Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/229B3E6E06DF11EFA44B246B017001B1.roa
File: 229B3E6E06DF11EFA44B246B017001B1.roa (raw, json)
Hash identifier: RrTESznCAeOncrOi5wC135ljPcBmPsvpgBfc/XHcdQo=
Subject key identifier: 2C:8D:93:F7:66:9E:67:23:6D:57:CF:A0:D1:31:8E:20:26:18:BD:42
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8701
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/229B3E6E06DF11EFA44B246B017001B1.roa
Signing time: Tue 30 Apr 2024 10:48:10 +0000
ROA not before: Tue 30 Apr 2024 10:48:07 +0000
ROA not after: Sat 11 May 2024 10:48:07 +0000
asID: 996
IP address blocks: 156.236.14.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34561 (0x8701)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 30 10:48:07 2024 GMT
Not After : May 11 10:48:07 2024 GMT
Subject: CN=6630cc6a-cff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bc:3a:ec:14:bc:19:48:ff:95:77:61:29:2a:
56:65:96:3e:bc:a0:14:7e:92:2d:4c:5c:b2:24:48:
45:90:31:c2:7d:8c:87:e3:e2:24:57:d6:6c:e3:48:
16:ba:f7:b4:74:a9:1e:f1:d9:a8:7d:ef:b8:da:02:
ea:0b:ac:71:c7:75:41:b6:25:0d:53:e2:47:72:5d:
33:8e:3f:23:d1:17:7e:03:a1:1e:5d:b6:c2:02:23:
03:44:ff:ef:29:f5:9c:52:fd:da:66:30:0e:07:6c:
a4:46:92:6b:27:7d:1b:6e:f7:cf:49:a5:2c:70:5a:
b4:6b:a0:80:30:8f:d1:01:9a:96:2a:04:68:00:30:
87:91:5a:71:d3:d9:ad:18:c8:e7:a5:f1:23:b6:30:
b5:a9:b8:65:77:e2:b7:07:84:93:fd:9a:01:f6:05:
ce:27:3b:18:27:da:5b:b2:b6:b6:0f:34:d9:a1:68:
9a:f8:65:43:85:5a:55:13:46:f6:33:8d:2d:34:65:
bd:96:b7:52:b9:56:58:0c:93:83:6a:86:04:2f:85:
fd:76:b1:ee:21:ef:a4:9e:df:04:eb:a9:08:8f:2c:
1c:1c:71:46:2f:6d:c0:9b:86:6e:ed:76:f8:2d:20:
09:ca:29:e6:45:d4:d6:fb:a8:03:d4:c2:88:7a:e5:
fd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:8D:93:F7:66:9E:67:23:6D:57:CF:A0:D1:31:8E:20:26:18:BD:42
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/229B3E6E06DF11EFA44B246B017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.14.0/23
Signature Algorithm: sha256WithRSAEncryption
91:ce:46:0d:f3:1e:32:3d:c8:b6:0a:fd:4d:37:d4:48:04:81:
44:e5:29:0c:38:97:20:5d:7c:1a:72:69:90:db:20:66:9b:0d:
11:94:45:2f:7a:b8:7e:f1:59:4e:58:5e:83:3b:8a:16:0d:58:
14:2d:a6:8e:90:c6:33:26:e0:08:c1:bb:c9:44:f5:59:2f:fe:
18:77:77:96:62:e8:2c:8c:9e:9a:db:3c:fe:ee:77:54:48:9d:
e7:e3:d4:26:00:23:d7:e1:48:e5:b7:c4:c2:74:a4:5e:82:7d:
6c:b8:3f:65:ee:7c:bc:24:00:86:eb:42:b2:51:fd:3e:1e:cd:
b7:c2:8a:85:b5:4e:83:4b:db:36:58:51:b2:4a:b6:28:ac:0e:
d8:e3:22:d6:ab:3a:e5:1f:fd:cc:38:86:03:a7:88:9c:c2:45:
9e:1c:64:04:77:c7:a8:65:f0:96:20:a2:12:93:68:5e:36:6a:
c9:15:b2:9a:37:e2:9a:bb:34:33:80:fc:e4:c3:6b:55:cb:74:
10:1e:67:b3:13:a0:c2:e7:a0:80:ad:35:60:03:07:c8:7f:cb:
a9:1d:21:82:9b:26:59:86:54:39:b3:56:a2:98:75:53:82:2f:
13:85:8d:73:7b:78:67:d1:67:44:13:90:cf:01:11:76:a6:14:
9a:2b:47:2f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIcBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDMwMTA0ODA3WhcNMjQwNTExMTA0ODA3WjAYMRYw
FAYDVQQDEw02NjMwY2M2YS1jZmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtLw67BS8GUj/lXdhKSpWZZY+vKAUfpItTFyyJEhFkDHCfYyH4+IkV9Zs
40gWuve0dKke8dmofe+42gLqC6xxx3VBtiUNU+JHcl0zjj8j0Rd+A6EeXbbCAiMD
RP/vKfWcUv3aZjAOB2ykRpJrJ30bbvfPSaUscFq0a6CAMI/RAZqWKgRoADCHkVpx
09mtGMjnpfEjtjC1qbhld+K3B4ST/ZoB9gXOJzsYJ9pbsra2DzTZoWia+GVDhVpV
E0b2M40tNGW9lrdSuVZYDJODaoYEL4X9drHuIe+knt8E66kIjywcHHFGL23Am4Zu
7Xb4LSAJyinmRdTW+6gD1MKIeuX9GQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCyN
k/dmnmcjbVfPoNExjiAmGL1CMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMjlCM0U2RTA2REYxMUVGQTQ0QjI0NkIwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOwOMA0GCSqGSIb3DQEBCwUA
A4IBAQCRzkYN8x4yPci2Cv1NN9RIBIFE5SkMOJcgXXwacmmQ2yBmmw0RlEUverh+
8VlOWF6DO4oWDVgULaaOkMYzJuAIwbvJRPVZL/4Yd3eWYugsjJ6a2zz+7ndUSJ3n
49QmACPX4Ujlt8TCdKRegn1suD9l7ny8JACG60KyUf0+Hs23woqFtU6DS9s2WFGy
SrYorA7Y4yLWqzrlH/3MOIYDp4icwkWeHGQEd8eoZfCWIKISk2heNmrJFbKaN+Ka
uzQzgPzkw2tVy3QQHmezE6DC56CArTVgAwfIf8upHSGCmyZZhlQ5s1aimHVTgi8T
hY1ze3hn0WdEE5DPARF2phSaK0cv
-----END CERTIFICATE-----
Generated at Sun May 12 01:39:49 2024 by rpki-client on console-fra.rpki-client.org