Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BE7E126FE2211EE815EA22D017001B1.roa
File: 3BE7E126FE2211EE815EA22D017001B1.roa (raw, json)
Hash identifier: 1T6nEKj6sjMjAr2eblQuQcJQGHQwgWxAlDFU6NiyCdo=
Subject key identifier: 9F:F2:11:3F:AC:3B:AE:E4:5D:B2:01:D9:4F:9A:9D:74:96:D1:EE:56
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8384
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BE7E126FE2211EE815EA22D017001B1.roa
Signing time: Fri 19 Apr 2024 07:55:48 +0000
ROA not before: Fri 19 Apr 2024 07:55:45 +0000
ROA not after: Mon 29 Apr 2024 07:55:45 +0000
asID: 5065
IP address blocks: 156.240.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33668 (0x8384)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 19 07:55:45 2024 GMT
Not After : Apr 29 07:55:45 2024 GMT
Subject: CN=66222384-782c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2e:3c:59:4c:04:26:41:41:98:37:10:a1:b9:
de:20:ca:81:22:a7:3a:3b:ec:b6:25:15:64:f2:79:
a4:06:1a:77:6f:0b:98:ff:ec:d2:9c:ac:0c:bc:a7:
db:b6:95:f5:9b:3e:37:32:ba:e2:d8:92:9c:d9:b4:
50:7e:23:53:90:7d:cf:29:a1:64:9e:fc:27:7e:a1:
3d:f9:2b:67:0b:2d:05:8f:10:b8:2b:58:84:a6:e6:
3d:fe:50:a9:e4:2b:db:d1:42:5e:ac:64:5d:c5:21:
2d:42:ed:22:96:81:a5:69:9e:38:db:db:2f:1f:63:
ce:fb:08:23:66:66:cb:ce:3e:fe:06:ce:6a:37:12:
6c:5c:4a:37:ec:ea:c5:02:5d:c2:f2:53:7b:a6:ba:
a7:79:f2:fb:6a:64:54:1f:41:95:e4:7d:f7:f1:96:
58:4b:2b:25:37:bb:9d:b4:7d:82:90:99:26:c6:99:
74:ad:b0:d1:c6:4e:2c:d4:17:da:0e:8f:2a:aa:5a:
17:b4:ff:01:cc:4f:fa:91:6e:86:36:25:b8:eb:2e:
68:01:0f:61:5a:50:b5:f9:21:93:14:14:14:6d:d0:
6d:4f:bd:44:85:ec:71:68:a8:9e:e3:01:a2:15:7f:
3d:4c:d6:43:3c:d9:d7:7e:4b:c3:6a:e5:ac:fc:9a:
a1:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F2:11:3F:AC:3B:AE:E4:5D:B2:01:D9:4F:9A:9D:74:96:D1:EE:56
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BE7E126FE2211EE815EA22D017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.100.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:df:cd:09:7f:90:8b:14:b3:1f:6c:eb:43:3c:c4:42:03:c2:
12:a6:88:93:88:15:95:fa:ea:78:f6:24:f1:f7:68:15:17:a0:
d4:ad:4e:3b:b5:43:a5:f3:a4:ff:26:6a:a0:ad:60:4b:6c:49:
e5:ab:6b:fe:9e:a7:59:df:78:bb:57:a2:a0:5c:f9:c7:47:02:
16:8b:5c:7e:b3:e9:d3:ac:6c:16:65:23:11:dc:3e:00:b2:16:
bb:f7:80:77:75:c5:07:df:c2:c7:02:1d:fa:4e:68:fe:2d:e9:
a8:27:86:b8:44:74:a3:3b:b7:72:36:a0:0a:57:58:b1:cc:4e:
31:b7:1b:89:da:c1:3f:b7:34:66:e2:ce:c2:27:e9:94:b9:94:
46:55:95:cb:ce:69:43:5e:20:84:92:c2:dd:6d:ee:b4:a1:4c:
3a:c7:2c:16:97:7a:8d:62:b9:d2:64:e6:fd:9e:16:b1:5d:d3:
2c:97:fb:29:9c:a6:c2:5e:58:76:27:63:d5:97:89:81:78:f1:
4c:c8:09:73:65:9a:2f:cd:ed:a8:1c:f0:05:76:a3:e1:04:be:
f1:58:f4:02:70:b7:a5:10:c9:9b:90:d6:3a:e1:03:2c:20:37:
ae:94:16:cc:65:16:ef:25:c4:cc:4c:dd:31:b5:46:d0:9c:47:
08:cc:0f:0e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIOEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDE5MDc1NTQ1WhcNMjQwNDI5MDc1NTQ1WjAYMRYw
FAYDVQQDEw02NjIyMjM4NC03ODJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoC48WUwEJkFBmDcQobneIMqBIqc6O+y2JRVk8nmkBhp3bwuY/+zSnKwM
vKfbtpX1mz43Mrri2JKc2bRQfiNTkH3PKaFknvwnfqE9+StnCy0FjxC4K1iEpuY9
/lCp5Cvb0UJerGRdxSEtQu0iloGlaZ4429svH2PO+wgjZmbLzj7+Bs5qNxJsXEo3
7OrFAl3C8lN7prqnefL7amRUH0GV5H338ZZYSyslN7udtH2CkJkmxpl0rbDRxk4s
1BfaDo8qqloXtP8BzE/6kW6GNiW46y5oAQ9hWlC1+SGTFBQUbdBtT71EhexxaKie
4wGiFX89TNZDPNnXfkvDauWs/JqhjwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ/y
ET+sO67kXbIB2U+anXSW0e5WMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQkU3RTEyNkZFMjIxMUVFODE1RUEyMkQwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPBkMA0GCSqGSIb3DQEBCwUA
A4IBAQAO380Jf5CLFLMfbOtDPMRCA8ISpoiTiBWV+up49iTx92gVF6DUrU47tUOl
86T/JmqgrWBLbEnlq2v+nqdZ33i7V6KgXPnHRwIWi1x+s+nTrGwWZSMR3D4Asha7
94B3dcUH38LHAh36Tmj+LemoJ4a4RHSjO7dyNqAKV1ixzE4xtxuJ2sE/tzRm4s7C
J+mUuZRGVZXLzmlDXiCEksLdbe60oUw6xywWl3qNYrnSZOb9nhaxXdMsl/spnKbC
Xlh2J2PVl4mBePFMyAlzZZovze2oHPAFdqPhBL7xWPQCcLelEMmbkNY64QMsIDeu
lBbMZRbvJcTMTN0xtUbQnEcIzA8O
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:25 2024 by rpki-client on console-fra.rpki-client.org