Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDDAE5FE039211EFB37CF007017001B1.roa
File: CDDAE5FE039211EFB37CF007017001B1.roa (raw, json)
Hash identifier: tHN3QiLTNbst+6JG2bR2wkzFug3b9Ym8mZAOp+3/2nk=
Subject key identifier: 7A:0B:FF:C1:CB:1F:34:69:77:AA:1E:C6:49:6E:BF:32:5E:A8:37:74
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 862F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDDAE5FE039211EFB37CF007017001B1.roa
Signing time: Fri 26 Apr 2024 06:04:13 +0000
ROA not before: Fri 26 Apr 2024 06:04:09 +0000
ROA not after: Sun 05 May 2024 06:04:09 +0000
asID: 139646
IP address blocks: 156.240.32.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34351 (0x862f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 26 06:04:09 2024 GMT
Not After : May 5 06:04:09 2024 GMT
Subject: CN=662b43dc-d04a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:62:46:f4:86:b1:53:f0:f2:5d:44:c6:13:a5:
16:0e:b9:0b:76:26:2c:50:2b:e4:66:0d:d9:8c:bc:
49:9d:b8:e8:61:db:cd:be:0d:e6:c9:ca:5f:1f:14:
f4:65:1f:5b:85:5e:4b:b5:ca:ce:2f:ec:d2:57:e2:
07:23:9f:2c:49:21:1e:19:40:2a:2b:60:52:e3:b6:
4c:fe:7a:25:65:c1:2c:02:52:81:8c:31:ff:09:c9:
71:24:c8:f3:72:0d:c8:97:c1:d5:1b:9c:84:f5:d6:
cc:86:69:98:87:9b:91:05:1c:4d:b6:5d:24:37:30:
ae:14:bf:a0:ca:c0:b8:33:82:55:42:49:6c:96:ae:
7c:bd:f3:d8:37:0a:7e:37:5f:01:db:bc:f0:3d:c1:
5e:86:49:52:44:5b:aa:b6:0f:c2:47:01:0a:b1:3e:
cb:11:1d:61:89:d6:1d:2e:1b:70:c8:40:52:a0:2a:
35:f7:1b:43:fe:ad:e9:77:7f:c6:d0:fe:f2:56:6e:
1c:2b:9b:d1:09:81:fc:37:13:f3:43:66:82:49:4a:
cb:ae:57:c0:05:b0:f7:d5:13:d3:42:08:84:a9:c9:
6f:2b:9b:3a:1e:a4:8c:5d:a8:2f:e4:30:eb:0c:fc:
1c:6f:4c:6a:79:da:da:bf:20:18:f3:0b:75:ca:84:
dd:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0B:FF:C1:CB:1F:34:69:77:AA:1E:C6:49:6E:BF:32:5E:A8:37:74
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDDAE5FE039211EFB37CF007017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.32.0/20
Signature Algorithm: sha256WithRSAEncryption
60:7b:e1:41:17:f7:be:74:cb:7c:3b:df:f9:8d:f2:58:15:ec:
f2:b4:65:ff:ba:8a:3e:32:59:30:a4:6f:d5:bc:97:17:74:20:
05:8c:24:9e:7e:38:7c:10:e4:32:b2:b6:82:0b:33:ec:07:31:
8b:60:2e:b6:b4:cd:ea:de:59:d7:4b:34:0f:b4:44:51:33:51:
74:72:24:b2:d8:2f:50:40:01:33:b1:71:f3:94:95:bd:5f:1c:
58:57:fe:15:6b:f1:5f:1d:4b:27:70:09:85:19:2a:59:61:70:
00:20:65:40:83:b8:d6:a8:78:74:17:cf:88:e7:55:66:73:54:
9e:d3:cd:cf:19:fc:f4:02:bd:41:dd:eb:98:b7:c1:d8:a6:bd:
0f:59:3d:a0:c0:06:b5:92:03:cf:d1:f2:a1:e0:fb:55:b3:f2:
03:18:7b:5a:5b:76:8a:6e:c0:b3:a3:46:9b:34:15:20:94:fd:
2d:77:42:83:30:7e:65:c7:65:28:b3:25:a1:89:b4:a0:5f:e0:
44:76:05:a4:6a:49:0b:19:9c:8f:1b:80:78:70:b4:fe:2a:3a:
98:de:61:32:bf:08:ba:07:81:8a:c1:2a:6a:85:c8:02:ab:0a:
f2:aa:aa:73:84:90:06:c2:f1:69:bd:d2:6b:40:92:59:d3:2e:
92:b2:d7:62
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIYvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI2MDYwNDA5WhcNMjQwNTA1MDYwNDA5WjAYMRYw
FAYDVQQDEw02NjJiNDNkYy1kMDRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv2JG9IaxU/DyXUTGE6UWDrkLdiYsUCvkZg3ZjLxJnbjoYdvNvg3mycpf
HxT0ZR9bhV5LtcrOL+zSV+IHI58sSSEeGUAqK2BS47ZM/nolZcEsAlKBjDH/Cclx
JMjzcg3Il8HVG5yE9dbMhmmYh5uRBRxNtl0kNzCuFL+gysC4M4JVQklslq58vfPY
Nwp+N18B27zwPcFehklSRFuqtg/CRwEKsT7LER1hidYdLhtwyEBSoCo19xtD/q3p
d3/G0P7yVm4cK5vRCYH8NxPzQ2aCSUrLrlfABbD31RPTQgiEqclvK5s6HqSMXagv
5DDrDPwcb0xqedravyAY8wt1yoTd3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHoL
/8HLHzRpd6oexkluvzJeqDd0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRERBRTVGRTAzOTIxMUVGQjM3Q0YwMDcwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPAgMA0GCSqGSIb3DQEBCwUA
A4IBAQBge+FBF/e+dMt8O9/5jfJYFezytGX/uoo+MlkwpG/VvJcXdCAFjCSefjh8
EOQysraCCzPsBzGLYC62tM3q3lnXSzQPtERRM1F0ciSy2C9QQAEzsXHzlJW9XxxY
V/4Va/FfHUsncAmFGSpZYXAAIGVAg7jWqHh0F8+I51Vmc1Se083PGfz0Ar1B3euY
t8HYpr0PWT2gwAa1kgPP0fKh4PtVs/IDGHtaW3aKbsCzo0abNBUglP0td0KDMH5l
x2UosyWhibSgX+BEdgWkakkLGZyPG4B4cLT+KjqY3mEyvwi6B4GKwSpqhcgCqwry
qqpzhJAGwvFpvdJrQJJZ0y6Sstdi
-----END CERTIFICATE-----
Generated at Mon May 6 02:18:25 2024 by rpki-client on console-ams.rpki-client.org