Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A29C72CF91611ED872272144AD9E6FC.roa
File: 2A29C72CF91611ED872272144AD9E6FC.roa (raw, json)
Hash identifier: HJl+pEUDrck1iInMsohpwuvfda2FBKxawYLacPAqr64=
Subject key identifier: C1:0F:01:90:67:F4:A6:63:06:67:21:75:87:5C:05:6F:78:83:59:03
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 26A2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A29C72CF91611ED872272144AD9E6FC.roa
Signing time: Tue 23 May 2023 03:01:51 +0000
ROA not before: Tue 23 May 2023 03:01:47 +0000
ROA not after: Sun 05 May 2024 03:01:47 +0000
asID: 398968
IP address blocks: 156.233.136.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9890 (0x26a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 03:01:47 2023 GMT
Not After : May 5 03:01:47 2024 GMT
Subject: CN=646c2c9f-2fcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:75:18:88:c3:e8:44:6f:d2:7d:ab:f7:e7:7f:
02:d5:82:22:d9:bd:e3:a0:0b:96:9d:b3:fd:b5:11:
8c:75:a2:07:02:69:e2:0e:c2:f8:1b:60:a4:6a:d4:
a3:45:a2:20:7f:52:f9:1b:f4:40:23:63:28:ae:bd:
29:07:61:2d:8e:0d:dc:86:2c:5c:12:e1:ca:ee:3c:
03:31:9c:cd:db:28:54:ad:dc:97:e5:62:4c:1c:af:
89:94:9d:c6:4d:df:88:e7:11:ae:e9:3a:1b:fa:2d:
04:34:95:ed:d1:a9:95:6f:29:b5:8b:1f:ce:79:80:
f4:1a:96:b2:eb:26:a3:f2:6c:00:4e:15:1d:84:06:
31:58:9d:97:18:2f:eb:e1:f1:15:70:cd:8b:43:d5:
eb:ac:5a:af:46:2f:66:28:69:ed:30:50:df:81:4d:
b1:7d:1b:ab:95:f6:03:c6:06:d6:77:43:81:97:fd:
da:33:c8:8a:75:73:68:4e:f5:fd:2e:cb:46:b8:fb:
b3:8e:38:38:b5:8b:fb:e6:c6:23:2b:1b:10:a6:84:
73:c5:c5:90:41:2e:07:82:f7:25:47:17:4b:5d:5a:
88:86:a2:7f:63:c2:8b:6b:e5:a0:62:28:ef:28:f4:
19:39:f6:1f:fa:30:26:a7:1b:c6:92:aa:f1:64:b3:
d9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:0F:01:90:67:F4:A6:63:06:67:21:75:87:5C:05:6F:78:83:59:03
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A29C72CF91611ED872272144AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.136.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:0f:4c:2c:7b:e8:f9:36:14:a7:3d:33:8e:96:db:f7:33:5d:
65:4e:59:47:6d:e1:02:48:45:3a:37:c4:c9:64:1c:ee:43:8a:
66:5c:91:0d:3c:99:0a:1c:2e:ca:d3:77:59:15:be:23:e1:15:
a4:e5:e7:f5:2d:eb:72:e6:30:ba:4a:35:21:1d:a9:73:bf:90:
4d:a0:83:e7:5b:f8:32:9a:77:10:91:02:fe:fc:fa:8c:72:c9:
3f:8f:4f:16:ee:43:a3:71:17:42:6e:46:db:5c:0a:d3:f8:b6:
10:ed:05:11:6d:ae:67:21:12:32:0b:a7:dd:4d:cc:c8:47:6c:
30:0a:c2:2b:32:98:dd:b1:77:46:c0:27:5f:79:4b:b0:f4:b8:
c3:cc:5d:63:97:55:02:35:d8:62:06:53:cf:06:a4:55:8a:01:
e2:08:1f:c2:14:1f:bb:f7:23:9c:29:b0:4f:09:a0:9e:ae:a8:
07:32:f8:6a:00:13:15:63:1d:dd:83:8f:d5:c9:c7:7c:4a:cd:
c0:f8:89:87:98:ac:06:7b:99:85:86:c0:47:b4:74:01:04:9a:
14:f3:ad:d9:3f:62:9e:54:85:5b:6b:e1:39:84:a6:b1:bb:ba:
fe:3f:b0:bc:d6:44:24:d7:9d:e6:74:2b:8a:ab:9e:32:a3:8d:
55:71:f3:5a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICJqIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzA1MjMwMzAxNDdaFw0yNDA1MDUwMzAxNDdaMBgxFjAU
BgNVBAMTDTY0NmMyYzlmLTJmY2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDhdRiIw+hEb9J9q/fnfwLVgiLZveOgC5ads/21EYx1ogcCaeIOwvgbYKRq
1KNFoiB/Uvkb9EAjYyiuvSkHYS2ODdyGLFwS4cruPAMxnM3bKFSt3JflYkwcr4mU
ncZN34jnEa7pOhv6LQQ0le3RqZVvKbWLH855gPQalrLrJqPybABOFR2EBjFYnZcY
L+vh8RVwzYtD1eusWq9GL2Yoae0wUN+BTbF9G6uV9gPGBtZ3Q4GX/dozyIp1c2hO
9f0uy0a4+7OOODi1i/vmxiMrGxCmhHPFxZBBLgeC9yVHF0tdWoiGon9jwotr5aBi
KO8o9Bk59h/6MCanG8aSqvFks9nJAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUwQ8B
kGf0pmMGZyF1h1wFb3iDWQMwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzJBMjlDNzJDRjkxNjExRUQ4NzIyNzIxNDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOc6YgwDQYJKoZIhvcNAQELBQAD
ggEBADoPTCx76Pk2FKc9M46W2/czXWVOWUdt4QJIRTo3xMlkHO5DimZckQ08mQoc
LsrTd1kVviPhFaTl5/Ut63LmMLpKNSEdqXO/kE2gg+db+DKadxCRAv78+oxyyT+P
TxbuQ6NxF0JuRttcCtP4thDtBRFtrmchEjILp91NzMhHbDAKwisymN2xd0bAJ195
S7D0uMPMXWOXVQI12GIGU88GpFWKAeIIH8IUH7v3I5wpsE8JoJ6uqAcy+GoAExVj
Hd2Dj9XJx3xKzcD4iYeYrAZ7mYWGwEe0dAEEmhTzrdk/Yp5UhVtr4TmEprG7uv4/
sLzWRCTXneZ0K4qrnjKjjVVx81o=
-----END CERTIFICATE-----
Generated at Mon May 6 02:18:24 2024 by rpki-client on console-ams.rpki-client.org