Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/918A8084E2C511EEA3FAE2A3775412E6.roa
File: 918A8084E2C511EEA3FAE2A3775412E6.roa (raw, json)
Hash identifier: rA+l9auEBlRfxancURnQpgBO5OaNxFonWYaUFdvssSs=
Subject key identifier: 84:C1:44:A8:64:B1:44:64:32:D6:F8:E9:CA:90:45:7B:BD:33:D8:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 7E84
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/918A8084E2C511EEA3FAE2A3775412E6.roa
Signing time: Fri 15 Mar 2024 12:14:27 +0000
ROA not before: Fri 15 Mar 2024 12:14:24 +0000
ROA not after: Fri 19 Apr 2024 12:14:24 +0000
asID: 23470
IP address blocks: 156.252.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32388 (0x7e84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 15 12:14:24 2024 GMT
Not After : Apr 19 12:14:24 2024 GMT
Subject: CN=65f43ba3-ced6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:24:e8:b0:1c:b4:27:49:9b:be:1e:09:3c:d2:
0a:ac:05:7f:40:65:0d:d6:5d:d8:10:d1:39:e6:05:
60:14:fb:46:ec:0e:85:21:76:05:f1:a2:e6:45:66:
f6:a6:11:26:1b:e0:7e:2b:93:bd:5e:03:14:86:20:
b8:d6:de:01:89:a4:cf:00:a5:ae:32:aa:4d:8e:9a:
b7:82:de:dd:b4:a3:14:3f:33:87:39:d5:51:5e:04:
b9:45:7d:49:7c:6c:8b:77:53:9a:71:92:30:f1:81:
c5:94:6d:f7:d0:b1:65:ba:2e:dc:e4:75:50:fa:41:
19:fb:8d:61:a4:77:61:d3:df:23:0d:0a:c3:c4:fe:
50:47:fc:f3:09:75:82:3c:8e:c7:8d:88:3a:8e:b2:
a0:53:cc:5c:d3:46:4f:04:2c:b9:4f:f6:03:95:6e:
6b:13:c8:91:d1:12:02:87:94:75:b3:f5:74:2f:8d:
3c:22:19:f6:db:5e:0c:4b:0d:4b:52:15:79:ff:6d:
0f:06:15:44:26:56:bd:7b:76:85:35:c5:cc:a4:76:
cf:98:98:62:c7:1f:8d:a6:a2:59:bc:c7:45:39:29:
19:0b:ad:08:06:e6:5a:58:97:36:f5:c3:43:70:f6:
1a:07:09:87:fd:4a:0c:12:73:23:e6:84:1b:55:74:
77:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C1:44:A8:64:B1:44:64:32:D6:F8:E9:CA:90:45:7B:BD:33:D8:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/918A8084E2C511EEA3FAE2A3775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.0.0/24
Signature Algorithm: sha256WithRSAEncryption
41:9a:3e:c0:26:50:b9:c8:02:8d:71:8e:d1:d0:4b:01:6a:36:
48:f0:28:d3:01:a9:3b:19:6b:fd:57:b2:96:a2:3c:eb:f1:64:
75:03:23:dd:f5:d9:eb:d0:dc:06:38:6e:5a:91:9d:af:f6:f3:
e5:6b:9c:ea:f1:d7:0e:ed:d5:db:98:ea:17:f5:d9:a5:72:18:
2d:b1:04:fd:6f:03:ea:4f:f2:18:18:5a:bb:8d:6c:74:59:b8:
2d:c1:cd:57:f3:48:4f:ee:ce:b4:8c:62:ec:22:ab:75:c3:89:
91:f0:d7:e1:30:5f:d7:4a:ec:0e:9b:ea:1a:02:f2:87:0e:27:
a9:56:c9:e7:e2:18:bd:77:3c:4f:6d:52:d3:7f:7b:02:6b:15:
2f:1d:fa:b5:b9:8a:42:f7:e1:bc:e7:13:17:18:59:84:05:15:
6b:ea:f3:1f:08:83:48:45:07:f0:8a:d5:52:29:12:db:28:50:
af:10:4f:2c:6e:9a:ec:b0:f5:d0:92:0f:c2:a3:17:e2:1d:b1:
26:f3:3c:92:c3:e3:0e:f2:32:90:eb:f9:27:c8:30:56:43:03:
27:ef:62:e3:b4:3d:20:c5:ef:28:4a:23:ef:9a:c0:78:ee:a2:
9c:b5:18:62:f0:1c:f2:76:ec:56:d2:09:7f:d5:2a:57:da:ef:
19:9c:08:72
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICfoQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yNDAzMTUxMjE0MjRaFw0yNDA0MTkxMjE0MjRaMBgxFjAU
BgNVBAMTDTY1ZjQzYmEzLWNlZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFJOiwHLQnSZu+Hgk80gqsBX9AZQ3WXdgQ0TnmBWAU+0bsDoUhdgXxouZF
ZvamESYb4H4rk71eAxSGILjW3gGJpM8Apa4yqk2OmreC3t20oxQ/M4c51VFeBLlF
fUl8bIt3U5pxkjDxgcWUbffQsWW6LtzkdVD6QRn7jWGkd2HT3yMNCsPE/lBH/PMJ
dYI8jseNiDqOsqBTzFzTRk8ELLlP9gOVbmsTyJHREgKHlHWz9XQvjTwiGfbbXgxL
DUtSFXn/bQ8GFUQmVr17doU1xcykds+YmGLHH42molm8x0U5KRkLrQgG5lpYlzb1
w0Nw9hoHCYf9SgwScyPmhBtVdHcjAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUhMFE
qGSxRGQy1vjpypBFe70z2AYwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzkxOEE4MDg0RTJDNTExRUVBM0ZBRTJBMzc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc/AAwDQYJKoZIhvcNAQELBQAD
ggEBAEGaPsAmULnIAo1xjtHQSwFqNkjwKNMBqTsZa/1XspaiPOvxZHUDI9312evQ
3AY4blqRna/28+VrnOrx1w7t1duY6hf12aVyGC2xBP1vA+pP8hgYWruNbHRZuC3B
zVfzSE/uzrSMYuwiq3XDiZHw1+EwX9dK7A6b6hoC8ocOJ6lWyefiGL13PE9tUtN/
ewJrFS8d+rW5ikL34bznExcYWYQFFWvq8x8Ig0hFB/CK1VIpEtsoUK8QTyxumuyw
9dCSD8KjF+IdsSbzPJLD4w7yMpDr+SfIMFZDAyfvYuO0PSDF7yhKI++awHjuopy1
GGLwHPJ27FbSCX/VKlfa7xmcCHI=
-----END CERTIFICATE-----
Generated at Sat Apr 20 04:51:51 2024 by rpki-client on console-ams.rpki-client.org