Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E3510107F0D11EFAB8A7346762E951A.roa
File: 6E3510107F0D11EFAB8A7346762E951A.roa (raw, json)
Hash identifier: 4TOkJ7vWQfTsI8tBxFcqfcxaONHGwlZ+76P0xPmMx+E=
Subject key identifier: 7E:5F:E6:AF:89:79:1E:39:36:8A:F3:FD:AF:85:76:78:B5:01:C7:D4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: BDAF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E3510107F0D11EFAB8A7346762E951A.roa
Signing time: Mon 30 Sep 2024 09:21:53 +0000
ROA not before: Mon 30 Sep 2024 09:21:50 +0000
ROA not after: Thu 21 Nov 2024 09:21:50 +0000
asID: 63139
IP address blocks: 156.227.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48559 (0xbdaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 30 09:21:50 2024 GMT
Not After : Nov 21 09:21:50 2024 GMT
Subject: CN=66fa6db1-803b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:18:08:bf:8f:f6:10:57:f8:63:ac:92:45:2f:
f3:27:56:5f:51:9a:03:05:93:5a:1c:bf:5c:ad:d6:
76:b5:e5:4e:93:c3:ee:80:51:5d:08:a4:58:3d:aa:
d8:a5:df:9b:d9:eb:30:95:8d:fc:35:61:ba:6c:3f:
c0:7a:04:41:82:84:6f:de:89:dc:5d:1f:37:70:64:
3a:31:df:38:be:03:b1:98:07:a6:91:57:22:66:8d:
08:4c:e6:fd:4f:9c:62:df:4f:42:64:57:cb:be:f7:
c2:30:ca:44:5e:af:14:08:28:6e:f2:da:c1:42:d2:
72:80:24:ba:d1:68:0c:f2:8e:de:c9:38:7f:f0:2d:
93:9a:45:ea:69:b5:47:30:0f:ee:b0:09:98:12:e4:
a7:c8:88:da:2e:d0:e9:20:b6:3e:64:86:c4:8e:99:
95:da:27:65:8a:8b:ef:bd:50:df:f2:a5:5f:87:da:
25:48:ac:8d:d8:9f:b4:a8:ef:1a:fe:63:d2:8f:bd:
5c:67:b8:de:f8:63:8e:c8:fd:cc:b4:2d:6f:cf:c7:
58:c6:3e:f4:f3:da:32:5c:bb:e8:eb:db:4f:55:5f:
ca:7b:f9:9d:7a:68:d3:1a:57:0c:8d:71:5f:ea:d8:
eb:79:81:8e:e1:e3:4c:e5:39:18:8e:59:36:33:84:
d4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:5F:E6:AF:89:79:1E:39:36:8A:F3:FD:AF:85:76:78:B5:01:C7:D4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E3510107F0D11EFAB8A7346762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.252.0/22
Signature Algorithm: sha256WithRSAEncryption
11:70:b9:7d:9f:d8:41:67:d9:c6:cb:98:4d:c3:53:65:16:d5:
a3:14:c5:95:09:b6:23:dd:d3:36:7a:51:6e:ab:aa:83:cf:4f:
f1:9a:64:97:b9:08:20:c5:fe:45:50:c6:96:fe:0c:3d:d4:56:
ba:f0:1f:d1:9a:f3:73:70:97:fc:1f:8a:bf:9b:b1:96:de:88:
30:66:26:62:f1:9c:a4:0d:f4:38:2d:90:ac:90:10:48:1e:41:
2d:4f:bd:c4:0e:c9:3a:c9:4c:e9:26:15:fc:c1:91:56:fd:37:
df:89:3d:da:9c:52:c8:e4:f1:f5:26:be:bc:e9:3f:0b:9d:ef:
81:83:54:f1:fe:9a:50:56:df:ea:0e:5a:5a:5a:3a:5b:e5:65:
23:b7:88:eb:98:6f:2b:f8:3b:b2:59:c9:7b:86:95:48:7d:40:
23:73:79:42:9d:53:4b:ff:10:9d:84:c0:7b:05:93:cf:99:b1:
1c:7d:6f:7e:df:ba:4c:0f:ef:0d:89:d5:c4:b4:1c:68:22:99:
18:98:e5:7b:fa:86:cb:f4:bd:32:05:9a:91:f2:ca:d5:ac:23:
05:2c:3c:f8:8b:92:6c:b1:ab:60:89:c1:fb:31:58:c2:1b:37:
7c:85:70:17:3a:2d:92:11:de:48:f9:45:93:54:41:59:f8:3a:
70:ca:09:41
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAL2vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwOTMwMDkyMTUwWhcNMjQxMTIxMDkyMTUwWjAYMRYw
FAYDVQQDEw02NmZhNmRiMS04MDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAohgIv4/2EFf4Y6ySRS/zJ1ZfUZoDBZNaHL9crdZ2teVOk8PugFFdCKRY
ParYpd+b2eswlY38NWG6bD/AegRBgoRv3oncXR83cGQ6Md84vgOxmAemkVciZo0I
TOb9T5xi309CZFfLvvfCMMpEXq8UCChu8trBQtJygCS60WgM8o7eyTh/8C2TmkXq
abVHMA/usAmYEuSnyIjaLtDpILY+ZIbEjpmV2idliovvvVDf8qVfh9olSKyN2J+0
qO8a/mPSj71cZ7je+GOOyP3MtC1vz8dYxj7089oyXLvo69tPVV/Ke/mdemjTGlcM
jXFf6tjreYGO4eNM5TkYjlk2M4TUcwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH5f
5q+JeR45Norz/a+Fdni1AcfUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RTM1MTAxMDdGMEQxMUVGQUI4QTczNDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOP8MA0GCSqGSIb3DQEBCwUA
A4IBAQARcLl9n9hBZ9nGy5hNw1NlFtWjFMWVCbYj3dM2elFuq6qDz0/xmmSXuQgg
xf5FUMaW/gw91Fa68B/RmvNzcJf8H4q/m7GW3ogwZiZi8ZykDfQ4LZCskBBIHkEt
T73EDsk6yUzpJhX8wZFW/TffiT3anFLI5PH1Jr686T8Lne+Bg1Tx/ppQVt/qDlpa
Wjpb5WUjt4jrmG8r+DuyWcl7hpVIfUAjc3lCnVNL/xCdhMB7BZPPmbEcfW9+37pM
D+8NidXEtBxoIpkYmOV7+obL9L0yBZqR8srVrCMFLDz4i5JssatgicH7MVjCGzd8
hXAXOi2SEd5I+UWTVEFZ+DpwyglB
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:34 2024 by rpki-client on console-fra.rpki-client.org