Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A7272A8AF0311EF8AFBB1A0762E951A.roa
File: 1A7272A8AF0311EF8AFBB1A0762E951A.roa (raw, json)
Hash identifier: xMLB53aF9b8oxQ8kx7fMjY0Rmn3Dw4SP8Di0xraGRp0=
Subject key identifier: 4B:05:8D:14:9A:2D:B4:70:81:C3:B7:C2:D6:0E:7D:F5:B8:84:F6:39
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DC8D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A7272A8AF0311EF8AFBB1A0762E951A.roa
Signing time: Sat 30 Nov 2024 10:08:54 +0000
ROA not before: Sat 30 Nov 2024 10:08:49 +0000
ROA not after: Wed 18 Dec 2024 10:08:49 +0000
asID: 60223
IP address blocks: 156.253.240.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56461 (0xdc8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 30 10:08:49 2024 GMT
Not After : Dec 18 10:08:49 2024 GMT
Subject: CN=674ae435-26bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8f:d6:39:06:99:b5:cf:b8:3a:84:c3:46:87:
03:7d:e7:62:aa:04:29:36:53:1a:41:71:fe:8d:83:
d1:17:9d:27:ac:f1:cf:e0:a4:43:e1:da:95:9c:c8:
09:5d:38:8b:75:80:d6:ca:26:40:9d:d2:b3:34:ab:
71:17:80:f9:7a:37:8c:f3:1a:7a:b5:f8:56:6e:7b:
c1:b5:74:87:23:95:ab:86:c3:cf:ea:eb:92:ac:83:
a9:90:ca:4f:c1:eb:05:c3:d2:f0:0d:e4:70:96:ac:
ed:22:11:b2:5e:5d:c2:e1:1b:bf:4b:86:1d:39:de:
10:32:c1:28:5a:bc:bb:71:e9:d9:92:32:43:09:22:
6a:f6:2e:86:6f:c4:96:95:c1:6f:f3:e0:e6:70:ae:
01:86:08:13:7b:74:53:0e:3c:fb:7a:88:5f:8c:1b:
cf:9b:05:db:5a:fb:67:c7:24:fe:42:b1:31:b4:b3:
c8:e1:78:5d:2b:f1:4e:59:b7:54:bb:6f:45:f7:2c:
08:c6:db:50:39:56:f2:72:00:4a:20:c5:18:8b:ab:
cf:a9:aa:4e:cc:4c:f3:f2:8b:a0:36:96:34:65:a4:
7e:37:d0:d1:63:46:d4:af:b7:03:cb:f9:c6:ea:d2:
8e:94:6d:08:ea:8d:c6:aa:90:90:fe:a3:58:dc:cf:
e0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:05:8D:14:9A:2D:B4:70:81:C3:B7:C2:D6:0E:7D:F5:B8:84:F6:39
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A7272A8AF0311EF8AFBB1A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.240.0/21
Signature Algorithm: sha256WithRSAEncryption
42:a2:31:65:e2:19:86:92:0f:50:37:53:29:d0:ff:00:68:90:
d2:14:ce:00:c3:8c:f0:35:c0:1d:95:77:15:b9:c0:0a:6b:d6:
7f:44:15:b7:e2:dc:c7:8a:85:d7:c5:b6:f2:e4:f0:c8:89:c1:
2f:04:fe:cf:bb:34:29:48:15:63:79:b4:72:8e:7a:5d:98:8a:
55:41:93:c5:4f:3c:a3:81:21:32:f4:02:39:aa:60:73:76:41:
42:55:08:33:f6:a0:fa:7e:c6:6c:b4:03:31:23:16:87:32:f2:
34:75:5d:54:61:c6:f1:87:ad:75:1c:84:29:b0:57:75:b0:c2:
ca:c2:ef:df:c6:9d:9b:8d:fd:6c:f9:b4:16:e0:4f:51:6e:f6:
cd:f9:91:2b:bd:b3:bc:d2:ae:b5:e7:05:59:d0:d8:e0:02:aa:
06:d7:78:f2:97:07:5d:b4:67:3a:ab:03:87:94:6f:de:6d:0a:
08:33:da:b4:9a:41:f7:d2:90:d9:d3:da:ed:e6:68:5b:60:dd:
61:61:2d:79:87:5e:92:59:19:5e:91:74:ce:44:cc:91:cb:0b:
e5:3d:1f:a6:02:31:26:24:82:ac:1c:90:20:4a:76:ca:0e:01:
20:1b:13:c1:d7:3d:8a:e9:44:37:75:cb:08:eb:d8:97:43:ff:
b1:ef:ed:e6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANyNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTMwMTAwODQ5WhcNMjQxMjE4MTAwODQ5WjAYMRYw
FAYDVQQDEw02NzRhZTQzNS0yNmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAkY/WOQaZtc+4OoTDRocDfediqgQpNlMaQXH+jYPRF50nrPHP4KRD4dqV
nMgJXTiLdYDWyiZAndKzNKtxF4D5ejeM8xp6tfhWbnvBtXSHI5WrhsPP6uuSrIOp
kMpPwesFw9LwDeRwlqztIhGyXl3C4Ru/S4YdOd4QMsEoWry7cenZkjJDCSJq9i6G
b8SWlcFv8+DmcK4BhggTe3RTDjz7eohfjBvPmwXbWvtnxyT+QrExtLPI4XhdK/FO
WbdUu29F9ywIxttQOVbycgBKIMUYi6vPqapOzEzz8ougNpY0ZaR+N9DRY0bUr7cD
y/nG6tKOlG0I6o3GqpCQ/qNY3M/g7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEsF
jRSaLbRwgcO3wtYOffW4hPY5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQTcyNzJBOEFGMDMxMUVGOEFGQkIxQTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnP3wMA0GCSqGSIb3DQEBCwUA
A4IBAQBCojFl4hmGkg9QN1Mp0P8AaJDSFM4Aw4zwNcAdlXcVucAKa9Z/RBW34tzH
ioXXxbby5PDIicEvBP7PuzQpSBVjebRyjnpdmIpVQZPFTzyjgSEy9AI5qmBzdkFC
VQgz9qD6fsZstAMxIxaHMvI0dV1UYcbxh611HIQpsFd1sMLKwu/fxp2bjf1s+bQW
4E9RbvbN+ZErvbO80q615wVZ0NjgAqoG13jylwddtGc6qwOHlG/ebQoIM9q0mkH3
0pDZ09rt5mhbYN1hYS15h16SWRlekXTORMyRywvlPR+mAjEmJIKsHJAgSnbKDgEg
GxPB1z2K6UQ3dcsI69iXQ/+x7+3m
-----END CERTIFICATE-----
Generated at Thu Dec 19 03:19:18 2024 by rpki-client on console-fra.rpki-client.org