Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/0F9B1EBCC8BD11EDA5ACDCC4F1222468.roa
File: 0F9B1EBCC8BD11EDA5ACDCC4F1222468.roa (raw, json)
Hash identifier: 6b8zu6lSfFI3XCGNl2BtbldvEjfJDCO9N23FfdBdcsI=
Subject key identifier: F2:E2:F5:74:72:B4:B6:0A:D1:F9:35:91:7E:86:D9:89:1A:24:DC:47
Certificate issuer: /CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Certificate serial: 8A
Authority key identifier: 09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
Authority info access: rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/0F9B1EBCC8BD11EDA5ACDCC4F1222468.roa
Signing time: Wed 22 Mar 2023 14:23:06 +0000
ROA not before: Wed 22 Mar 2023 14:23:00 +0000
ROA not after: Thu 21 Mar 2024 14:23:00 +0000
asID: 35913
IP address blocks: 66.251.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138 (0x8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Validity
Not Before: Mar 22 14:23:00 2023 GMT
Not After : Mar 21 14:23:00 2024 GMT
Subject: CN=641b0f49-2c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:29:ee:d2:30:7d:4c:e5:f0:11:bd:b7:59:21:
c9:0a:64:54:b8:0b:bd:ce:d1:82:34:44:b7:87:43:
af:ca:7e:ca:9a:18:1a:45:42:80:5e:3d:8a:79:fa:
da:9a:cf:30:fb:e3:c3:28:43:bc:a4:6d:7a:0b:99:
2d:fb:f8:50:80:91:fe:d3:e5:31:3e:e2:93:5b:9d:
ee:ef:24:81:ef:9b:a8:44:5f:f1:13:76:c2:93:7f:
e9:01:b5:a2:97:3a:89:64:7e:2b:33:86:45:19:da:
5b:45:f3:70:92:dd:02:b7:cd:e2:cf:68:60:5b:e5:
b5:83:4e:58:5e:20:b8:ab:5f:67:40:a9:a5:5d:a2:
30:8c:9a:bf:c2:f5:f7:99:a6:fb:e6:f9:4a:5d:a4:
31:0a:ff:94:02:e4:b4:40:88:e3:84:1d:24:f7:7f:
fc:19:fa:e0:58:e1:c3:98:f8:aa:0c:75:6d:fb:2d:
a9:77:f4:4e:50:f5:39:1a:31:5d:2f:24:e6:0d:e5:
d1:4a:59:11:76:fb:4f:45:29:ee:48:de:33:81:fd:
0e:32:00:ad:4a:db:db:df:69:dc:6f:b3:cb:b3:e0:
a3:08:6b:d7:18:6a:86:15:4c:70:6b:08:3d:08:20:
c4:03:e3:a0:96:19:cc:95:b3:98:15:91:3d:a6:4e:
ec:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:E2:F5:74:72:B4:B6:0A:D1:F9:35:91:7E:86:D9:89:1A:24:DC:47
X509v3 Authority Key Identifier:
keyid:09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/0F9B1EBCC8BD11EDA5ACDCC4F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
66.251.157.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:96:f1:e0:23:36:d3:9d:fa:8d:57:85:a4:9b:30:38:dd:42:
9d:fc:a8:f5:78:a8:bd:46:75:b8:ee:69:d5:44:87:55:74:f1:
a2:bf:3f:df:57:08:a0:c1:91:b0:ca:88:b2:c7:1f:82:16:d7:
46:cb:96:c2:c4:97:c6:9f:16:c6:e1:23:d4:49:39:ce:71:93:
ef:59:ee:52:0b:4a:de:4b:47:e2:18:a3:1d:ac:0b:31:14:95:
26:bd:44:25:27:3f:b8:fe:1b:5b:15:1f:1b:9e:61:ba:1a:48:
d9:64:b0:68:2c:23:63:35:30:23:bf:3c:f9:b9:e0:05:68:67:
8f:3e:69:53:fe:34:9e:06:4d:06:0c:62:37:b6:3c:5a:40:14:
53:23:83:dd:e8:15:2e:dc:0d:70:6d:30:76:54:fd:53:22:a9:
2e:ab:f0:14:22:cd:80:36:40:8c:fc:fa:6e:67:7b:df:2f:29:
d6:80:f8:72:04:cc:0a:a7:42:0b:6a:41:83:8d:b4:c8:b3:da:
19:67:8c:3d:f9:0d:10:07:fc:28:4f:50:dd:58:de:54:d4:39:
8f:14:6e:43:f2:0c:1a:c6:d0:ec:f5:2b:4c:fc:f6:1b:39:a3:
bb:74:b1:20:19:6b:f3:0b:41:e6:dc:51:cc:58:a7:65:a6:30:
cf:1e:61:31
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAIowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTlGOUNBUjExMC8GA1UEBRMoMDlGQjMxMzZFQ0Q1RTNEN0NGMDBCMzJDMTIxRjEy
RThBRkQwQTYwMTAeFw0yMzAzMjIxNDIzMDBaFw0yNDAzMjExNDIzMDBaMBgxFjAU
BgNVBAMMDTY0MWIwZjQ5LTJjM2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzKe7SMH1M5fARvbdZIckKZFS4C73O0YI0RLeHQ6/KfsqaGBpFQoBePYp5
+tqazzD748MoQ7ykbXoLmS37+FCAkf7T5TE+4pNbne7vJIHvm6hEX/ETdsKTf+kB
taKXOolkfiszhkUZ2ltF83CS3QK3zeLPaGBb5bWDTlheILirX2dAqaVdojCMmr/C
9feZpvvm+UpdpDEK/5QC5LRAiOOEHST3f/wZ+uBY4cOY+KoMdW37Lal39E5Q9Tka
MV0vJOYN5dFKWRF2+09FKe5I3jOB/Q4yAK1K29vfadxvs8uz4KMIa9cYaoYVTHBr
CD0IIMQD46CWGcyVs5gVkT2mTuzdAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU8uL1
dHK0tgrR+TWRfobZiRok3EcwHwYDVR0jBBgwFoAUCfsxNuzV49fPALMsEh8S6K/Q
pgEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIyNDY4L0Nmc3hO
dXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0Nmc3hOdXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIy
NDY4LzBGOUIxRUJDQzhCRDExRURBNUFDRENDNEYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABC+50wDQYJKoZIhvcNAQELBQAD
ggEBAMSW8eAjNtOd+o1XhaSbMDjdQp38qPV4qL1GdbjuadVEh1V08aK/P99XCKDB
kbDKiLLHH4IW10bLlsLEl8afFsbhI9RJOc5xk+9Z7lILSt5LR+IYox2sCzEUlSa9
RCUnP7j+G1sVHxueYboaSNlksGgsI2M1MCO/PPm54AVoZ48+aVP+NJ4GTQYMYje2
PFpAFFMjg93oFS7cDXBtMHZU/VMiqS6r8BQizYA2QIz8+m5ne98vKdaA+HIEzAqn
QgtqQYONtMiz2hlnjD35DRAH/ChPUN1Y3lTUOY8UbkPyDBrG0Oz1K0z89hs5o7t0
sSAZa/MLQebcUcxYp2WmMM8eYTE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:32 2024 by rpki-client on console-ams.rpki-client.org