Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4183A6B8499711EF9D413CB4762E951A.roa
File: 4183A6B8499711EF9D413CB4762E951A.roa (raw, json)
Hash identifier: c793HBnJCfHcNk564SeWTJN6Y0zzjMGXlWCE+5e9n34=
Subject key identifier: B9:B2:56:49:7C:B1:E9:F0:98:11:44:F4:D6:61:8E:F8:E8:AB:9C:97
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9F21
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4183A6B8499711EF9D413CB4762E951A.roa
Signing time: Wed 24 Jul 2024 08:32:26 +0000
ROA not before: Wed 24 Jul 2024 08:32:23 +0000
ROA not after: Fri 02 Aug 2024 08:32:23 +0000
asID: 44559
IP address blocks: 156.233.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40737 (0x9f21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 24 08:32:23 2024 GMT
Not After : Aug 2 08:32:23 2024 GMT
Subject: CN=66a0bc1a-09e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c1:b2:73:70:65:cd:74:1d:c2:71:3a:9e:54:
41:b5:0c:86:4f:be:18:da:95:d5:cf:10:9d:73:cf:
e1:fc:e0:7f:f7:f9:a6:0b:85:c1:59:06:79:7a:b3:
81:3f:a1:b9:5f:2e:3e:35:57:1b:ee:ef:8f:b5:1f:
a3:ea:bc:17:19:8c:b6:1f:ea:70:a0:c2:2c:90:39:
5b:0d:52:8c:d1:93:da:65:fe:a4:35:8d:f6:51:8c:
f4:e8:3a:a4:0d:d6:59:de:ba:f8:3b:cb:d9:b9:29:
62:67:9f:4b:6a:5d:91:e4:e9:2a:1b:a9:7a:0b:aa:
10:be:37:24:54:62:20:a7:68:b0:99:7c:8d:70:da:
7e:aa:3d:71:55:6b:d1:f3:a9:22:ab:c6:92:51:ad:
c5:41:11:b1:3f:5f:2e:a1:a0:13:d6:14:7b:84:32:
4a:1d:52:24:f5:55:9c:66:d5:6c:20:6a:e6:87:8a:
d9:3a:d9:6c:88:e3:17:c0:db:d6:f3:78:d4:bc:7b:
25:a7:6b:05:88:81:7c:28:a4:97:f8:43:28:f0:4d:
3b:1b:61:c8:f8:17:45:ae:7d:ac:63:36:f4:45:ed:
32:22:ab:bf:cb:43:fd:f8:48:2b:62:d8:83:af:ce:
1b:c9:70:63:20:db:27:50:27:1b:f3:9a:7a:09:95:
f8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B2:56:49:7C:B1:E9:F0:98:11:44:F4:D6:61:8E:F8:E8:AB:9C:97
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4183A6B8499711EF9D413CB4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.128.0/17
Signature Algorithm: sha256WithRSAEncryption
70:64:12:c7:88:05:83:73:1c:21:d7:74:b1:1e:a3:cc:e1:fe:
32:d5:ab:65:11:7e:02:fb:1b:6d:69:bc:56:1c:ba:69:ec:22:
5a:3f:85:19:92:53:58:e9:6e:d9:55:8f:d3:db:48:0d:2a:32:
d6:9f:9c:92:ea:ce:9b:7b:59:a8:7e:d1:b4:71:49:5e:57:f9:
9c:27:c8:2e:4d:c3:bf:6d:ef:bc:e7:44:51:fa:bb:96:eb:93:
3b:f9:ec:b8:3d:db:c4:6a:ef:a1:f8:f8:62:b0:c0:26:63:58:
93:be:df:93:82:67:4a:ee:b5:48:0d:58:9b:39:50:61:67:0e:
be:1d:28:a4:13:51:78:60:d9:7b:be:1b:9a:c7:fb:c0:72:a9:
ea:a2:77:ac:a2:c6:50:e0:a9:81:a6:00:9f:6c:1c:71:13:f4:
12:ac:f0:1b:1e:ea:9d:14:e6:5f:33:0b:cb:d3:bf:23:56:66:
21:23:1f:df:46:de:2d:96:c8:1d:b7:d8:92:65:ff:8a:9d:c7:
7e:ac:6e:3b:b9:20:ca:9d:7d:3c:1c:2c:5e:51:66:25:01:e5:
c5:36:d3:f8:e2:38:7b:80:4c:bf:04:20:34:67:98:05:87:23:
8f:74:75:c1:65:53:c8:f8:12:2e:c9:7d:2a:49:12:10:d8:b4:
2a:c8:d9:9c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ8hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzI0MDgzMjIzWhcNMjQwODAyMDgzMjIzWjAYMRYw
FAYDVQQDEw02NmEwYmMxYS0wOWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6MGyc3BlzXQdwnE6nlRBtQyGT74Y2pXVzxCdc8/h/OB/9/mmC4XBWQZ5
erOBP6G5Xy4+NVcb7u+PtR+j6rwXGYy2H+pwoMIskDlbDVKM0ZPaZf6kNY32UYz0
6DqkDdZZ3rr4O8vZuSliZ59Lal2R5OkqG6l6C6oQvjckVGIgp2iwmXyNcNp+qj1x
VWvR86kiq8aSUa3FQRGxP18uoaAT1hR7hDJKHVIk9VWcZtVsIGrmh4rZOtlsiOMX
wNvW83jUvHslp2sFiIF8KKSX+EMo8E07G2HI+BdFrn2sYzb0Re0yIqu/y0P9+Egr
YtiDr84byXBjINsnUCcb85p6CZX4MwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLmy
Vkl8senwmBFE9NZhjvjoq5yXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MTgzQTZCODQ5OTcxMUVGOUQ0MTNDQjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHnOmAMA0GCSqGSIb3DQEBCwUA
A4IBAQBwZBLHiAWDcxwh13SxHqPM4f4y1atlEX4C+xttabxWHLpp7CJaP4UZklNY
6W7ZVY/T20gNKjLWn5yS6s6be1moftG0cUleV/mcJ8guTcO/be+850RR+ruW65M7
+ey4PdvEau+h+PhisMAmY1iTvt+TgmdK7rVIDVibOVBhZw6+HSikE1F4YNl7vhua
x/vAcqnqonesosZQ4KmBpgCfbBxxE/QSrPAbHuqdFOZfMwvL078jVmYhIx/fRt4t
lsgdt9iSZf+Kncd+rG47uSDKnX08HCxeUWYlAeXFNtP44jh7gEy/BCA0Z5gFhyOP
dHXBZVPI+BIuyX0qSRIQ2LQqyNmc
-----END CERTIFICATE-----
Generated at Fri Aug 2 09:58:15 2024 by rpki-client on console-fra.rpki-client.org