Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4F25B014060C11EF95796936017001B1.roa
File: 4F25B014060C11EF95796936017001B1.roa (raw, json)
Hash identifier: ed/d5Tsfl/x66S9YV963tOWuo9UUhgIF1pUqBqwJRq4=
Subject key identifier: 19:66:2F:19:71:AF:B8:0E:3F:8A:FC:93:A7:7C:9B:00:B4:03:CD:2A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 86A2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4F25B014060C11EF95796936017001B1.roa
Signing time: Mon 29 Apr 2024 09:39:01 +0000
ROA not before: Mon 29 Apr 2024 09:38:58 +0000
ROA not after: Tue 14 May 2024 09:38:58 +0000
asID: 7018
IP address blocks: 156.249.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34466 (0x86a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 29 09:38:58 2024 GMT
Not After : May 14 09:38:58 2024 GMT
Subject: CN=662f6ab5-615e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cb:48:aa:b7:c3:f6:b8:42:46:0b:76:22:09:
ac:7e:20:c8:54:88:20:c6:9e:24:ee:2a:4a:91:77:
95:88:62:e3:34:33:29:0e:02:5c:54:8c:3b:93:a5:
51:87:78:88:2f:37:9e:73:d6:07:5f:48:c8:1f:a8:
aa:36:97:70:89:a1:d0:54:b9:cb:c6:83:ee:3b:ff:
ce:55:1f:df:e0:06:21:c0:19:a8:a1:89:4b:2b:f8:
5a:6f:dc:eb:c1:d5:e2:a6:d7:24:9a:37:bd:af:45:
f9:ac:4a:eb:e9:2b:e3:ec:8c:05:93:bc:4a:31:61:
37:8a:42:c5:e3:69:c0:f3:fc:ad:8f:2d:b2:7e:a0:
fa:28:a3:d5:49:a4:7c:f9:17:7e:8d:80:f2:32:8b:
72:5f:2d:44:5a:23:67:24:95:71:58:43:34:f3:6d:
0d:4f:dc:ed:92:22:54:99:f7:fb:85:7a:f6:7c:67:
20:b1:79:13:64:9f:49:e0:f5:70:37:25:dc:8e:af:
eb:c6:91:58:cb:70:72:2a:85:43:13:80:14:f0:75:
ff:d2:62:34:e5:3e:3b:82:f2:d0:08:cb:8a:74:c7:
32:16:ad:78:6b:68:0f:44:34:c2:c6:96:ee:24:57:
b3:98:09:7d:67:2d:40:f6:3b:3f:00:ac:f0:17:53:
cd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:66:2F:19:71:AF:B8:0E:3F:8A:FC:93:A7:7C:9B:00:B4:03:CD:2A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4F25B014060C11EF95796936017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.48.0/21
Signature Algorithm: sha256WithRSAEncryption
70:08:e8:1e:59:b9:c2:99:42:c9:f7:79:94:c5:a1:4b:2f:57:
41:d5:16:fb:52:46:d5:8f:ff:48:56:00:3e:0e:39:de:2f:d4:
64:e8:35:4f:eb:bd:3a:cd:a0:84:30:a2:2f:d8:47:a9:85:6a:
82:ac:e0:59:fc:b7:bd:6d:1f:8f:3e:31:93:1b:f2:c5:02:0b:
29:c6:90:54:e0:41:0c:b6:e8:52:fe:c9:b6:55:06:15:4c:7e:
44:5f:86:8d:7c:37:a6:61:04:33:2c:b5:14:69:2f:39:46:bf:
59:19:19:b1:d9:3b:b4:8c:e2:85:41:77:93:6f:5f:5b:36:cf:
47:87:c5:76:05:82:35:1f:4d:b9:6e:68:7e:9f:c5:75:37:91:
41:c7:56:86:80:4c:1a:12:9a:ff:b3:5a:56:07:82:e4:a7:4f:
a8:30:52:bc:7f:33:bb:23:ea:2e:a1:5a:7f:4f:b1:65:6a:3e:
5d:51:dd:37:b8:01:dc:a7:c3:1c:34:26:76:58:02:aa:2b:b9:
24:61:a8:29:4d:61:c8:f6:06:0a:cd:e8:4b:34:81:24:01:21:
d1:89:63:ae:ad:4b:d5:66:82:ab:a6:a4:78:61:f7:93:30:9c:
c3:f7:a2:6b:fb:97:34:cf:54:fb:13:e4:c0:30:92:cd:82:27:
1a:65:d7:2e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIaiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI5MDkzODU4WhcNMjQwNTE0MDkzODU4WjAYMRYw
FAYDVQQDEw02NjJmNmFiNS02MTVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt8tIqrfD9rhCRgt2IgmsfiDIVIggxp4k7ipKkXeViGLjNDMpDgJcVIw7
k6VRh3iILzeec9YHX0jIH6iqNpdwiaHQVLnLxoPuO//OVR/f4AYhwBmooYlLK/ha
b9zrwdXiptckmje9r0X5rErr6Svj7IwFk7xKMWE3ikLF42nA8/ytjy2yfqD6KKPV
SaR8+Rd+jYDyMotyXy1EWiNnJJVxWEM0820NT9ztkiJUmff7hXr2fGcgsXkTZJ9J
4PVwNyXcjq/rxpFYy3ByKoVDE4AU8HX/0mI05T47gvLQCMuKdMcyFq14a2gPRDTC
xpbuJFezmAl9Zy1A9js/AKzwF1PNCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBlm
Lxlxr7gOP4r8k6d8mwC0A80qMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RjI1QjAxNDA2MEMxMUVGOTU3OTY5MzYwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPkwMA0GCSqGSIb3DQEBCwUA
A4IBAQBwCOgeWbnCmULJ93mUxaFLL1dB1Rb7UkbVj/9IVgA+DjneL9Rk6DVP6706
zaCEMKIv2EephWqCrOBZ/Le9bR+PPjGTG/LFAgspxpBU4EEMtuhS/sm2VQYVTH5E
X4aNfDemYQQzLLUUaS85Rr9ZGRmx2Tu0jOKFQXeTb19bNs9Hh8V2BYI1H025bmh+
n8V1N5FBx1aGgEwaEpr/s1pWB4Lkp0+oMFK8fzO7I+ouoVp/T7Flaj5dUd03uAHc
p8McNCZ2WAKqK7kkYagpTWHI9gYKzehLNIEkASHRiWOurUvVZoKrpqR4YfeTMJzD
96Jr+5c0z1T7E+TAMJLNgicaZdcu
-----END CERTIFICATE-----
Generated at Wed May 15 03:10:47 2024 by rpki-client on console-ams.rpki-client.org