Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/603B53CE499411EF9FAD64A1762E951A.roa
File: 603B53CE499411EF9FAD64A1762E951A.roa (raw, json)
Hash identifier: CJ+VrTGw0+/8yk0a20nivFqze3oJu6AwNNGb+JIvSxk=
Subject key identifier: F3:22:91:6D:29:5A:8F:78:FE:A8:31:19:67:80:2A:60:99:B0:C7:F2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9EF5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/603B53CE499411EF9FAD64A1762E951A.roa
Signing time: Wed 24 Jul 2024 08:11:49 +0000
ROA not before: Wed 24 Jul 2024 08:11:46 +0000
ROA not after: Fri 23 Aug 2024 08:11:46 +0000
asID: 202656
IP address blocks: 156.246.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40693 (0x9ef5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 24 08:11:46 2024 GMT
Not After : Aug 23 08:11:46 2024 GMT
Subject: CN=66a0b745-c139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b3:68:5f:31:6c:b5:79:e9:78:e1:43:e7:59:
dd:80:19:15:e9:bc:d6:62:da:99:2d:d9:0e:a8:e5:
41:63:a4:1c:d4:91:9c:ee:fb:d4:e0:d0:66:d7:9f:
8a:17:2d:f0:b5:08:47:b3:52:90:b9:b7:e3:8f:8a:
8d:35:31:99:a8:7a:df:26:65:26:d2:62:c1:4c:91:
e0:74:e6:06:0a:31:82:41:fc:71:03:2f:e8:b8:ac:
9d:4c:53:13:aa:51:c4:8b:4d:14:62:ea:65:01:42:
92:92:c9:ee:46:d4:0e:3a:e5:21:ec:ef:ce:2f:c2:
f1:4a:18:83:f2:d7:bd:3f:b1:83:da:f6:28:30:17:
67:96:cc:13:eb:9b:19:67:16:17:59:14:cf:a1:47:
ef:57:ca:37:76:25:ae:f0:23:1c:a3:da:e1:89:66:
61:26:22:6d:21:2c:29:63:b2:a9:d5:06:a7:d6:1d:
7d:d1:70:26:85:0a:cb:f7:5d:3f:98:aa:e1:7e:05:
1f:53:d1:fb:63:b6:4f:d2:a6:40:0a:e4:8c:38:17:
16:87:16:aa:bd:ef:b4:cc:2d:d2:39:db:85:0c:f6:
12:7d:10:77:0e:3d:00:69:98:e9:28:4f:8c:c6:5f:
f1:4d:95:31:16:d8:05:a8:4a:b4:3f:20:7c:50:64:
5d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:22:91:6D:29:5A:8F:78:FE:A8:31:19:67:80:2A:60:99:B0:C7:F2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/603B53CE499411EF9FAD64A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.177.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:05:20:07:79:9e:99:a5:a8:7d:b6:b5:aa:95:a1:6d:58:d9:
8b:ea:00:d1:e7:76:36:8d:0e:6b:bf:54:04:31:5b:dd:1d:b8:
6d:bc:ae:8a:6c:b0:66:eb:48:db:c1:45:c5:1f:26:0b:37:0b:
5d:7c:c1:d9:b5:bf:9b:9d:4a:bf:f3:97:69:01:31:2b:5b:78:
9b:2d:c7:f0:3d:62:3e:d7:22:61:32:52:b4:62:f5:09:cc:eb:
cf:a7:20:7e:9a:c2:41:72:30:e8:de:63:52:fa:09:25:ed:21:
77:d5:e4:3a:e7:ec:07:df:f6:65:52:4a:58:17:9d:ce:d2:8c:
1d:d4:7f:ae:ef:3a:be:11:06:e7:bc:35:a4:45:44:77:42:ba:
2b:4f:de:11:47:02:16:24:00:81:e9:f4:e1:3d:d1:04:80:fc:
49:13:1c:e0:55:4e:44:5c:f4:78:e6:0e:b7:40:32:21:e3:7d:
a0:de:12:66:18:fd:29:e4:06:05:1a:aa:dd:7f:0f:7b:5e:0d:
d2:ed:d2:cb:26:30:fd:94:5d:a8:48:b6:a6:92:4a:46:76:ef:
a1:51:b0:5e:ca:d1:03:19:58:20:70:b3:7e:5e:7b:c6:47:5e:
4a:dc:dc:0f:3d:97:73:66:cc:56:8e:e8:cb:ab:4c:fc:7f:2b:
d1:66:d7:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ71MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzI0MDgxMTQ2WhcNMjQwODIzMDgxMTQ2WjAYMRYw
FAYDVQQDEw02NmEwYjc0NS1jMTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwLNoXzFstXnpeOFD51ndgBkV6bzWYtqZLdkOqOVBY6Qc1JGc7vvU4NBm
15+KFy3wtQhHs1KQubfjj4qNNTGZqHrfJmUm0mLBTJHgdOYGCjGCQfxxAy/ouKyd
TFMTqlHEi00UYuplAUKSksnuRtQOOuUh7O/OL8LxShiD8te9P7GD2vYoMBdnlswT
65sZZxYXWRTPoUfvV8o3diWu8CMco9rhiWZhJiJtISwpY7Kp1Qan1h190XAmhQrL
910/mKrhfgUfU9H7Y7ZP0qZACuSMOBcWhxaqve+0zC3SOduFDPYSfRB3Dj0AaZjp
KE+Mxl/xTZUxFtgFqEq0PyB8UGRddwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPMi
kW0pWo94/qgxGWeAKmCZsMfyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MDNCNTNDRTQ5OTQxMUVGOUZBRDY0QTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPaxMA0GCSqGSIb3DQEBCwUA
A4IBAQCiBSAHeZ6Zpah9trWqlaFtWNmL6gDR53Y2jQ5rv1QEMVvdHbhtvK6KbLBm
60jbwUXFHyYLNwtdfMHZtb+bnUq/85dpATErW3ibLcfwPWI+1yJhMlK0YvUJzOvP
pyB+msJBcjDo3mNS+gkl7SF31eQ65+wH3/ZlUkpYF53O0owd1H+u7zq+EQbnvDWk
RUR3QrorT94RRwIWJACB6fThPdEEgPxJExzgVU5EXPR45g63QDIh432g3hJmGP0p
5AYFGqrdfw97Xg3S7dLLJjD9lF2oSLamkkpGdu+hUbBeytEDGVggcLN+XnvGR15K
3NwPPZdzZsxWjujLq0z8fyvRZteS
-----END CERTIFICATE-----
Generated at Fri Aug 23 12:55:02 2024 by rpki-client on console-ams.rpki-client.org