Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/855EAB7E49A811EFB4461AAB762E951A.roa
File: 855EAB7E49A811EFB4461AAB762E951A.roa (raw, json)
Hash identifier: xYyu1rNVZ0Rbq3B9bfXrl/El355feiKoA85qYkN2KfE=
Subject key identifier: 6E:D8:F0:E0:88:A6:4F:5A:83:CC:9F:06:6D:28:C4:40:A1:4C:64:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9F47
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/855EAB7E49A811EFB4461AAB762E951A.roa
Signing time: Wed 24 Jul 2024 10:36:01 +0000
ROA not before: Wed 24 Jul 2024 10:35:58 +0000
ROA not after: Fri 02 Aug 2024 10:35:58 +0000
asID: 204957
IP address blocks: 156.225.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40775 (0x9f47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 24 10:35:58 2024 GMT
Not After : Aug 2 10:35:58 2024 GMT
Subject: CN=66a0d911-0fb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1d:99:85:ad:8a:44:0a:3a:ec:53:20:86:23:
a9:73:c0:8a:f1:62:82:3c:3d:6e:64:d2:84:04:8d:
03:17:3a:70:4d:b1:d6:e8:52:00:67:04:44:1a:c2:
58:73:70:71:ab:d5:61:c9:40:67:0c:8b:36:36:16:
64:32:f5:9d:40:25:dd:47:01:db:fc:38:91:fa:a8:
04:f2:09:4d:f1:fd:aa:8f:c8:9b:b7:cf:64:73:7a:
3f:05:40:92:4a:0e:bd:de:01:78:04:d4:25:98:2e:
05:13:28:67:fc:2a:76:19:b1:dd:6c:b9:06:d0:60:
34:95:8f:57:6b:aa:53:df:a9:aa:9d:38:68:7d:d6:
53:0e:63:6c:6f:b7:b3:79:42:89:ed:c4:47:70:5f:
78:3b:cd:34:42:8b:9a:f9:db:ac:76:27:e4:2f:f7:
62:fa:1e:d8:51:6d:e0:ee:a3:9f:8b:0e:f7:45:78:
b5:e0:5e:87:f0:57:33:dd:f5:d6:63:d9:c4:65:27:
5a:fe:a7:2d:71:9c:ea:db:19:65:7c:b3:30:d6:13:
b5:4d:68:27:b8:b2:63:15:45:dc:dc:cf:81:54:73:
df:3b:bc:73:97:5e:01:d8:dc:f2:54:85:b2:d0:1c:
e1:40:cb:19:47:10:4a:d9:61:84:c5:81:3e:57:0d:
fa:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D8:F0:E0:88:A6:4F:5A:83:CC:9F:06:6D:28:C4:40:A1:4C:64:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/855EAB7E49A811EFB4461AAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.5.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:9b:8d:1f:90:69:e7:b9:a0:64:49:8d:b8:8e:57:94:7a:72:
b3:03:95:d0:89:92:6f:a0:da:17:e6:97:dd:1e:c6:8a:68:ab:
ef:57:87:4d:7c:0a:f3:c6:3f:d1:1c:38:ef:1e:96:65:63:00:
62:85:b8:2b:dd:ca:cf:f2:af:c1:11:d6:c4:57:9e:c5:de:81:
15:91:03:e7:b3:0f:30:fc:20:b4:19:22:71:db:dc:25:40:45:
7d:34:7b:26:6c:fc:8f:de:d0:6b:55:38:95:95:44:45:20:84:
0a:e4:3e:52:0e:96:0d:4a:f9:9e:0a:dd:ca:16:7e:de:e4:60:
db:8b:45:2c:32:f3:d9:e1:bd:ee:0e:99:36:4f:4d:6c:10:95:
04:fb:5b:9d:4e:2d:1e:a3:e1:48:91:b0:d4:41:64:2c:17:c0:
a9:c3:63:28:28:e9:95:9a:1e:c2:dc:77:e2:e8:68:49:9a:41:
c5:9e:5d:ae:1a:23:84:25:88:1a:7e:27:5c:0e:99:3c:af:6b:
97:75:66:ee:ec:4d:07:83:1f:07:58:ee:92:02:e4:b2:f7:01:
36:e7:74:0d:12:c6:cb:02:df:67:ab:77:70:39:a6:81:60:bb:
a2:52:9f:91:8d:a4:6a:ca:85:fb:37:59:2d:bb:7d:7a:bf:1e:
82:6a:04:6d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ9HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzI0MTAzNTU4WhcNMjQwODAyMTAzNTU4WjAYMRYw
FAYDVQQDEw02NmEwZDkxMS0wZmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2h2Zha2KRAo67FMghiOpc8CK8WKCPD1uZNKEBI0DFzpwTbHW6FIAZwRE
GsJYc3Bxq9VhyUBnDIs2NhZkMvWdQCXdRwHb/DiR+qgE8glN8f2qj8ibt89kc3o/
BUCSSg693gF4BNQlmC4FEyhn/Cp2GbHdbLkG0GA0lY9Xa6pT36mqnThofdZTDmNs
b7ezeUKJ7cRHcF94O800Qoua+dusdifkL/di+h7YUW3g7qOfiw73RXi14F6H8Fcz
3fXWY9nEZSda/qctcZzq2xllfLMw1hO1TWgnuLJjFUXc3M+BVHPfO7xzl14B2Nzy
VIWy0BzhQMsZRxBK2WGExYE+Vw36nQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG7Y
8OCIpk9ag8yfBm0oxEChTGSnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NTVFQUI3RTQ5QTgxMUVGQjQ0NjFBQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEFMA0GCSqGSIb3DQEBCwUA
A4IBAQC1m40fkGnnuaBkSY24jleUenKzA5XQiZJvoNoX5pfdHsaKaKvvV4dNfArz
xj/RHDjvHpZlYwBihbgr3crP8q/BEdbEV57F3oEVkQPnsw8w/CC0GSJx29wlQEV9
NHsmbPyP3tBrVTiVlURFIIQK5D5SDpYNSvmeCt3KFn7e5GDbi0UsMvPZ4b3uDpk2
T01sEJUE+1udTi0eo+FIkbDUQWQsF8Cpw2MoKOmVmh7C3Hfi6GhJmkHFnl2uGiOE
JYgafidcDpk8r2uXdWbu7E0Hgx8HWO6SAuSy9wE253QNEsbLAt9nq3dwOaaBYLui
Up+RjaRqyoX7N1ktu316vx6CagRt
-----END CERTIFICATE-----
Generated at Fri Aug 2 14:56:25 2024 by rpki-client on console-ams.rpki-client.org