Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/63E25AD247EF11EFA4E3C777762E951A.roa
File: 63E25AD247EF11EFA4E3C777762E951A.roa (raw, json)
Hash identifier: febMP7AeP+9Rc/VUq4a9I9OWHGB0ghcVoeeJ12eioqY=
Subject key identifier: 5F:2C:EC:76:A9:5E:08:87:67:51:C1:ED:D3:EA:6A:23:68:2C:A2:C9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9E4F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/63E25AD247EF11EFA4E3C777762E951A.roa
Signing time: Mon 22 Jul 2024 05:58:17 +0000
ROA not before: Mon 22 Jul 2024 05:58:14 +0000
ROA not after: Wed 31 Jul 2024 05:58:14 +0000
asID: 137547
IP address blocks: 156.245.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40527 (0x9e4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 22 05:58:14 2024 GMT
Not After : Jul 31 05:58:14 2024 GMT
Subject: CN=669df4f9-8619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:23:10:87:dd:b7:c3:3b:23:47:e1:8f:32:92:
fd:82:c1:58:a6:fb:8b:13:20:0b:01:1c:d8:15:b6:
c7:c4:1d:7e:93:a6:3e:7c:9e:dc:24:27:86:72:ef:
53:c2:af:57:cd:c1:b9:7c:e9:7c:68:e3:ec:0a:41:
c1:06:bb:c0:1f:d9:9d:d7:b8:a9:00:33:12:51:23:
19:d0:e0:b8:c7:98:c3:3e:d4:c6:d6:cb:68:c1:26:
d6:f8:6d:78:3b:41:e2:31:1f:93:19:5a:a9:5d:bf:
3d:67:35:03:32:33:7f:8f:80:8c:3e:1b:0e:fe:a0:
18:d3:31:91:17:d4:c3:59:c5:29:ff:5e:0b:64:6a:
5b:eb:d4:45:0c:09:29:b2:c6:1d:61:7c:5e:df:c0:
81:28:75:6b:86:b7:b5:dc:7f:90:9d:b2:1a:d3:9a:
2e:05:44:68:40:92:11:c8:5d:7f:00:6f:6b:04:d4:
07:13:4e:6a:c3:70:c0:9e:70:c7:0b:c2:8a:f6:16:
e3:60:7a:6c:9f:1f:7d:9f:5b:c9:79:82:20:75:22:
c2:2d:3e:a7:b1:fc:93:44:24:81:12:4a:cd:c5:40:
84:48:ef:d4:34:1a:82:82:d4:7b:0f:11:b1:25:22:
f8:13:37:bb:44:9f:78:bf:37:95:e1:33:74:5d:88:
11:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2C:EC:76:A9:5E:08:87:67:51:C1:ED:D3:EA:6A:23:68:2C:A2:C9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/63E25AD247EF11EFA4E3C777762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.128.0/21
Signature Algorithm: sha256WithRSAEncryption
85:ad:57:91:ee:81:b4:f1:a6:96:87:96:21:cb:7b:18:26:4d:
e9:a4:f6:a2:6c:59:b8:1e:c9:49:0b:a1:ef:1a:18:3a:72:b5:
b9:75:47:33:f0:32:c0:44:67:0c:b8:a1:16:41:5b:aa:3b:86:
5e:a1:84:6b:75:54:c6:38:bb:94:1a:87:7b:2d:eb:34:5c:09:
71:ed:be:f8:02:9f:d0:66:ca:97:1c:f9:f4:fc:3b:73:fc:b5:
e9:03:08:33:14:d2:55:4f:34:93:05:05:29:93:d0:d1:af:de:
d7:aa:88:4a:f1:02:19:e6:94:aa:06:8f:9a:a3:74:a6:e2:13:
84:b4:75:f3:f4:49:ef:06:67:86:82:81:46:f8:80:54:1c:29:
4c:a8:29:60:e2:cc:4a:38:d3:c0:36:2c:3e:d6:13:6c:35:45:
c9:97:f5:47:df:df:db:d6:ed:15:40:a6:f9:31:1a:30:af:4f:
94:b0:44:08:56:6b:98:ae:5b:24:51:f6:46:f1:64:0d:78:96:
d2:dc:21:e7:17:35:90:71:50:5a:0a:5f:0c:4f:91:34:27:6f:
67:ac:13:68:06:d6:d6:30:ce:46:4a:68:0a:e1:3e:df:c0:d3:
f2:b4:17:9f:3a:33:26:20:b3:a3:d1:1c:79:65:5b:ae:b8:b4:
2c:32:17:f3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ5PMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzIyMDU1ODE0WhcNMjQwNzMxMDU1ODE0WjAYMRYw
FAYDVQQDEw02NjlkZjRmOS04NjE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5SMQh923wzsjR+GPMpL9gsFYpvuLEyALARzYFbbHxB1+k6Y+fJ7cJCeG
cu9Twq9XzcG5fOl8aOPsCkHBBrvAH9md17ipADMSUSMZ0OC4x5jDPtTG1stowSbW
+G14O0HiMR+TGVqpXb89ZzUDMjN/j4CMPhsO/qAY0zGRF9TDWcUp/14LZGpb69RF
DAkpssYdYXxe38CBKHVrhre13H+QnbIa05ouBURoQJIRyF1/AG9rBNQHE05qw3DA
nnDHC8KK9hbjYHpsnx99n1vJeYIgdSLCLT6nsfyTRCSBEkrNxUCESO/UNBqCgtR7
DxGxJSL4Eze7RJ94vzeV4TN0XYgRcQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF8s
7HapXgiHZ1HB7dPqaiNoLKLJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82M0UyNUFEMjQ3RUYxMUVGQTRFM0M3Nzc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPWAMA0GCSqGSIb3DQEBCwUA
A4IBAQCFrVeR7oG08aaWh5Yhy3sYJk3ppPaibFm4HslJC6HvGhg6crW5dUcz8DLA
RGcMuKEWQVuqO4ZeoYRrdVTGOLuUGod7Les0XAlx7b74Ap/QZsqXHPn0/Dtz/LXp
AwgzFNJVTzSTBQUpk9DRr97XqohK8QIZ5pSqBo+ao3Sm4hOEtHXz9EnvBmeGgoFG
+IBUHClMqClg4sxKONPANiw+1hNsNUXJl/VH39/b1u0VQKb5MRowr0+UsEQIVmuY
rlskUfZG8WQNeJbS3CHnFzWQcVBaCl8MT5E0J29nrBNoBtbWMM5GSmgK4T7fwNPy
tBefOjMmILOj0Rx5ZVuuuLQsMhfz
-----END CERTIFICATE-----
Generated at Wed Jul 31 12:40:21 2024 by rpki-client on console-fra.rpki-client.org