Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29AF2D52039011EF8E0AEB6F017001B1.roa
File: 29AF2D52039011EF8E0AEB6F017001B1.roa (raw, json)
Hash identifier: s+k9PERlvhyjModRIypEybNgEKIeRAn67RMb/TbdMGM=
Subject key identifier: 1F:8E:C0:19:34:3D:FF:06:5A:22:CD:01:D8:06:74:05:E1:E0:EE:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8602
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29AF2D52039011EF8E0AEB6F017001B1.roa
Signing time: Fri 26 Apr 2024 05:45:18 +0000
ROA not before: Fri 26 Apr 2024 05:45:15 +0000
ROA not after: Sun 05 May 2024 05:45:15 +0000
asID: 139646
IP address blocks: 45.200.24.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34306 (0x8602)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 26 05:45:15 2024 GMT
Not After : May 5 05:45:15 2024 GMT
Subject: CN=662b3f6e-b599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8a:1f:a0:56:0d:39:89:a5:d4:65:af:cd:6a:
8c:cf:60:33:e5:1d:4a:54:89:b7:bb:41:d0:56:70:
a6:3e:b3:f4:8b:e9:51:4d:11:3c:64:ce:a2:50:e6:
66:0a:ab:71:1d:9c:6b:1b:b1:c7:21:9a:b2:c2:55:
6b:dc:f5:04:d4:1d:8f:67:09:81:ab:65:20:d7:ad:
07:fd:5b:69:95:6d:be:d3:e9:d7:76:a2:ea:05:b1:
80:43:14:4d:d8:2f:f3:4e:2b:02:f3:63:7f:43:26:
01:ec:53:c7:c9:a1:9a:0b:62:3f:c0:46:f5:11:47:
d6:a8:53:45:2a:c2:6f:80:2a:74:58:c5:df:ed:6a:
a2:c5:1d:e4:d0:52:1c:58:b9:dc:75:44:02:22:d4:
6b:7f:55:f2:e0:ce:fe:1c:d9:c0:1a:ed:d8:f3:1a:
3d:1d:ad:a3:39:74:85:bb:20:f7:97:46:01:40:23:
b8:d9:16:c1:6a:37:c6:8e:a6:7c:f5:ee:f9:07:99:
01:4a:3a:b5:21:f9:01:52:33:40:4f:f0:54:ec:0d:
fd:52:dc:16:e1:1c:1f:02:66:59:e4:e4:0c:9c:20:
44:3b:04:8f:ec:e2:ec:61:0c:54:f1:eb:85:0e:4e:
d0:28:23:29:ef:57:04:7e:00:99:20:9a:90:70:df:
bc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:8E:C0:19:34:3D:FF:06:5A:22:CD:01:D8:06:74:05:E1:E0:EE:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29AF2D52039011EF8E0AEB6F017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.24.0/21
Signature Algorithm: sha256WithRSAEncryption
35:e5:ab:fc:71:e3:8b:15:89:a3:cb:d3:ae:58:92:41:6c:c3:
2d:d0:e2:1a:3a:e4:2d:bd:80:34:61:8e:31:34:b4:b7:a2:7b:
e5:a5:6a:c6:09:72:ef:c2:91:b2:40:2e:9f:76:94:0c:a7:4f:
49:2b:3a:6b:83:46:d8:75:8e:6c:86:59:b9:a6:55:a2:9d:f1:
1c:bf:64:6f:b6:af:ca:4a:1f:9f:e1:55:a6:ba:c8:e4:af:a6:
c7:2e:a2:e1:ff:e2:10:a5:24:25:57:a8:a6:f1:3d:9b:13:be:
01:a3:8d:f0:53:52:27:35:0d:ba:e9:9c:c4:89:bd:3f:34:8a:
dc:89:51:4e:8f:c7:44:fc:52:4f:d4:1a:78:d5:13:07:e5:5c:
8c:08:cd:07:be:c9:56:f5:f1:91:f9:cf:94:f4:9e:83:09:6d:
54:c5:3a:65:c5:58:eb:0e:2d:06:40:9d:fc:1b:a0:fb:f1:9b:
1f:e6:ab:f2:93:dc:2b:34:85:9b:a6:01:de:9d:4b:97:03:ee:
d2:30:90:bc:89:35:5e:1f:6b:81:01:c8:fb:e7:1b:6c:81:e3:
5c:a0:fd:a2:2f:76:48:b6:38:71:ef:a6:74:bd:6b:a9:df:fd:
80:dc:4c:22:c0:42:18:e7:3c:09:06:26:0d:1e:a3:2b:48:16:
6f:87:60:36
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIYCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI2MDU0NTE1WhcNMjQwNTA1MDU0NTE1WjAYMRYw
FAYDVQQDEw02NjJiM2Y2ZS1iNTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw4ofoFYNOYml1GWvzWqMz2Az5R1KVIm3u0HQVnCmPrP0i+lRTRE8ZM6i
UOZmCqtxHZxrG7HHIZqywlVr3PUE1B2PZwmBq2Ug160H/VtplW2+0+nXdqLqBbGA
QxRN2C/zTisC82N/QyYB7FPHyaGaC2I/wEb1EUfWqFNFKsJvgCp0WMXf7WqixR3k
0FIcWLncdUQCItRrf1Xy4M7+HNnAGu3Y8xo9Ha2jOXSFuyD3l0YBQCO42RbBajfG
jqZ89e75B5kBSjq1IfkBUjNAT/BU7A39UtwW4RwfAmZZ5OQMnCBEOwSP7OLsYQxU
8euFDk7QKCMp71cEfgCZIJqQcN+80QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB+O
wBk0Pf8GWiLNAdgGdAXh4O7eMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yOUFGMkQ1MjAzOTAxMUVGOEUwQUVCNkYwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcgYMA0GCSqGSIb3DQEBCwUA
A4IBAQA15av8ceOLFYmjy9OuWJJBbMMt0OIaOuQtvYA0YY4xNLS3onvlpWrGCXLv
wpGyQC6fdpQMp09JKzprg0bYdY5shlm5plWinfEcv2Rvtq/KSh+f4VWmusjkr6bH
LqLh/+IQpSQlV6im8T2bE74Bo43wU1InNQ266ZzEib0/NIrciVFOj8dE/FJP1Bp4
1RMH5VyMCM0HvslW9fGR+c+U9J6DCW1UxTplxVjrDi0GQJ38G6D78Zsf5qvyk9wr
NIWbpgHenUuXA+7SMJC8iTVeH2uBAcj75xtsgeNcoP2iL3ZItjhx76Z0vWup3/2A
3EwiwEIY5zwJBiYNHqMrSBZvh2A2
-----END CERTIFICATE-----
Generated at Mon May 6 02:18:24 2024 by rpki-client on console-ams.rpki-client.org