Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3254A6729B9511ECAE2B42CF5A40D577.roa
File: 3254A6729B9511ECAE2B42CF5A40D577.roa (raw, json)
Hash identifier: QWiv21FJWwgCH36SMcsjCtIvK/HaCuPlSsb7i7jpYdE=
Subject key identifier: 7D:EE:A6:E7:24:A4:E3:6D:C5:7E:E7:A5:5B:E0:7D:F3:BA:42:CC:C5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 123E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3254A6729B9511ECAE2B42CF5A40D577.roa
Signing time: Fri 04 Mar 2022 08:29:24 +0000
ROA not before: Fri 04 Mar 2022 08:29:20 +0000
ROA not after: Fri 31 Mar 2023 08:29:20 +0000
asID: 399928
IP address blocks: 156.243.240.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4670 (0x123e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 4 08:29:20 2022 GMT
Not After : Mar 31 08:29:20 2023 GMT
Subject: CN=6221cde4-f1df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:31:af:5c:89:4b:c9:f0:9c:af:68:78:58:58:
6b:9b:ae:8a:49:52:fd:67:e7:91:ef:ac:54:c0:24:
4f:2b:fb:06:b3:26:c7:03:d7:d4:f9:fc:e2:ec:91:
5f:82:41:80:10:b6:39:b9:f3:62:85:0a:4f:24:e9:
f6:b5:84:e7:b7:10:5f:e6:01:6a:c4:a8:7c:f2:2f:
40:56:fe:51:c1:76:d0:4d:fb:72:98:22:37:39:96:
21:e7:43:35:87:4a:00:bc:de:c6:51:c1:d1:54:6d:
89:13:c9:b8:b1:ac:af:34:11:16:9e:42:9c:1d:97:
4e:00:11:71:8f:57:24:4e:40:33:bf:e4:8c:df:3e:
38:67:6e:56:17:1b:43:33:6a:80:12:e9:a6:7c:7a:
05:42:66:65:20:3d:3a:58:c5:be:92:11:1b:ef:f2:
f0:3d:70:4b:7e:5c:e1:b0:c9:ba:2c:bc:ee:ec:df:
b7:e6:e6:67:b9:d5:df:fb:fe:2d:93:5d:b3:54:91:
57:82:ae:43:32:87:6f:2c:42:76:96:b4:73:f3:0d:
09:3b:87:43:21:2d:71:10:f0:46:f0:9e:d2:1f:f7:
a8:83:9b:f7:5c:b4:69:36:4a:a8:e2:9c:30:59:35:
d3:d2:ae:ca:58:7b:3f:33:af:12:35:f9:47:51:cd:
f8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:EE:A6:E7:24:A4:E3:6D:C5:7E:E7:A5:5B:E0:7D:F3:BA:42:CC:C5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3254A6729B9511ECAE2B42CF5A40D577.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.240.0/20
Signature Algorithm: sha256WithRSAEncryption
81:03:f1:cd:5b:42:77:3f:b7:37:d6:84:41:dc:2a:32:c9:91:
34:03:6a:98:7b:9f:2a:74:59:1a:c0:17:59:14:30:cf:22:57:
d8:8c:d8:f7:12:b2:31:99:3c:ec:98:67:2e:2e:2c:13:d2:b2:
2c:8b:c5:8f:ad:0d:15:02:b3:da:ac:cd:f3:8c:2f:4d:b2:51:
a0:8a:8f:a4:fe:ae:53:00:f6:1a:2e:58:ee:c4:93:9d:40:f5:
c7:a9:5a:24:1c:af:4e:86:7c:ba:28:e9:4c:f0:bf:02:e2:c3:
e0:3d:db:0f:07:b6:29:09:01:ad:79:e3:52:b8:1e:50:d7:06:
f1:5c:77:10:8f:dc:21:86:75:b5:c4:88:88:09:de:88:8e:21:
3a:8c:69:d6:18:f6:0b:75:57:48:f9:da:21:f2:63:99:23:c4:
17:06:49:e6:f5:cd:7d:1b:1d:a9:f3:b3:27:7b:0c:d3:93:59:
0d:ab:66:94:0e:8e:34:8d:be:c7:f7:f0:14:75:98:a6:08:70:
ea:52:fd:e1:c2:de:0b:57:3c:16:61:ea:e3:d6:cf:f0:ca:16:
0f:ae:6e:a6:e1:4d:bb:85:b7:d0:81:bf:8e:b6:c3:47:d1:9f:
4f:16:ed:db:cd:2f:87:6c:30:88:f7:e3:04:97:9c:5d:0a:21:
67:d7:2c:da
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICEj4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMjAzMDQwODI5MjBaFw0yMzAzMzEwODI5MjBaMBgxFjAU
BgNVBAMMDTYyMjFjZGU0LWYxZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6Ma9ciUvJ8JyvaHhYWGubropJUv1n55HvrFTAJE8r+wazJscD19T5/OLs
kV+CQYAQtjm582KFCk8k6fa1hOe3EF/mAWrEqHzyL0BW/lHBdtBN+3KYIjc5liHn
QzWHSgC83sZRwdFUbYkTybixrK80ERaeQpwdl04AEXGPVyROQDO/5IzfPjhnblYX
G0MzaoAS6aZ8egVCZmUgPTpYxb6SERvv8vA9cEt+XOGwybosvO7s37fm5me51d/7
/i2TXbNUkVeCrkMyh28sQnaWtHPzDQk7h0MhLXEQ8EbwntIf96iDm/dctGk2Sqji
nDBZNdPSrspYez8zrxI1+UdRzfgFAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUfe6m
5ySk423FfuelW+B987pCzMUwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzMyNTRBNjcyOUI5NTExRUNBRTJCNDJDRjVBNDBENTc3LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBASc8/AwDQYJKoZIhvcNAQELBQAD
ggEBAIED8c1bQnc/tzfWhEHcKjLJkTQDaph7nyp0WRrAF1kUMM8iV9iM2PcSsjGZ
POyYZy4uLBPSsiyLxY+tDRUCs9qszfOML02yUaCKj6T+rlMA9houWO7Ek51A9cep
WiQcr06GfLoo6UzwvwLiw+A92w8HtikJAa1541K4HlDXBvFcdxCP3CGGdbXEiIgJ
3oiOITqMadYY9gt1V0j52iHyY5kjxBcGSeb1zX0bHanzsyd7DNOTWQ2rZpQOjjSN
vsf38BR1mKYIcOpS/eHC3gtXPBZh6uPWz/DKFg+ubqbhTbuFt9CBv462w0fRn08W
7dvNL4dsMIj34wSXnF0KIWfXLNo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:18 2023 by rpki-client on console-fra.rpki-client.org