Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65C5F0C449A811EFB54A0FAB762E951A.roa
File: 65C5F0C449A811EFB54A0FAB762E951A.roa (raw, json)
Hash identifier: gXWqmV2oESaHfRLZS1dGAPN0VfaNIeUcxySiSczdfCk=
Subject key identifier: 01:B6:BF:49:AF:5B:AD:B0:39:F7:4E:B2:A0:72:57:63:BC:8F:FC:45
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9F45
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65C5F0C449A811EFB54A0FAB762E951A.roa
Signing time: Wed 24 Jul 2024 10:35:08 +0000
ROA not before: Wed 24 Jul 2024 10:35:05 +0000
ROA not after: Fri 02 Aug 2024 10:35:05 +0000
asID: 204957
IP address blocks: 156.225.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40773 (0x9f45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 24 10:35:05 2024 GMT
Not After : Aug 2 10:35:05 2024 GMT
Subject: CN=66a0d8dc-ef71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:99:ab:63:bf:c9:7c:1b:b2:86:dd:d0:92:04:
42:4e:fc:36:9a:f7:e7:d0:dc:e8:29:21:08:75:44:
74:10:11:f8:1d:89:bc:69:f8:68:a8:a3:ec:bd:1b:
37:cb:0d:b6:70:c7:fc:7f:da:5a:c3:6b:8a:70:2d:
71:9c:19:c6:b7:9b:d4:97:12:bf:f5:3a:20:ba:12:
4d:53:8f:24:be:bd:78:62:56:ca:12:1b:d5:75:40:
4f:b4:83:7d:e9:72:09:a4:bf:31:03:83:04:5c:2e:
df:a6:02:32:36:41:72:12:f3:12:59:b8:ac:ad:05:
0d:cf:1e:9b:c1:63:68:ae:1c:49:e7:47:07:02:d4:
08:32:f3:04:28:e3:89:fe:f9:24:b5:08:f1:ad:f0:
82:96:dd:8d:a7:b1:71:8a:79:f6:31:69:42:86:f6:
56:37:8d:43:a4:a1:4c:6f:3e:95:03:fd:b0:29:60:
6a:7b:ec:74:c6:3a:f3:3b:4d:28:76:cd:a3:73:2d:
14:4f:0c:54:50:99:06:2b:18:5a:43:b5:64:ff:22:
a7:eb:b0:ed:85:6f:aa:71:86:15:48:3c:bd:70:d4:
9f:d9:47:b2:0b:33:60:39:a7:26:c4:d3:79:52:bc:
c1:37:d7:f3:e7:3d:a6:25:5a:f3:40:19:e0:e6:f0:
c6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:B6:BF:49:AF:5B:AD:B0:39:F7:4E:B2:A0:72:57:63:BC:8F:FC:45
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65C5F0C449A811EFB54A0FAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.11.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:a6:a4:7e:34:e3:95:61:2d:d7:13:3b:a1:c9:0d:70:2f:ec:
a1:ed:07:0d:55:7b:9f:8b:58:4b:69:de:98:8b:26:a7:6c:4b:
99:24:57:54:4d:c8:bb:05:19:9d:16:14:13:15:2b:8d:f8:a3:
21:d8:00:3b:12:78:88:b2:6a:98:3f:c0:a6:93:b0:2e:11:c5:
d3:ae:d5:25:d6:4f:27:29:88:ff:8e:38:ea:2d:e7:14:cd:01:
94:a2:bc:59:26:0c:84:fb:3c:ba:11:cd:32:04:39:a7:96:08:
e5:13:90:54:98:15:64:72:f4:9c:60:c3:28:5c:85:61:e4:3f:
a3:ae:c0:dd:04:bc:00:74:60:e3:72:be:26:f7:aa:7d:33:db:
b9:1f:d3:c2:8d:55:88:bf:41:d3:f9:56:a3:dd:38:c6:9e:89:
27:0e:71:18:f0:3c:d7:fd:fb:89:38:13:e8:e4:46:6a:a5:59:
89:62:60:f3:36:98:cb:2f:85:a5:1c:9d:8c:cd:0e:0d:f1:49:
6a:7c:46:7a:27:70:21:71:35:49:80:f6:98:dc:e6:22:ea:01:
03:20:4f:c0:34:52:84:e9:cc:d6:b6:06:8a:27:9d:a4:b6:e2:
d8:99:71:f6:9c:3f:68:77:b0:6a:0d:90:b6:ae:63:6a:19:c9:
cc:d7:b2:aa
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ9FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzI0MTAzNTA1WhcNMjQwODAyMTAzNTA1WjAYMRYw
FAYDVQQDEw02NmEwZDhkYy1lZjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu5mrY7/JfBuyht3QkgRCTvw2mvfn0NzoKSEIdUR0EBH4HYm8afhoqKPs
vRs3yw22cMf8f9paw2uKcC1xnBnGt5vUlxK/9ToguhJNU48kvr14YlbKEhvVdUBP
tIN96XIJpL8xA4MEXC7fpgIyNkFyEvMSWbisrQUNzx6bwWNorhxJ50cHAtQIMvME
KOOJ/vkktQjxrfCClt2Np7Fxinn2MWlChvZWN41DpKFMbz6VA/2wKWBqe+x0xjrz
O00ods2jcy0UTwxUUJkGKxhaQ7Vk/yKn67DthW+qcYYVSDy9cNSf2UeyCzNgOacm
xNN5UrzBN9fz5z2mJVrzQBng5vDG6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAG2
v0mvW62wOfdOsqByV2O8j/xFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NUM1RjBDNDQ5QTgxMUVGQjU0QTBGQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOELMA0GCSqGSIb3DQEBCwUA
A4IBAQAvpqR+NOOVYS3XEzuhyQ1wL+yh7QcNVXufi1hLad6YiyanbEuZJFdUTci7
BRmdFhQTFSuN+KMh2AA7EniIsmqYP8Cmk7AuEcXTrtUl1k8nKYj/jjjqLecUzQGU
orxZJgyE+zy6Ec0yBDmnlgjlE5BUmBVkcvScYMMoXIVh5D+jrsDdBLwAdGDjcr4m
96p9M9u5H9PCjVWIv0HT+Vaj3TjGnoknDnEY8DzX/fuJOBPo5EZqpVmJYmDzNpjL
L4WlHJ2MzQ4N8UlqfEZ6J3AhcTVJgPaY3OYi6gEDIE/ANFKE6czWtgaKJ52ktuLY
mXH2nD9od7BqDZC2rmNqGcnM17Kq
-----END CERTIFICATE-----
Generated at Fri Aug 2 14:56:24 2024 by rpki-client on console-ams.rpki-client.org