Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E23CA0249AD11EF92D7D24D762E951A.roa
File: 6E23CA0249AD11EF92D7D24D762E951A.roa (raw, json)
Hash identifier: uW//Q+qlttKJ3skfggoeHKMuCg4h6eLyFe49WOPtlzc=
Subject key identifier: 60:B6:D1:AC:A7:67:BD:79:37:CF:78:FA:E0:4C:0E:73:53:9A:A3:7A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9F5F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E23CA0249AD11EF92D7D24D762E951A.roa
Signing time: Wed 24 Jul 2024 11:11:10 +0000
ROA not before: Wed 24 Jul 2024 11:11:06 +0000
ROA not after: Fri 02 Aug 2024 11:11:06 +0000
asID: 20473
IP address blocks: 156.236.78.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40799 (0x9f5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 24 11:11:06 2024 GMT
Not After : Aug 2 11:11:06 2024 GMT
Subject: CN=66a0e14e-b77a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:5b:75:b6:6d:4a:99:ca:07:db:99:ee:27:e1:
f2:e1:21:07:a5:99:a8:c1:ff:e9:66:a7:9f:8a:7d:
c3:19:e7:18:ca:61:73:2c:91:b1:ba:e6:53:37:a4:
5b:e1:e4:a9:80:4f:85:af:84:d4:db:cf:49:44:5e:
e6:d7:0b:29:2d:59:78:f2:24:f2:4b:b7:ec:3a:83:
fb:11:d1:df:31:91:fa:44:7b:ea:c1:a0:a8:ee:9b:
3d:33:e5:fe:ff:cc:c2:ce:b9:f6:aa:6e:38:2c:37:
48:ea:73:50:73:d6:8e:a1:4e:f6:0b:55:49:bc:16:
db:c8:e5:7b:d1:08:3a:d9:9d:03:5f:e8:3c:fd:33:
a3:ac:f5:87:32:15:a9:6d:d6:45:71:e1:61:95:42:
7c:5d:ed:be:7d:60:70:da:07:da:84:f5:a1:6b:ec:
8b:08:f2:5d:00:1b:34:b4:1e:82:09:c5:ef:30:2b:
c6:ce:76:61:b0:83:87:48:7f:da:9c:96:30:57:6e:
d6:2c:41:da:5b:90:02:16:a0:52:cd:8a:95:ba:72:
57:bc:f6:2a:09:60:f5:3c:27:3a:38:a4:85:9c:03:
76:d9:33:13:c3:c7:e1:12:86:59:25:09:2e:ce:6d:
75:8c:ed:9c:57:d6:26:67:fe:4b:a0:0c:5b:ed:55:
f1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B6:D1:AC:A7:67:BD:79:37:CF:78:FA:E0:4C:0E:73:53:9A:A3:7A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E23CA0249AD11EF92D7D24D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.78.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:1b:37:f4:56:6c:65:ff:78:f5:cf:32:ef:f7:56:a7:37:68:
94:71:fe:cd:f4:a0:99:ec:f7:d8:8d:1f:c3:5a:25:a5:8d:f5:
33:75:28:9f:bb:93:4a:7d:ad:58:85:fa:0e:00:5e:0d:d9:21:
5d:83:c8:30:19:e1:25:ac:7e:ed:3c:06:c7:ac:1e:3d:19:01:
82:01:70:26:29:0b:77:00:d5:c1:af:2c:89:b8:39:a8:81:56:
80:92:f1:5c:08:5b:12:6e:66:62:60:28:b0:75:af:0a:67:3e:
7d:9e:68:10:09:13:7e:5e:ba:ea:35:9e:42:1a:99:39:20:cb:
15:aa:43:64:8e:bf:81:3a:dd:89:4a:2f:c6:9c:38:f6:0e:57:
64:de:2a:20:fd:ec:92:9f:27:a3:0d:0a:78:46:41:30:15:b8:
20:a7:c4:d8:4c:5c:24:b8:ee:73:19:84:9b:f1:77:38:bc:31:
aa:aa:89:d0:48:ce:98:8e:e2:0c:31:bb:0a:18:29:ef:40:9c:
40:f8:a4:f8:c6:9a:99:9c:ea:54:e3:ee:1e:62:24:81:05:57:
e8:73:4a:8d:e6:9e:d9:22:4c:36:7b:ac:8c:a3:26:f4:9f:aa:
f5:06:a0:26:d7:82:6e:6c:ed:ae:02:b0:37:97:76:92:ed:41:
49:6a:dc:b3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ9fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzI0MTExMTA2WhcNMjQwODAyMTExMTA2WjAYMRYw
FAYDVQQDEw02NmEwZTE0ZS1iNzdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA81t1tm1KmcoH25nuJ+Hy4SEHpZmowf/pZqefin3DGecYymFzLJGxuuZT
N6Rb4eSpgE+Fr4TU289JRF7m1wspLVl48iTyS7fsOoP7EdHfMZH6RHvqwaCo7ps9
M+X+/8zCzrn2qm44LDdI6nNQc9aOoU72C1VJvBbbyOV70Qg62Z0DX+g8/TOjrPWH
MhWpbdZFceFhlUJ8Xe2+fWBw2gfahPWha+yLCPJdABs0tB6CCcXvMCvGznZhsIOH
SH/anJYwV27WLEHaW5ACFqBSzYqVunJXvPYqCWD1PCc6OKSFnAN22TMTw8fhEoZZ
JQkuzm11jO2cV9YmZ/5LoAxb7VXxGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGC2
0aynZ715N894+uBMDnNTmqN6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RTIzQ0EwMjQ5QUQxMUVGOTJEN0QyNEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOxOMA0GCSqGSIb3DQEBCwUA
A4IBAQBfGzf0Vmxl/3j1zzLv91anN2iUcf7N9KCZ7PfYjR/DWiWljfUzdSifu5NK
fa1YhfoOAF4N2SFdg8gwGeElrH7tPAbHrB49GQGCAXAmKQt3ANXBryyJuDmogVaA
kvFcCFsSbmZiYCiwda8KZz59nmgQCRN+XrrqNZ5CGpk5IMsVqkNkjr+BOt2JSi/G
nDj2Dldk3iog/eySnyejDQp4RkEwFbggp8TYTFwkuO5zGYSb8Xc4vDGqqonQSM6Y
juIMMbsKGCnvQJxA+KT4xpqZnOpU4+4eYiSBBVfoc0qN5p7ZIkw2e6yMoyb0n6r1
BqAm14JubO2uArA3l3aS7UFJatyz
-----END CERTIFICATE-----
Generated at Fri Aug 2 16:11:33 2024 by rpki-client on console-fra.rpki-client.org