Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C1D26764A6611EFAAEF92B7762E951A.roa
File: 2C1D26764A6611EFAAEF92B7762E951A.roa (raw, json)
Hash identifier: uwhXqlQRiSLJO9POvVgFGcqf8Bz6zK1QI1M04Jh9P/M=
Subject key identifier: DB:3E:F6:38:D9:88:F2:E7:A3:14:EF:24:9F:89:76:A5:BC:AF:E5:9E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A001
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C1D26764A6611EFAAEF92B7762E951A.roa
Signing time: Thu 25 Jul 2024 09:13:36 +0000
ROA not before: Thu 25 Jul 2024 09:13:32 +0000
ROA not after: Sat 03 Aug 2024 09:13:32 +0000
asID: 5065
IP address blocks: 156.239.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40961 (0xa001)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 25 09:13:32 2024 GMT
Not After : Aug 3 09:13:32 2024 GMT
Subject: CN=66a21740-a378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:28:84:86:ea:0f:c7:ae:6e:d8:b1:93:d4:b1:
37:2c:83:27:72:b9:28:1b:8b:fb:57:95:42:ed:5a:
ef:09:de:bf:bc:ad:cb:24:2c:58:3e:49:cb:54:5b:
10:72:9e:b3:fb:dd:fa:bb:5b:6a:82:a6:97:24:75:
ad:b5:24:6d:d7:04:49:7a:cd:f9:c1:ea:bf:e6:52:
6d:31:dd:0f:09:4d:0d:36:f7:a2:6a:2e:19:ac:c7:
3d:ea:5e:34:d1:e8:62:27:76:78:55:fa:85:fd:3e:
23:44:d6:a0:1f:e5:45:a5:6f:45:26:d7:1d:72:52:
ec:7d:f6:b8:06:90:21:21:48:81:5e:a9:85:a9:8d:
43:76:9e:fe:43:88:b5:69:4e:e0:dd:30:2d:4f:c5:
21:57:68:61:55:ae:1a:a0:ca:6a:9b:70:74:e7:f2:
bc:e9:c0:ac:64:5c:ad:f9:c5:ef:e9:89:3a:55:d4:
fe:64:60:e7:15:de:b9:fa:c5:8a:6e:42:bc:56:25:
c0:61:e3:34:09:17:29:44:86:96:06:0a:db:f1:55:
8c:81:a0:34:8b:16:25:2e:33:9d:54:a4:49:7f:6a:
1e:c8:00:76:18:ff:b9:ed:19:5c:07:6b:5d:1b:03:
b0:da:64:e9:6a:54:61:29:eb:2e:98:15:93:14:34:
a0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3E:F6:38:D9:88:F2:E7:A3:14:EF:24:9F:89:76:A5:BC:AF:E5:9E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C1D26764A6611EFAAEF92B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.20.0/24
Signature Algorithm: sha256WithRSAEncryption
01:74:a6:25:af:f6:83:a4:ce:b8:56:d6:5b:31:e0:b5:26:06:
9c:75:4d:93:bb:39:d7:0c:11:e1:87:86:67:56:72:ea:e1:c2:
b9:66:cd:f8:eb:e9:75:59:66:7a:21:d5:e2:f7:99:27:4e:3a:
7d:38:a7:a1:5d:39:f2:09:e9:8c:7e:7a:b5:96:b2:28:b5:bb:
bc:09:3d:63:91:6e:c6:48:1f:65:17:6f:86:1a:1f:b7:4e:a6:
ee:9d:3e:45:85:4d:b5:ae:b2:dc:c5:72:cf:0b:9c:68:69:bb:
e7:e7:79:d9:70:c2:29:ff:ae:c1:2f:a0:2f:3d:24:83:ec:af:
d0:64:24:99:b3:be:6c:be:31:7e:75:74:b4:b2:60:f8:98:00:
53:1e:48:db:db:41:4d:0f:fb:76:4a:77:98:c5:c9:d4:8c:7c:
2e:f9:58:d5:f9:18:eb:25:a8:fa:7c:1c:1c:49:29:0c:9e:36:
70:09:24:d1:23:76:d1:08:52:6b:8d:ed:e9:e7:29:4b:ca:1e:
32:7d:08:11:06:39:ca:73:2f:ce:6c:b4:83:12:d9:e8:ca:f1:
02:10:1d:34:50:e8:79:f7:f3:14:18:41:bf:9d:f3:2b:2c:4e:
dd:53:f6:a8:63:75:c6:19:4f:80:bd:d9:41:73:8a:a9:e2:c9:
76:dc:cb:97
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKABMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzI1MDkxMzMyWhcNMjQwODAzMDkxMzMyWjAYMRYw
FAYDVQQDEw02NmEyMTc0MC1hMzc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7yiEhuoPx65u2LGT1LE3LIMncrkoG4v7V5VC7VrvCd6/vK3LJCxYPknL
VFsQcp6z+936u1tqgqaXJHWttSRt1wRJes35weq/5lJtMd0PCU0NNveiai4ZrMc9
6l400ehiJ3Z4VfqF/T4jRNagH+VFpW9FJtcdclLsffa4BpAhIUiBXqmFqY1Ddp7+
Q4i1aU7g3TAtT8UhV2hhVa4aoMpqm3B05/K86cCsZFyt+cXv6Yk6VdT+ZGDnFd65
+sWKbkK8ViXAYeM0CRcpRIaWBgrb8VWMgaA0ixYlLjOdVKRJf2oeyAB2GP+57Rlc
B2tdGwOw2mTpalRhKesumBWTFDSgEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNs+
9jjZiPLnoxTvJJ+JdqW8r+WeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQzFEMjY3NjRBNjYxMUVGQUFFRjkyQjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO8UMA0GCSqGSIb3DQEBCwUA
A4IBAQABdKYlr/aDpM64VtZbMeC1JgacdU2TuznXDBHhh4ZnVnLq4cK5Zs346+l1
WWZ6IdXi95knTjp9OKehXTnyCemMfnq1lrIotbu8CT1jkW7GSB9lF2+GGh+3Tqbu
nT5FhU21rrLcxXLPC5xoabvn53nZcMIp/67BL6AvPSSD7K/QZCSZs75svjF+dXS0
smD4mABTHkjb20FND/t2SneYxcnUjHwu+VjV+RjrJaj6fBwcSSkMnjZwCSTRI3bR
CFJrje3p5ylLyh4yfQgRBjnKcy/ObLSDEtnoyvECEB00UOh59/MUGEG/nfMrLE7d
U/aoY3XGGU+AvdlBc4qp4sl23MuX
-----END CERTIFICATE-----
Generated at Sun Aug 4 03:57:23 2024 by rpki-client on console-fra.rpki-client.org