Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2004AE1A418611EFA61D2190762E951A.roa
File: 2004AE1A418611EFA61D2190762E951A.roa (raw, json)
Hash identifier: ApmPnWE/mjo0jyvIKswQt+qwTnMHo+53f7cz4D88krw=
Subject key identifier: 8E:C1:13:16:AF:E7:45:BB:09:AF:51:60:D5:19:2E:FA:31:4D:D0:0D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9C37
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2004AE1A418611EFA61D2190762E951A.roa
Signing time: Sun 14 Jul 2024 02:09:39 +0000
ROA not before: Sun 14 Jul 2024 02:09:36 +0000
ROA not after: Tue 13 Aug 2024 02:09:36 +0000
asID: 138915
IP address blocks: 156.244.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39991 (0x9c37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 14 02:09:36 2024 GMT
Not After : Aug 13 02:09:36 2024 GMT
Subject: CN=66933363-c99a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a6:d8:a9:b7:26:17:a9:09:6f:fd:b1:04:57:
14:bb:c2:3d:8b:5a:50:76:de:16:ec:36:eb:4b:1e:
46:3c:cc:eb:93:05:41:f0:a3:29:aa:b1:f4:c5:77:
20:cc:a0:dc:33:17:8e:17:67:af:28:84:23:65:de:
65:63:17:ec:0b:50:2e:86:4c:3a:dd:2d:c1:b1:cc:
6e:6f:2e:f1:82:4d:f9:3e:f4:c5:e4:8c:c5:92:5f:
d4:bf:df:10:00:f5:3f:05:f4:0c:68:8a:24:17:9b:
8e:2b:1b:47:05:45:39:95:f8:81:c9:ab:19:35:4c:
a4:47:63:91:81:b4:ee:62:c0:27:7b:84:c5:90:ab:
ef:48:ab:a3:78:63:d3:ce:a3:e8:98:72:c7:09:7b:
cb:2c:f0:8d:00:d2:55:3c:1c:fa:56:c8:ec:65:0c:
b5:e2:7d:4a:e7:f4:96:2a:74:dd:ca:3d:e7:9d:56:
84:d9:68:fb:3e:07:17:73:e1:f9:32:57:a3:9e:de:
65:c6:96:f3:09:e9:71:07:ae:f9:04:6d:84:f5:21:
a9:14:e8:30:ad:4a:e8:cc:41:bb:53:71:40:67:3c:
0c:b9:cc:24:5c:1b:f5:0c:b0:05:fb:cd:b8:fd:cb:
c9:47:96:22:88:8a:c5:ec:fa:38:48:02:1b:39:a7:
36:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C1:13:16:AF:E7:45:BB:09:AF:51:60:D5:19:2E:FA:31:4D:D0:0D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2004AE1A418611EFA61D2190762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.20.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:7f:0b:65:0d:f3:2f:a9:ac:95:df:03:ef:4f:98:14:8f:b1:
21:99:a8:8e:50:28:44:72:65:49:a2:2e:d1:4a:d0:ac:2a:38:
bc:e6:96:07:2d:74:cc:be:94:71:40:f3:ed:09:99:58:76:af:
73:72:38:0a:b7:01:b8:44:a3:fb:12:94:c9:24:f7:8e:e0:f3:
18:33:28:5f:99:55:05:c7:b0:1b:ca:a7:87:3e:03:fa:5d:42:
7d:84:37:46:b5:7d:2e:a4:c1:60:15:d4:ee:61:c5:1a:66:4e:
2d:f2:1b:23:a0:ce:cb:19:77:38:b7:ac:e2:ae:69:6a:65:0c:
72:7b:42:5d:db:43:99:38:91:22:d6:3a:54:b3:39:32:79:04:
79:a4:59:41:82:17:82:94:53:14:e3:00:5f:32:1d:b2:ca:ad:
f4:d4:8d:b1:b3:40:fd:3a:27:20:5d:64:56:60:0f:a5:07:44:
b7:48:24:91:3d:28:47:ac:5e:d2:46:63:d4:e5:bf:33:80:6b:
b1:c3:ab:87:d0:7a:cd:5d:ed:e9:ad:dd:73:33:04:e8:fa:64:
9c:45:c1:39:1c:a8:94:dc:bb:21:26:f4:94:87:1a:92:22:03:
7e:fe:47:c6:30:d8:0f:86:de:8e:a4:a4:6c:28:74:0a:d8:38:
4e:44:5b:27
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJw3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzE0MDIwOTM2WhcNMjQwODEzMDIwOTM2WjAYMRYw
FAYDVQQDEw02NjkzMzM2My1jOTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxabYqbcmF6kJb/2xBFcUu8I9i1pQdt4W7DbrSx5GPMzrkwVB8KMpqrH0
xXcgzKDcMxeOF2evKIQjZd5lYxfsC1Auhkw63S3Bscxuby7xgk35PvTF5IzFkl/U
v98QAPU/BfQMaIokF5uOKxtHBUU5lfiByasZNUykR2ORgbTuYsAne4TFkKvvSKuj
eGPTzqPomHLHCXvLLPCNANJVPBz6VsjsZQy14n1K5/SWKnTdyj3nnVaE2Wj7PgcX
c+H5Mlejnt5lxpbzCelxB675BG2E9SGpFOgwrUrozEG7U3FAZzwMucwkXBv1DLAF
+824/cvJR5YiiIrF7Po4SAIbOac2owIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI7B
Exav50W7Ca9RYNUZLvoxTdANMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMDA0QUUxQTQxODYxMUVGQTYxRDIxOTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPQUMA0GCSqGSIb3DQEBCwUA
A4IBAQCNfwtlDfMvqayV3wPvT5gUj7EhmaiOUChEcmVJoi7RStCsKji85pYHLXTM
vpRxQPPtCZlYdq9zcjgKtwG4RKP7EpTJJPeO4PMYMyhfmVUFx7AbyqeHPgP6XUJ9
hDdGtX0upMFgFdTuYcUaZk4t8hsjoM7LGXc4t6zirmlqZQxye0Jd20OZOJEi1jpU
szkyeQR5pFlBgheClFMU4wBfMh2yyq301I2xs0D9OicgXWRWYA+lB0S3SCSRPShH
rF7SRmPU5b8zgGuxw6uH0HrNXe3prd1zMwTo+mScRcE5HKiU3LshJvSUhxqSIgN+
/kfGMNgPht6OpKRsKHQK2DhORFsn
-----END CERTIFICATE-----
Generated at Tue Aug 13 07:40:39 2024 by rpki-client on console-fra.rpki-client.org