not before: Wed 31 Jan 2024 15:04:21 +0000
ROA not after: Tue 30 Apr 2024 14:04:21 +0000
asID: 64200
IP address blocks: 67.21.32.0/22 maxlen: 22
192.154.192.0/19 maxlen: 19
192.154.232.0/21 maxlen: 21
192.154.240.0/20 maxlen: 20
199.188.88.0/21 maxlen: 21
2604:8180::/31 maxlen: 31
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:44:bc:af:51:ee:78:a9:a5:0d:41:ca:76:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8583e379-1578-4044-8426-ddcb4a4a8192
Validity
Not Before: Jan 31 15:04:21 2024 GMT
Not After : Apr 30 14:04:21 2024 GMT
Subject: CN=2fa72237-b0dc-4644-95d6-0e0e7c21e681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:10:b4:ab:86:5c:4e:fd:52:1d:83:5a:af:10:
69:05:b3:da:f5:97:49:8d:b3:9c:ae:e5:b7:d6:31:
f6:c9:31:8b:7b:79:7a:75:42:07:fe:c1:2c:1d:2d:
5b:ed:77:d4:57:2c:a2:17:73:9c:0c:0a:e9:3c:cc:
fe:89:39:1c:2b:39:13:76:c5:04:79:b3:20:e7:2a:
a1:ae:c1:03:44:54:e5:47:79:02:09:fe:fe:1d:49:
6a:28:9f:68:77:56:7a:8d:34:60:d0:0f:2f:6f:80:
a9:51:2c:cc:a6:3b:59:1d:17:2a:54:c5:04:07:2f:
44:c4:ab:e9:9c:47:ce:80:9d:b4:ec:7e:56:73:2a:
54:19:5c:21:0f:23:1c:81:04:59:67:d1:f2:ce:c1:
06:36:bf:9e:d2:b0:43:2d:96:a7:3e:e8:10:b0:48:
1a:c6:18:eb:7e:45:91:c7:e6:a0:09:68:63:ff:cd:
e9:13:68:b2:4d:ea:98:d4:ca:6d:9d:36:49:86:9d:
05:b5:04:d0:e6:92:74:a8:ae:02:25:75:4b:29:91:
87:28:ce:18:40:8b:54:ac:97:ab:a9:f6:3c:cc:36:
3c:a5:eb:0d:17:23:90:c2:d4:1d:f7:ee:24:42:b3:
02:97:ad:3a:dd:f1:dd:63:11:bf:48:08:e5:8a:42:
94:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:4C:CB:6B:38:A3:14:27:B4:92:29:34:40:7F:46:36:3A:3B:C9:EF
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8583e379-1578-4044-8426-ddcb4a4a8192/3999e7df-d7df-362e-b39b-4acc1b9a3a01.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8583e379-1578-4044-8426-ddcb4a4a8192/8583e379-1578-4044-8426-ddcb4a4a8192.crl
X509v3 Authority Key Identifier:
keyid:89:C7:5F:3F:CE:A7:5D:0D:C3:10:F9:23:2C:65:92:27:0C:63:1D:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/8583e379-1578-4044-8426-ddcb4a4a8192.cer
sbgp-ipAddrBlock: critical
IPv4:
67.21.32.0/22
192.154.192.0/19
192.154.232.0-192.154.255.255
199.188.88.0/21
IPv6:
2604:8180::/31
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
5f:79:c6:b3:ce:33:42:16:3f:b1:a6:87:e1:68:fe:99:eb:78:
15:85:21:1f:2d:34:c0:e3:a2:54:3b:1f:a8:20:17:e2:e3:35:
6b:fd:65:97:ef:4f:a0:15:16:a6:74:e7:3e:36:df:69:52:0f:
00:57:50:1b:cd:6f:7c:83:1e:cb:ae:78:33:99:1a:70:e2:2e:
88:1b:b5:6c:67:72:a2:70:38:d9:73:44:36:2a:b9:d6:49:d8:
cb:e7:2e:d5:68:d4:e6:c5:77:e2:1e:a7:16:65:a0:4b:7e:28:
