Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F2237B67F0C11EF9E0A8CBD762E951A.roa
File: 0F2237B67F0C11EF9E0A8CBD762E951A.roa (raw, json)
Hash identifier: gnFuJ3QJ2LtWYT7Fh41bugFV9M+FzHx78/996l2APBA=
Subject key identifier: DB:86:A1:A9:06:01:83:6E:39:89:DC:A1:99:C3:63:6B:44:4B:28:7B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: BD9D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F2237B67F0C11EF9E0A8CBD762E951A.roa
Signing time: Mon 30 Sep 2024 09:12:04 +0000
ROA not before: Mon 30 Sep 2024 09:12:01 +0000
ROA not after: Thu 21 Nov 2024 09:12:01 +0000
asID: 63139
IP address blocks: 156.227.224.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48541 (0xbd9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 30 09:12:01 2024 GMT
Not After : Nov 21 09:12:01 2024 GMT
Subject: CN=66fa6b64-6df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a5:db:02:6c:c8:c4:59:56:fc:cd:12:8d:91:
f7:17:b1:5b:5d:58:1e:8d:d6:01:3a:a3:c7:a8:52:
49:04:ff:48:de:e7:37:23:b2:6b:a8:e9:df:6e:0a:
f4:59:c9:64:4b:b5:b5:46:d0:6b:a5:77:08:5f:ff:
e1:62:59:2b:36:31:1b:dd:65:ae:5c:43:c0:55:9d:
ce:09:9e:df:2d:dd:e7:46:16:31:23:99:78:c6:37:
dd:d1:cc:17:5a:38:d4:d5:11:04:0f:5d:9b:e8:63:
f8:6e:cb:6e:c3:a7:d9:17:e2:a2:92:06:8c:19:47:
e3:af:42:e1:48:25:e5:db:f5:6a:fd:3e:35:e6:fa:
f0:17:d1:c3:21:a1:92:ee:88:48:54:0f:0d:12:8d:
2c:18:4a:70:0e:97:81:35:5d:eb:d1:39:8c:51:01:
bd:43:04:ce:24:be:12:bb:1b:8e:36:60:34:a7:7e:
52:e7:24:74:4a:da:8c:51:c9:52:e6:8b:4a:f7:77:
b9:b2:a9:c6:6b:2c:4e:f9:a3:12:dd:cf:66:ba:b1:
20:5c:b5:23:31:7c:23:96:84:be:56:05:b1:4c:ae:
ef:7d:d5:66:af:8e:29:e3:2a:fb:5b:57:89:ac:ab:
4c:1a:4f:51:44:06:bf:cb:47:82:11:ec:ed:92:e0:
2b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:86:A1:A9:06:01:83:6E:39:89:DC:A1:99:C3:63:6B:44:4B:28:7B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F2237B67F0C11EF9E0A8CBD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.224.0/21
Signature Algorithm: sha256WithRSAEncryption
36:08:f7:c7:c7:63:56:e9:f4:9e:41:0d:bf:70:50:d1:c2:80:
21:a1:00:74:f5:37:61:70:e0:fa:fd:77:5f:96:4e:be:67:06:
47:0d:7a:f1:59:7a:bd:ee:74:cc:72:f1:26:5f:24:2d:46:07:
83:cc:1f:fa:40:c4:f9:af:ee:bd:8c:c8:e5:28:79:f2:8b:d6:
bc:8b:b7:93:e7:1b:1a:57:67:58:27:4c:d8:d4:e7:73:fa:2a:
b9:a4:fa:3f:4b:73:1f:2f:0c:ef:eb:80:65:6f:fd:55:7c:12:
a9:bc:f8:68:3a:3a:01:00:e6:34:f7:fb:d5:ed:2f:60:e4:30:
0d:7f:67:a9:d3:49:e9:a9:57:78:90:2b:9f:6e:a0:f7:4a:fa:
05:6b:12:71:fb:8b:63:d2:22:3b:72:4e:93:52:22:84:db:22:
0a:39:41:dc:9a:d6:59:d8:6f:f5:e0:b8:7b:14:f4:4c:50:8b:
2c:87:e5:33:37:30:c7:0c:df:a2:f4:70:21:5c:cc:69:8a:5c:
40:c8:eb:b5:10:09:01:41:f2:57:55:15:35:de:fd:73:71:c2:
03:85:42:39:11:af:cc:56:0a:8f:1b:7c:90:c5:67:55:2a:ee:
d3:1a:13:48:3d:1c:ae:b0:b8:7c:a5:ed:d9:4a:fc:92:8b:fa:
f1:9d:fb:69
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAL2dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTMwMDkxMjAxWhcNMjQxMTIxMDkxMjAxWjAYMRYw
FAYDVQQDEw02NmZhNmI2NC02ZGY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0aXbAmzIxFlW/M0SjZH3F7FbXVgejdYBOqPHqFJJBP9I3uc3I7JrqOnf
bgr0WclkS7W1RtBrpXcIX//hYlkrNjEb3WWuXEPAVZ3OCZ7fLd3nRhYxI5l4xjfd
0cwXWjjU1REED12b6GP4bstuw6fZF+KikgaMGUfjr0LhSCXl2/Vq/T415vrwF9HD
IaGS7ohIVA8NEo0sGEpwDpeBNV3r0TmMUQG9QwTOJL4SuxuONmA0p35S5yR0StqM
UclS5otK93e5sqnGayxO+aMS3c9murEgXLUjMXwjloS+VgWxTK7vfdVmr44p4yr7
W1eJrKtMGk9RRAa/y0eCEeztkuArMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNuG
oakGAYNuOYncoZnDY2tESyh7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRjIyMzdCNjdGMEMxMUVGOUUwQThDQkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOPgMA0GCSqGSIb3DQEBCwUA
A4IBAQA2CPfHx2NW6fSeQQ2/cFDRwoAhoQB09TdhcOD6/Xdflk6+ZwZHDXrxWXq9
7nTMcvEmXyQtRgeDzB/6QMT5r+69jMjlKHnyi9a8i7eT5xsaV2dYJ0zY1Odz+iq5
pPo/S3MfLwzv64Blb/1VfBKpvPhoOjoBAOY09/vV7S9g5DANf2ep00npqVd4kCuf
bqD3SvoFaxJx+4tj0iI7ck6TUiKE2yIKOUHcmtZZ2G/14Lh7FPRMUIssh+UzNzDH
DN+i9HAhXMxpilxAyOu1EAkBQfJXVRU13v1zccIDhUI5Ea/MVgqPG3yQxWdVKu7T
GhNIPRyusLh8pe3ZSvySi/rxnftp
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:19 2024 by rpki-client on console-ams.rpki-client.org