Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D1998B0088C11EFA5E0DF0D017001B1.roa
File: 1D1998B0088C11EFA5E0DF0D017001B1.roa (raw, json)
Hash identifier: ibIQDrRJ411YlUE+IO3RaSlolCbmyrsijFHiI/Gcajc=
Subject key identifier: C7:F2:10:54:3D:4B:DB:FE:23:35:D7:88:86:4F:84:F1:F5:68:11:83
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8758
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D1998B0088C11EFA5E0DF0D017001B1.roa
Signing time: Thu 02 May 2024 13:58:55 +0000
ROA not before: Thu 02 May 2024 13:58:51 +0000
ROA not after: Sat 11 May 2024 13:58:51 +0000
asID: 39600
IP address blocks: 156.238.120.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34648 (0x8758)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 2 13:58:51 2024 GMT
Not After : May 11 13:58:51 2024 GMT
Subject: CN=66339c1f-2a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6c:65:5d:16:1b:5d:9d:ff:92:b5:68:66:49:
05:ea:c8:bb:94:34:82:8a:34:ea:73:de:4f:15:a4:
04:33:90:9d:27:87:7e:08:79:95:02:f1:c7:ac:81:
5b:b2:94:cb:78:52:d1:71:56:41:45:8c:f4:09:64:
82:ea:9b:58:fe:fc:5e:c6:3d:ab:1d:12:4d:dd:4a:
4d:a1:57:72:d6:f1:56:7e:92:3b:b0:bb:52:04:c9:
02:2c:cf:9d:de:b4:26:46:af:ff:c8:18:34:88:b9:
b4:fc:70:41:83:bd:54:ab:8d:5a:9a:74:e1:18:33:
68:c0:f8:20:a0:7a:52:c3:03:fc:40:a2:cf:07:44:
6f:20:7c:d8:7e:82:98:e4:36:11:47:98:22:1a:e4:
cb:62:d0:b1:84:52:22:08:f8:38:df:97:c5:11:16:
d6:25:dc:3b:5e:6f:61:14:d7:0d:ae:27:fb:4f:6d:
d0:66:27:e4:4b:ad:c5:4e:02:ca:cb:ad:a9:6d:28:
9a:6d:e2:83:17:31:c0:df:35:f5:5b:17:72:31:08:
51:e4:87:1f:e9:cd:bc:82:9b:5a:b2:4c:00:1d:0e:
05:54:ab:ae:e1:db:b8:22:d9:ac:d8:f0:86:a6:99:
68:02:ea:9c:c5:cc:75:3a:2a:07:5f:b7:08:ff:c4:
80:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F2:10:54:3D:4B:DB:FE:23:35:D7:88:86:4F:84:F1:F5:68:11:83
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D1998B0088C11EFA5E0DF0D017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.120.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:3f:96:43:77:3f:39:dd:c1:76:30:5c:94:8c:1c:0e:39:e6:
93:fb:d3:fd:01:7f:69:87:84:7f:0d:f7:2e:4b:4c:bd:48:a4:
93:a4:1f:c7:ee:17:15:06:a0:82:dc:e9:c0:9b:91:fb:bc:40:
3e:37:a9:b4:1c:9a:16:ca:15:58:62:a9:17:1c:c8:65:35:e6:
32:23:a3:1c:71:81:fa:63:dd:d9:0a:8e:f7:02:58:91:2f:30:
69:22:13:cf:9c:c5:a6:29:a7:3c:13:24:5f:9d:24:98:af:15:
f9:a0:47:e1:08:33:d6:48:8f:1b:8f:9b:02:35:c4:c7:7a:01:
06:4a:51:7f:70:89:00:26:e3:74:58:9b:6e:fa:12:a5:73:e2:
0d:ea:a6:bf:95:78:d9:4a:6b:e6:0e:e2:c0:8c:95:c0:30:9e:
91:b1:39:7a:68:05:e1:9e:63:4a:36:0c:a7:7a:c8:11:63:73:
73:dd:5b:5d:1a:c6:4d:55:bb:3d:da:c4:4b:1c:77:59:ff:4c:
00:08:03:42:e3:07:ee:5b:e0:89:52:0c:02:2d:17:56:f1:1a:
a2:5a:ee:32:6d:b1:22:d0:bd:7e:45:c4:ea:5d:d7:42:0c:ce:
cd:08:b8:2c:5a:f1:b3:60:fa:4a:22:49:3f:b0:e2:5c:46:7d:
1a:38:9c:f7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIdYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTAyMTM1ODUxWhcNMjQwNTExMTM1ODUxWjAYMRYw
FAYDVQQDEw02NjMzOWMxZi0yYTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwWxlXRYbXZ3/krVoZkkF6si7lDSCijTqc95PFaQEM5CdJ4d+CHmVAvHH
rIFbspTLeFLRcVZBRYz0CWSC6ptY/vxexj2rHRJN3UpNoVdy1vFWfpI7sLtSBMkC
LM+d3rQmRq//yBg0iLm0/HBBg71Uq41amnThGDNowPggoHpSwwP8QKLPB0RvIHzY
foKY5DYRR5giGuTLYtCxhFIiCPg435fFERbWJdw7Xm9hFNcNrif7T23QZifkS63F
TgLKy62pbSiabeKDFzHA3zX1WxdyMQhR5Icf6c28gptaskwAHQ4FVKuu4du4Itms
2PCGpploAuqcxcx1OioHX7cI/8SAgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMfy
EFQ9S9v+IzXXiIZPhPH1aBGDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRDE5OThCMDA4OEMxMUVGQTVFMERGMEQwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnO54MA0GCSqGSIb3DQEBCwUA
A4IBAQA/P5ZDdz853cF2MFyUjBwOOeaT+9P9AX9ph4R/DfcuS0y9SKSTpB/H7hcV
BqCC3OnAm5H7vEA+N6m0HJoWyhVYYqkXHMhlNeYyI6MccYH6Y93ZCo73AliRLzBp
IhPPnMWmKac8EyRfnSSYrxX5oEfhCDPWSI8bj5sCNcTHegEGSlF/cIkAJuN0WJtu
+hKlc+IN6qa/lXjZSmvmDuLAjJXAMJ6RsTl6aAXhnmNKNgynesgRY3Nz3VtdGsZN
Vbs92sRLHHdZ/0wACANC4wfuW+CJUgwCLRdW8RqiWu4ybbEi0L1+RcTqXddCDM7N
CLgsWvGzYPpKIkk/sOJcRn0aOJz3
-----END CERTIFICATE-----
Generated at Sun May 12 02:36:22 2024 by rpki-client on console-ams.rpki-client.org