24:18:11:01:c9:e3:3a:29:98:c2:73:c4:f8:7b:15:a6:41:21:
59:17:08:b9:0b:10:57:a4:3c:6e:d3:b1:83:dd:0b:cd:8d:a3:
05:d7:e7:29:bd:44:5f:6c:86:4f:3e:48:57:4c:88:a7:9e:5b:
67:f9:f0:69:2a:85:5c:ff:8c:5b:0b:08:3b:28:27:4a:c9:5d:
59:f9:cf:0c:92:48:d0:1e:34:4d:09:af:36:96:d3:ea:a4:27:
ec:1e:0d:8e:ea:09:ba:db:18:c1:46:19:ae:4f:5e:f2:a8:cb:
14:91:64:fc:65:67:dc:2a:17:fe:9f:57:15:9f:96:38:c4:c2:
a5:82:e2:c4:d3:a2:ff:a6:0d:58:7b:ef:0d:a7:32:e7:57:78:
09:be:53:ac
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgIUAQ0Mn0MoWES8r1HueKmlDUHKdgAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkODU4M2UzNzktMTU3OC00MDQ0LTg0MjYtZGRjYjRhNGE4
MTkyMB4XDTI0MDEzMTE1MDQyMVoXDTI0MDQzMDE0MDQyMVowLzEtMCsGA1UEAxMk
MmZhNzIyMzctYjBkYy00NjQ0LTk1ZDYtMGUwZTdjMjFlNjgxMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BC0q4ZcTv1SHYNarxBpBbPa9ZdJjbOcruW3
1jH2yTGLe3l6dUIH/sEsHS1b7XfUVyyiF3OcDArpPMz+iTkcKzkTdsUEebMg5yqh
rsEDRFTlR3kCCf7+HUlqKJ9od1Z6jTRg0A8vb4CpUSzMpjtZHRcqVMUEBy9ExKvp
nEfOgJ207H5WcypUGVwhDyMcgQRZZ9HyzsEGNr+e0rBDLZanPugQsEgaxhjrfkWR
x+agCWhj/83pE2iyTeqY1MptnTZJhp0FtQTQ5pJ0qK4CJXVLKZGHKM4YQItUrJer
qfY8zDY8pesNFyOQwtQd9+4kQrMCl6063fHdYxG/SAjlikKU8QIDAQABo4IDfTCC
A3kwHQYDVR0OBBYEFH5My2s4oxQntJIpNEB/RjY6O8nvMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIwMy1iZGE3LTFiZTIwNDkzM2FlNS84NTgz
ZTM3OS0xNTc4LTQwNDQtODQyNi1kZGNiNGE0YTgxOTIvMzk5OWU3ZGYtZDdkZi0z
NjJlLWIzOWItNGFjYzFiOWEzYTAxLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9hNzM0MjBjYi1i
M2NjLTRiMDMtYmRhNy0xYmUyMDQ5MzNhZTUvODU4M2UzNzktMTU3OC00MDQ0LTg0
MjYtZGRjYjRhNGE4MTkyLzg1ODNlMzc5LTE1NzgtNDA0NC04NDI2LWRkY2I0YTRh
ODE5Mi5jcmwwHwYDVR0jBBgwFoAUicdfP86nXQ3DEPkjLGWSJwxjHWIwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIw
My1iZGE3LTFiZTIwNDkzM2FlNS84NTgzZTM3OS0xNTc4LTQwNDQtODQyNi1kZGNi
NGE0YTgxOTIuY2VyMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwQCQxUgAwQF
wJrAMAsDBAPAmugDAwDAmgMEA8e8WDANBAIAAjAHAwUBJgSBgDBUBgNVHSABAf8E
SjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3LmFyaW4u
bmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUAA4IBAQBf
ecazzjNCFj+xpofhaP6Z63gVhSEfLTTA46JUOx+oIBfi4zVr/WWX70+gFRamdOc+
Nt9pUg8AV1AbzW98gx7LrngzmRpw4i6IG7VsZ3KicDjZc0Q2KrnWSdjL5y7VaNTm
xXfiHqcWZaBLfigkGBEByeM6KZjCc8T4exWmQSFZFwi5CxBXpDxu07GD3QvNjaMF
1+cpvURfbIZPPkhXTIinnltn+fBpKoVc/4xbCwg7KCdKyV1Z+c8MkkjQHjRNCa82
ltPqpCfsHg2O6gm62xjBRhmuT17yqMsUkWT8ZWfcKhf+n1cVn5Y4xMKlguLE06L/
pg1Ye+8NpzLnV3gJvlOs
-----END CERTIFICATE-----
Generated at Mon May 12 11:06:13 2025 by rpki-client