Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11608B6E038C11EF8E3FF94E017001B1.roa
File: 11608B6E038C11EF8E3FF94E017001B1.roa (raw, json)
Hash identifier: j8ICcbK5TVfxT1zj5EM3nlW96vqnYXZhG9P+ZpJU8rk=
Subject key identifier: 9C:43:46:2C:36:E8:1D:C3:8D:E9:A2:07:08:BE:A5:7A:67:42:E6:99
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 85DC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11608B6E038C11EF8E3FF94E017001B1.roa
Signing time: Fri 26 Apr 2024 05:16:00 +0000
ROA not before: Fri 26 Apr 2024 05:15:56 +0000
ROA not after: Sun 05 May 2024 05:15:56 +0000
asID: 141883
IP address blocks: 156.249.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34268 (0x85dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 26 05:15:56 2024 GMT
Not After : May 5 05:15:56 2024 GMT
Subject: CN=662b3890-4de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fa:89:ab:ae:30:19:54:e1:cd:46:96:a2:9f:
b4:af:02:d5:c4:5c:79:21:b8:67:2c:30:ef:f5:4a:
11:d1:d0:a6:9b:e7:a2:18:af:89:e9:65:63:2f:82:
ad:8e:2b:77:81:fd:c3:1a:bf:5d:9d:8b:27:7a:ef:
d7:5c:8d:12:79:d5:b5:3e:0c:56:6e:58:ed:5c:86:
05:8f:01:96:8a:26:ed:d0:5d:17:d5:fe:a6:e9:f7:
84:12:a3:f3:b5:45:43:b5:0a:94:52:17:62:8c:ad:
2d:94:3f:41:38:72:ac:c0:bc:0f:ff:ef:d7:ce:08:
c7:24:52:2d:49:11:29:62:15:31:e0:90:8e:a7:a3:
97:8e:70:8c:a8:18:1a:43:38:14:93:80:01:80:d9:
7a:ff:af:6a:14:3d:33:79:fb:94:c3:ae:c9:b1:6d:
17:fe:df:7b:51:b1:b6:c6:70:b8:cb:ed:ef:de:34:
41:16:38:78:a0:d4:9e:40:be:16:43:b2:c6:84:50:
33:e5:3a:f4:fd:a2:21:ff:22:c1:79:00:9f:4c:72:
e2:3b:ce:05:7b:28:46:16:28:af:7a:f1:9d:6d:8f:
ba:47:77:ea:7c:dc:75:4f:fe:c7:f8:b1:aa:b0:ab:
e5:ba:fc:c4:42:7c:6a:bd:18:a9:7d:03:e3:45:c3:
4d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:43:46:2C:36:E8:1D:C3:8D:E9:A2:07:08:BE:A5:7A:67:42:E6:99
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11608B6E038C11EF8E3FF94E017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.28.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:7d:69:98:6f:a5:54:18:7d:52:c1:61:37:f7:cf:5f:85:dd:
be:5d:ca:4e:90:41:11:16:77:bc:39:86:29:08:72:77:dc:cb:
00:ed:dd:8f:20:0f:5f:8c:1e:c8:41:7b:ce:fa:9c:76:44:e6:
08:6a:b0:aa:08:e4:c8:2c:7b:8b:e1:41:4c:e6:e0:87:42:b7:
30:4a:95:49:b4:26:6f:f2:55:54:10:8e:a0:a2:3a:4c:bc:d1:
32:ec:13:86:52:09:d0:ee:83:49:33:ee:46:b6:cd:67:54:18:
0d:e6:8a:41:f4:b8:f6:12:84:a3:e4:44:ab:aa:dc:6f:09:47:
45:2e:f2:14:f2:68:d4:5e:e7:46:ea:40:7a:e6:30:11:7c:2c:
fb:be:5d:c3:a8:2a:a0:c9:0c:a7:62:f6:be:f5:f6:86:4b:f6:
45:af:2d:4f:45:30:cd:52:9a:42:67:1a:b5:cd:25:0d:a4:45:
68:e0:63:8d:6d:b5:cc:52:90:28:44:48:4d:55:a5:b1:55:e6:
c8:55:bb:07:1d:e6:b9:70:8c:39:93:46:d1:70:59:42:ef:cc:
93:96:d6:13:80:95:1a:02:9e:3f:58:12:29:b4:5f:81:53:1e:
7b:7e:03:2e:4c:ff:02:b1:b6:93:0a:97:8a:c0:57:31:29:22:
19:9b:8c:7c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIXcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI2MDUxNTU2WhcNMjQwNTA1MDUxNTU2WjAYMRYw
FAYDVQQDEw02NjJiMzg5MC00ZGU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy/qJq64wGVThzUaWop+0rwLVxFx5IbhnLDDv9UoR0dCmm+eiGK+J6WVj
L4Ktjit3gf3DGr9dnYsneu/XXI0SedW1PgxWbljtXIYFjwGWiibt0F0X1f6m6feE
EqPztUVDtQqUUhdijK0tlD9BOHKswLwP/+/XzgjHJFItSREpYhUx4JCOp6OXjnCM
qBgaQzgUk4ABgNl6/69qFD0zefuUw67JsW0X/t97UbG2xnC4y+3v3jRBFjh4oNSe
QL4WQ7LGhFAz5Tr0/aIh/yLBeQCfTHLiO84FeyhGFiivevGdbY+6R3fqfNx1T/7H
+LGqsKvluvzEQnxqvRipfQPjRcNNnQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJxD
Riw26B3DjemiBwi+pXpnQuaZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMTYwOEI2RTAzOEMxMUVGOEUzRkY5NEUwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPkcMA0GCSqGSIb3DQEBCwUA
A4IBAQBPfWmYb6VUGH1SwWE3989fhd2+XcpOkEERFne8OYYpCHJ33MsA7d2PIA9f
jB7IQXvO+px2ROYIarCqCOTILHuL4UFM5uCHQrcwSpVJtCZv8lVUEI6gojpMvNEy
7BOGUgnQ7oNJM+5Gts1nVBgN5opB9Lj2EoSj5ESrqtxvCUdFLvIU8mjUXudG6kB6
5jARfCz7vl3DqCqgyQynYva+9faGS/ZFry1PRTDNUppCZxq1zSUNpEVo4GONbbXM
UpAoREhNVaWxVebIVbsHHea5cIw5k0bRcFlC78yTltYTgJUaAp4/WBIptF+BUx57
fgMuTP8CsbaTCpeKwFcxKSIZm4x8
-----END CERTIFICATE-----
Generated at Mon May 6 02:29:25 2024 by rpki-client on console-fra.rpki-client.org