Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33CEE6D20DCD11EF9BC72A5C017001B1.roa
File: 33CEE6D20DCD11EF9BC72A5C017001B1.roa (raw, json)
Hash identifier: UL9mfU07OljM1jYN+FP7JyENOgvnj9ud98Alt8t4Itw=
Subject key identifier: 08:EE:44:67:8D:FC:71:D5:4D:85:20:DC:68:AA:C6:04:9B:74:46:3B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8917
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33CEE6D20DCD11EF9BC72A5C017001B1.roa
Signing time: Thu 09 May 2024 06:27:26 +0000
ROA not before: Thu 09 May 2024 06:27:22 +0000
ROA not after: Wed 29 May 2024 06:27:22 +0000
asID: 141883
IP address blocks: 156.246.16.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35095 (0x8917)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 9 06:27:22 2024 GMT
Not After : May 29 06:27:22 2024 GMT
Subject: CN=663c6cce-866d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:57:83:5b:a6:1f:81:a1:08:8b:95:f2:42:a5:
e9:d8:09:67:ec:d3:d7:df:4d:a0:02:d4:f3:44:90:
33:77:3a:b1:23:3f:d8:e2:9f:6a:16:5c:de:c6:5e:
f1:ae:89:82:96:62:c7:b2:ff:d0:19:33:fe:12:0e:
83:0b:01:38:7e:0a:11:e3:20:9b:48:c5:4c:65:fc:
be:bc:a1:29:cf:58:c1:2e:1c:87:60:c4:1a:3b:4c:
31:ed:b0:4e:38:3b:3c:8d:38:cd:c1:48:86:c9:61:
07:46:e1:86:65:f3:ef:00:ba:26:8b:99:64:c6:00:
9b:08:d2:c3:3f:24:fa:3a:4c:93:2c:96:37:1a:5d:
a3:6d:43:eb:0a:78:74:1f:84:84:4c:97:fb:77:4c:
10:6e:8f:1f:36:0d:8c:33:38:ec:11:47:80:89:b7:
ba:d6:be:43:5c:f6:4b:56:7c:71:06:83:eb:4e:a0:
df:bc:68:1a:7a:42:3c:d1:f2:84:64:a5:ae:fd:15:
e4:e3:3c:18:10:08:1c:37:6a:9d:04:72:4a:f0:88:
76:a0:3b:91:f6:e7:58:58:3f:e1:c4:a9:b7:f4:4a:
0d:b0:d0:e5:88:8f:58:7d:9a:62:48:ea:3c:94:e4:
9c:9a:7c:c2:82:85:ff:71:d3:3d:2b:da:cf:58:2a:
f8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:EE:44:67:8D:FC:71:D5:4D:85:20:DC:68:AA:C6:04:9B:74:46:3B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33CEE6D20DCD11EF9BC72A5C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.16.0/23
Signature Algorithm: sha256WithRSAEncryption
34:4b:ab:e6:5d:2b:3e:b5:24:2d:21:59:3d:78:42:fa:7d:fa:
5b:b8:8e:ff:f1:d4:c5:c9:d2:5e:be:a5:fc:1c:7a:62:df:13:
78:33:ca:7b:1e:92:4e:eb:d2:2a:23:b1:c6:a1:07:c6:13:cc:
a7:43:1d:47:a4:a3:1e:06:7c:0d:af:41:12:7c:9e:4f:17:35:
12:2d:53:06:bf:9a:5a:72:6a:e3:ac:8c:e4:3a:7f:01:b9:4d:
e2:e9:80:e6:aa:f6:61:b6:57:ad:6f:c4:3f:9b:42:c1:26:3e:
23:7e:57:01:b4:0d:b9:d9:99:0d:66:e1:39:9a:5c:74:b5:fc:
77:8f:27:e4:eb:9b:38:5b:c5:99:ab:90:a6:c5:15:88:6b:0f:
8a:b2:cf:f5:eb:24:bb:bf:16:1c:ac:92:1f:d4:02:96:1e:64:
b1:e3:4d:2f:8c:fe:8e:6a:c6:4d:71:56:e6:96:ce:19:60:91:
4c:0e:c6:7f:53:5b:22:15:b4:7f:d1:a7:27:cd:bc:9e:fc:63:
fd:61:e9:ba:ee:f0:4a:33:0a:75:de:9c:1f:8f:3d:70:77:5d:
5f:3e:6b:c7:fd:4e:ea:fb:63:35:1b:cc:57:37:ec:4e:3f:d9:
d5:1f:e7:eb:99:16:a7:93:23:4b:bc:db:02:48:5c:b9:0b:74:
a4:56:a1:bc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIkXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTA5MDYyNzIyWhcNMjQwNTI5MDYyNzIyWjAYMRYw
FAYDVQQDEw02NjNjNmNjZS04NjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3VeDW6YfgaEIi5XyQqXp2Aln7NPX302gAtTzRJAzdzqxIz/Y4p9qFlze
xl7xromClmLHsv/QGTP+Eg6DCwE4fgoR4yCbSMVMZfy+vKEpz1jBLhyHYMQaO0wx
7bBOODs8jTjNwUiGyWEHRuGGZfPvALomi5lkxgCbCNLDPyT6OkyTLJY3Gl2jbUPr
Cnh0H4SETJf7d0wQbo8fNg2MMzjsEUeAibe61r5DXPZLVnxxBoPrTqDfvGgaekI8
0fKEZKWu/RXk4zwYEAgcN2qdBHJK8Ih2oDuR9udYWD/hxKm39EoNsNDliI9YfZpi
SOo8lOScmnzCgoX/cdM9K9rPWCr4DwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAju
RGeN/HHVTYUg3GiqxgSbdEY7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zM0NFRTZEMjBEQ0QxMUVGOUJDNzJBNUMwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPYQMA0GCSqGSIb3DQEBCwUA
A4IBAQA0S6vmXSs+tSQtIVk9eEL6ffpbuI7/8dTFydJevqX8HHpi3xN4M8p7HpJO
69IqI7HGoQfGE8ynQx1HpKMeBnwNr0ESfJ5PFzUSLVMGv5pacmrjrIzkOn8BuU3i
6YDmqvZhtletb8Q/m0LBJj4jflcBtA252ZkNZuE5mlx0tfx3jyfk65s4W8WZq5Cm
xRWIaw+Kss/16yS7vxYcrJIf1AKWHmSx400vjP6OasZNcVbmls4ZYJFMDsZ/U1si
FbR/0acnzbye/GP9Yem67vBKMwp13pwfjz1wd11fPmvH/U7q+2M1G8xXN+xOP9nV
H+frmRankyNLvNsCSFy5C3SkVqG8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:03:03 2024 by rpki-client on console-ams.rpki-client.org