Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E4F73EA49AD11EFB17E4E4D762E951A.roa
File: 2E4F73EA49AD11EFB17E4E4D762E951A.roa (raw, json)
Hash identifier: MKfcpXjl82TxJJ122pjnlNjLvpSX0QX5LZ6SnLYifkg=
Subject key identifier: 78:5D:55:85:79:52:92:0E:44:38:4F:72:92:AE:CA:13:35:29:47:89
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9F5B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E4F73EA49AD11EFB17E4E4D762E951A.roa
Signing time: Wed 24 Jul 2024 11:09:23 +0000
ROA not before: Wed 24 Jul 2024 11:09:19 +0000
ROA not after: Sat 03 Aug 2024 11:09:19 +0000
asID: 7018
IP address blocks: 156.249.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40795 (0x9f5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 24 11:09:19 2024 GMT
Not After : Aug 3 11:09:19 2024 GMT
Subject: CN=66a0e0e3-b33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:77:c3:82:0e:a1:8b:18:02:fb:5b:a3:5d:2b:
68:a2:cd:71:3a:a9:d3:d1:6c:cf:78:66:2b:0a:97:
73:51:df:e7:aa:5d:c0:48:10:15:e4:de:fd:1d:a6:
0a:16:08:78:16:50:16:12:56:6a:5b:84:59:b7:8c:
28:6a:4e:87:2f:bd:b6:c9:c3:ba:54:36:12:6a:c9:
55:f0:ce:f2:d9:a4:c1:65:db:9d:e0:0d:85:c0:b9:
e2:d6:3c:e5:a8:13:52:7c:77:78:aa:c3:fc:15:96:
af:d5:66:b7:2e:47:e5:35:59:53:21:fd:21:68:5b:
2c:cc:6b:f3:c4:38:df:03:bf:c5:80:50:38:dd:a6:
13:2b:33:03:42:5b:ca:39:b4:43:04:04:c7:38:2d:
6b:55:1b:79:2c:49:30:1c:16:53:89:d9:87:4a:a2:
87:f9:17:ca:a8:b8:18:e4:1b:09:05:1a:9d:02:52:
d3:d3:0d:ac:25:82:d8:19:9d:29:68:b4:c6:8f:0e:
3e:93:54:49:ce:23:44:67:8a:bf:de:ff:d3:d3:46:
e7:e4:d3:86:f2:a7:d9:36:cf:72:70:78:b8:8a:7a:
7b:d1:53:22:66:30:c2:5c:cb:e1:12:81:23:a7:2a:
90:0d:03:2e:cd:84:44:a6:d4:ad:18:8e:f6:99:6d:
d3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:5D:55:85:79:52:92:0E:44:38:4F:72:92:AE:CA:13:35:29:47:89
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E4F73EA49AD11EFB17E4E4D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.48.0/21
Signature Algorithm: sha256WithRSAEncryption
74:91:e1:66:71:97:13:2f:77:92:0f:05:33:29:56:74:79:c5:
28:c6:0e:73:ee:98:b5:f3:4e:84:01:c7:29:d9:d7:fe:a5:14:
a3:c1:cb:38:1a:80:dd:1b:ba:35:69:8c:dd:93:73:32:b7:a7:
43:b8:00:13:93:68:31:61:b7:b9:0b:73:e2:47:1b:25:3b:0b:
5e:f9:ec:d1:41:15:56:e1:3e:71:f1:65:2f:26:ff:f3:46:b6:
d0:91:f8:3b:27:49:a9:6c:6a:dd:20:45:3d:75:f9:70:6e:17:
10:23:d7:eb:82:1c:3e:78:56:fa:e7:be:c8:41:df:02:53:9a:
c2:02:ed:df:f6:35:69:ef:ea:bf:98:d8:66:d8:11:5e:7d:19:
69:0a:4e:1b:ae:a2:45:4e:8e:27:73:27:3a:6c:ba:bc:34:2b:
f8:40:e5:cb:fb:da:ec:84:ec:54:88:c6:28:9c:57:3c:2d:57:
32:f9:9b:80:99:68:fd:7a:98:7d:32:1c:d0:42:64:08:bb:b1:
21:19:f9:ff:c6:11:10:ec:1c:80:fa:df:47:fb:4b:16:8d:ba:
bd:d2:14:04:79:b2:06:16:2e:93:ef:62:13:7f:12:32:4e:80:
a7:13:cd:37:65:a1:c0:0f:4b:b1:39:b3:f8:3d:04:48:98:ba:
25:05:85:71
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ9bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzI0MTEwOTE5WhcNMjQwODAzMTEwOTE5WjAYMRYw
FAYDVQQDEw02NmEwZTBlMy1iMzNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzHfDgg6hixgC+1ujXStoos1xOqnT0WzPeGYrCpdzUd/nql3ASBAV5N79
HaYKFgh4FlAWElZqW4RZt4woak6HL722ycO6VDYSaslV8M7y2aTBZdud4A2FwLni
1jzlqBNSfHd4qsP8FZav1Wa3LkflNVlTIf0haFsszGvzxDjfA7/FgFA43aYTKzMD
QlvKObRDBATHOC1rVRt5LEkwHBZTidmHSqKH+RfKqLgY5BsJBRqdAlLT0w2sJYLY
GZ0paLTGjw4+k1RJziNEZ4q/3v/T00bn5NOG8qfZNs9ycHi4inp70VMiZjDCXMvh
EoEjpyqQDQMuzYREptStGI72mW3TjwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHhd
VYV5UpIORDhPcpKuyhM1KUeJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRTRGNzNFQTQ5QUQxMUVGQjE3RTRFNEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPkwMA0GCSqGSIb3DQEBCwUA
A4IBAQB0keFmcZcTL3eSDwUzKVZ0ecUoxg5z7pi1806EAccp2df+pRSjwcs4GoDd
G7o1aYzdk3Myt6dDuAATk2gxYbe5C3PiRxslOwte+ezRQRVW4T5x8WUvJv/zRrbQ
kfg7J0mpbGrdIEU9dflwbhcQI9frghw+eFb6577IQd8CU5rCAu3f9jVp7+q/mNhm
2BFefRlpCk4brqJFTo4ncyc6bLq8NCv4QOXL+9rshOxUiMYonFc8LVcy+ZuAmWj9
eph9MhzQQmQIu7EhGfn/xhEQ7ByA+t9H+0sWjbq90hQEebIGFi6T72ITfxIyToCn
E803ZaHAD0uxObP4PQRImLolBYVx
-----END CERTIFICATE-----
Generated at Sun Aug 4 03:07:52 2024 by rpki-client on console-ams.rpki-client.org