Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AFF425E441611EFBAB69A4C762E951A.roa
File: 5AFF425E441611EFBAB69A4C762E951A.roa (raw, json)
Hash identifier: Chm7D76nwMrdsaqYhbFTMTQn4o9z0/sUdq49gBO8y5U=
Subject key identifier: 94:AB:AE:2E:8F:B3:65:95:F2:05:E9:E4:50:72:73:DC:3C:FF:F1:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9D16
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AFF425E441611EFBAB69A4C762E951A.roa
Signing time: Wed 17 Jul 2024 08:27:08 +0000
ROA not before: Wed 17 Jul 2024 08:27:04 +0000
ROA not after: Sat 27 Jul 2024 08:27:04 +0000
asID: 5065
IP address blocks: 156.239.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40214 (0x9d16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 17 08:27:04 2024 GMT
Not After : Jul 27 08:27:04 2024 GMT
Subject: CN=6697805c-40ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:42:7e:fd:60:d5:81:84:c9:ca:77:b2:8c:02:
4a:56:89:3a:59:47:3c:4d:22:c4:87:3e:a5:a8:4b:
07:42:04:72:08:1d:b9:54:db:75:82:2d:97:33:f5:
90:56:4d:8d:88:6c:0d:b4:58:a8:ba:33:f0:fd:23:
86:0d:05:27:6b:7e:3a:49:3e:a1:86:5f:8c:e8:8e:
da:e5:38:58:fb:7f:25:96:56:31:67:c2:70:76:60:
d7:34:06:57:f7:d4:15:1d:93:0f:3f:6e:0e:d8:c0:
40:c1:e1:2e:2b:a7:40:d0:60:34:e5:b7:86:23:5a:
6d:81:e8:9a:5e:be:63:b3:51:00:d0:0d:09:a2:bc:
fd:ae:58:07:b0:98:17:99:1a:b5:81:5c:74:5f:f8:
80:20:03:b3:fc:49:ec:37:49:c4:96:03:00:95:30:
4f:1e:6c:ef:cc:3f:e6:10:62:ee:7b:26:32:7e:46:
b7:fd:4e:a7:3f:3c:a6:7c:3c:a2:8d:e9:a3:a9:b7:
32:d5:7b:cb:12:34:88:e8:c6:99:e2:a1:00:dc:02:
6e:b9:da:29:2f:fa:4d:4f:92:42:00:1d:17:e1:52:
da:ef:64:0c:5c:8a:bd:0a:bc:a2:7a:33:e6:6d:20:
bc:79:66:7c:8d:d8:9e:bd:24:94:0f:a9:6b:db:2f:
cc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AB:AE:2E:8F:B3:65:95:F2:05:E9:E4:50:72:73:DC:3C:FF:F1:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AFF425E441611EFBAB69A4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.20.0/24
Signature Algorithm: sha256WithRSAEncryption
28:cc:bb:31:ee:8d:53:cb:4a:9a:27:f4:73:07:2e:95:e7:2a:
3a:d3:20:a6:5f:59:71:12:b0:99:b4:6b:c6:7a:69:4b:96:d4:
0e:1b:e4:07:00:72:92:51:4d:b5:cb:84:6f:70:d2:71:ca:c2:
34:7c:76:d3:ec:81:97:12:14:60:f6:84:a6:22:0b:39:6a:e6:
22:36:ed:f5:40:c1:24:eb:7e:15:65:35:33:e9:77:33:e0:af:
60:97:39:14:cc:dd:7d:f2:7c:e8:66:88:7e:be:bd:d8:33:e6:
76:4d:7a:75:fb:f6:58:62:84:11:25:87:db:e3:00:2c:d6:4a:
31:58:86:f4:7e:83:5b:b7:9c:e7:bb:45:93:11:7c:de:d1:dd:
33:d9:af:bb:36:be:76:54:e0:91:91:a4:97:24:fc:eb:64:90:
63:ed:14:2a:93:5b:e0:f5:d1:7c:01:41:11:14:6a:31:45:7b:
9b:71:39:78:35:3f:0f:8b:6c:f1:71:a3:68:ae:18:ad:e9:2b:
43:cb:29:58:ec:fc:31:8f:0d:aa:db:72:80:ba:ed:2b:c2:be:
72:9a:e0:c3:f4:49:63:27:7e:69:0c:8f:05:ae:1e:06:f2:48:
bb:96:36:85:a7:f4:a9:af:43:ec:a8:20:63:d9:34:1e:e9:93:
19:27:ac:0f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ0WMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzE3MDgyNzA0WhcNMjQwNzI3MDgyNzA0WjAYMRYw
FAYDVQQDEw02Njk3ODA1Yy00MGVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA70J+/WDVgYTJyneyjAJKVok6WUc8TSLEhz6lqEsHQgRyCB25VNt1gi2X
M/WQVk2NiGwNtFioujPw/SOGDQUna346ST6hhl+M6I7a5ThY+38lllYxZ8JwdmDX
NAZX99QVHZMPP24O2MBAweEuK6dA0GA05beGI1ptgeiaXr5js1EA0A0Jorz9rlgH
sJgXmRq1gVx0X/iAIAOz/EnsN0nElgMAlTBPHmzvzD/mEGLueyYyfka3/U6nPzym
fDyijemjqbcy1XvLEjSI6MaZ4qEA3AJuudopL/pNT5JCAB0X4VLa72QMXIq9Cryi
ejPmbSC8eWZ8jdievSSUD6lr2y/M9wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJSr
ri6Ps2WV8gXp5FByc9w8//EbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QUZGNDI1RTQ0MTYxMUVGQkFCNjlBNEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO8UMA0GCSqGSIb3DQEBCwUA
A4IBAQAozLsx7o1Ty0qaJ/RzBy6V5yo60yCmX1lxErCZtGvGemlLltQOG+QHAHKS
UU21y4RvcNJxysI0fHbT7IGXEhRg9oSmIgs5auYiNu31QMEk634VZTUz6Xcz4K9g
lzkUzN198nzoZoh+vr3YM+Z2TXp1+/ZYYoQRJYfb4wAs1koxWIb0foNbt5znu0WT
EXze0d0z2a+7Nr52VOCRkaSXJPzrZJBj7RQqk1vg9dF8AUERFGoxRXubcTl4NT8P
i2zxcaNorhit6StDyylY7Pwxjw2q23KAuu0rwr5ymuDD9EljJ35pDI8Frh4G8ki7
ljaFp/Spr0PsqCBj2TQe6ZMZJ6wP
-----END CERTIFICATE-----
Generated at Sun Jul 28 03:03:26 2024 by rpki-client on console-ams.rpki-client.org