Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8AF99752A7DF11EF8222CCAB762E951A.roa
File: 8AF99752A7DF11EF8222CCAB762E951A.roa (raw, json)
Hash identifier: hJtjuBO+l9m+6cR9RJS69tX+E+Hupvo4Kar7oIdz4O4=
Subject key identifier: 49:06:FC:58:5A:A0:8B:CB:03:89:99:0C:87:F5:4B:3F:D6:C0:3E:42
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D71B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8AF99752A7DF11EF8222CCAB762E951A.roa
Signing time: Thu 21 Nov 2024 08:06:42 +0000
ROA not before: Sat 30 Nov 2024 08:06:39 +0000
ROA not after: Sat 30 Nov 2024 08:06:39 +0000
asID: 149014
IP address blocks: 156.236.96.0/22 maxlen: 24
Validation: Failed, certificate is not yet valid
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55067 (0xd71b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 30 08:06:39 2024 GMT
Not After : Nov 30 08:06:39 2024 GMT
Subject: CN=673eea12-363e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0d:c5:20:70:bd:6c:8f:87:26:68:56:a0:d1:
64:a0:18:85:ba:ff:2b:e7:5f:f4:27:b9:d2:ca:22:
da:d0:24:14:cd:49:be:ee:27:fc:7b:cf:87:ee:9f:
89:79:af:59:05:1a:11:15:3a:60:0f:c8:f2:9b:50:
ae:fc:dd:6d:bb:10:7b:7d:4a:a9:12:bf:dc:31:3e:
8e:07:d2:4b:8b:6c:c4:e9:e2:f0:c0:98:b1:5e:ef:
77:6f:0f:6f:93:15:24:47:1e:1f:b6:30:ac:11:13:
7a:91:18:64:4c:11:3c:83:66:fb:13:af:9c:70:2b:
29:05:a3:57:e7:50:8e:16:41:0d:fb:cb:14:5d:3f:
e7:f2:ee:76:ea:ff:03:e9:78:4e:46:65:c1:7e:62:
43:06:54:88:df:ca:58:53:83:78:d0:ab:e9:43:29:
61:3c:fd:94:73:d6:c3:73:ac:7b:22:d6:22:c8:4c:
b8:1f:52:bb:62:49:2e:28:0a:2b:f3:bc:02:6c:b0:
70:fb:0a:05:eb:41:14:1a:13:ed:3c:64:5e:e4:f3:
0e:eb:9f:7f:af:b5:0d:47:18:b3:90:c5:61:a4:76:
f5:95:20:9a:d8:ca:46:03:c5:ad:7d:87:b7:b7:f5:
c4:c4:64:0d:d7:6a:39:ef:c4:cc:a7:6a:68:b9:1d:
62:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:06:FC:58:5A:A0:8B:CB:03:89:99:0C:87:F5:4B:3F:D6:C0:3E:42
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8AF99752A7DF11EF8222CCAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.96.0/22
Signature Algorithm: sha256WithRSAEncryption
27:25:d0:25:72:7d:cb:9f:32:10:f0:fa:63:34:7f:9e:6d:90:
73:f5:c3:3d:25:e7:df:f1:28:6a:a8:6e:9b:3b:0d:39:e5:ed:
0e:6c:c9:02:66:a9:8e:33:a5:66:c7:ad:a5:f8:f9:bc:7f:8a:
47:67:bf:0e:2a:5f:c6:d7:2f:61:17:93:f9:8f:7a:15:66:a4:
36:ba:32:a3:e3:28:51:65:5b:33:5b:c5:58:93:51:ff:2a:35:
ab:54:84:55:19:6d:5c:95:ba:33:d3:30:2a:aa:46:05:1b:ae:
6c:cf:31:82:b5:a0:bf:a5:3c:26:f8:66:82:0a:56:8a:61:87:
5c:db:3a:d2:60:1f:c8:b4:03:6b:da:8f:c7:aa:21:25:25:b0:
46:7a:25:78:e9:44:0a:84:84:47:d7:f2:42:4f:a1:cc:08:1c:
22:62:31:60:d3:55:dc:da:a8:44:23:ca:f5:2c:5b:a8:1b:3d:
ff:d0:bb:8a:37:85:39:6f:11:92:1b:51:8b:e3:c2:41:3c:85:
86:52:f7:9f:84:fe:c3:fb:c8:69:6c:dd:08:ba:d7:ec:6a:40:
6a:a1:80:12:b4:d2:5b:50:2f:07:d0:0c:3f:1f:72:05:17:14:
2c:52:dd:c3:d5:a0:44:3b:88:0e:0d:71:7a:95:03:f4:6c:98:
35:e7:71:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANcbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTMwMDgwNjM5WhcNMjQxMTMwMDgwNjM5WjAYMRYw
FAYDVQQDEw02NzNlZWExMi0zNjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxw3FIHC9bI+HJmhWoNFkoBiFuv8r51/0J7nSyiLa0CQUzUm+7if8e8+H
7p+Jea9ZBRoRFTpgD8jym1Cu/N1tuxB7fUqpEr/cMT6OB9JLi2zE6eLwwJixXu93
bw9vkxUkRx4ftjCsERN6kRhkTBE8g2b7E6+ccCspBaNX51COFkEN+8sUXT/n8u52
6v8D6XhORmXBfmJDBlSI38pYU4N40KvpQylhPP2Uc9bDc6x7ItYiyEy4H1K7Ykku
KAor87wCbLBw+woF60EUGhPtPGRe5PMO659/r7UNRxizkMVhpHb1lSCa2MpGA8Wt
fYe3t/XExGQN12o578TMp2pouR1ijwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEkG
/FhaoIvLA4mZDIf1Sz/WwD5CMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QUY5OTc1MkE3REYxMUVGODIyMkNDQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOxgMA0GCSqGSIb3DQEBCwUA
A4IBAQAnJdAlcn3LnzIQ8PpjNH+ebZBz9cM9Jeff8ShqqG6bOw055e0ObMkCZqmO
M6Vmx62l+Pm8f4pHZ78OKl/G1y9hF5P5j3oVZqQ2ujKj4yhRZVszW8VYk1H/KjWr
VIRVGW1clboz0zAqqkYFG65szzGCtaC/pTwm+GaCClaKYYdc2zrSYB/ItANr2o/H
qiElJbBGeiV46UQKhIRH1/JCT6HMCBwiYjFg01Xc2qhEI8r1LFuoGz3/0LuKN4U5
bxGSG1GL48JBPIWGUvefhP7D+8hpbN0IutfsakBqoYAStNJbUC8H0Aw/H3IFFxQs
Ut3D1aBEO4gODXF6lQP0bJg153E+
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:38 2024 by rpki-client on console-fra.rpki-client.org