Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98296940FB9411EEBEE77756017001B1.roa
File: 98296940FB9411EEBEE77756017001B1.roa (raw, json)
Hash identifier: m8CHeV3VI6cy/5d5o1Cda0zFBt9Ze7sIuZuBPMiaaz4=
Subject key identifier: 43:B2:2B:8D:2E:C1:58:BF:16:D5:D8:A5:94:99:9F:85:DE:A6:AA:5C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8275
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98296940FB9411EEBEE77756017001B1.roa
Signing time: Tue 16 Apr 2024 01:56:52 +0000
ROA not before: Tue 16 Apr 2024 01:56:49 +0000
ROA not after: Mon 29 Apr 2024 01:56:49 +0000
asID: 141883
IP address blocks: 156.240.32.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33397 (0x8275)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 16 01:56:49 2024 GMT
Not After : Apr 29 01:56:49 2024 GMT
Subject: CN=661ddae4-ca38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:91:26:fa:ab:f3:51:71:7a:cd:6e:1b:ef:19:
e5:0f:9e:68:e2:0d:f6:3b:70:58:77:8f:bf:04:7f:
68:e6:6b:af:82:09:b3:f9:78:f9:7c:d3:81:0e:34:
61:73:49:47:00:51:70:0b:0a:42:17:72:4f:3d:ed:
86:eb:e1:7e:eb:b8:84:24:75:ae:57:3d:62:41:ed:
94:b4:99:bd:61:66:4b:c1:ba:3a:7b:ee:ad:6c:2f:
79:94:f4:a8:f2:3a:8e:e3:e9:90:57:52:ff:fd:40:
a7:9f:2d:fb:0f:17:de:e4:a6:cd:70:cd:11:4f:fc:
34:d4:97:1b:1c:c1:34:06:8e:02:bb:43:7c:18:9a:
54:ab:63:72:f7:56:a9:44:9c:26:b5:32:0a:d5:c4:
03:1a:51:79:65:bb:15:ce:9f:7b:de:9d:26:34:cd:
a6:62:61:20:7d:47:8d:09:e1:68:b3:5e:61:f3:d0:
34:43:7e:bd:69:bb:f3:de:f6:ae:45:70:48:29:51:
3e:2b:5a:63:1e:78:cd:7d:6a:0a:07:81:16:02:b6:
eb:06:b8:4b:fb:48:76:4d:03:75:40:a2:3e:74:93:
b3:8b:be:34:75:29:89:35:2e:74:34:df:60:dd:32:
e9:78:8d:31:44:a8:f0:72:83:e4:41:03:05:ab:35:
9a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B2:2B:8D:2E:C1:58:BF:16:D5:D8:A5:94:99:9F:85:DE:A6:AA:5C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98296940FB9411EEBEE77756017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.32.0/20
Signature Algorithm: sha256WithRSAEncryption
b7:a3:b8:44:a0:da:90:a1:f1:8d:40:4c:af:fd:83:83:95:52:
28:bb:25:40:4a:25:18:71:9f:7d:8e:8c:85:df:4e:e0:53:0b:
18:cc:f5:9c:9d:31:55:43:9b:5d:5f:e4:e9:53:83:77:a3:80:
25:c1:a9:68:88:5d:43:0e:78:e5:b1:f1:9c:d4:dc:c2:0d:4c:
37:ed:5f:59:30:7f:4b:70:b9:23:e7:1a:dc:23:49:ee:a5:0e:
1a:25:6f:f8:be:fd:73:f1:d8:06:6a:d1:9f:9c:ad:81:03:e3:
e1:6b:e5:70:ea:72:01:f6:4c:1f:f6:77:46:64:83:ca:52:25:
1c:9b:e2:c4:0b:3f:05:59:fd:dc:44:70:a0:bf:8e:40:14:08:
66:58:a3:04:08:6f:32:56:64:08:f1:fa:d0:44:ea:e9:88:9f:
bd:81:d5:a7:0b:e4:6c:f1:68:ec:75:18:de:29:2a:4b:69:bb:
af:34:2d:b7:2c:b7:91:18:d8:83:35:03:93:29:1a:60:0f:db:
1d:b2:10:4e:ce:22:83:62:68:8c:87:b6:28:cd:07:42:90:1a:
b5:d0:45:92:af:08:10:21:03:c1:df:dc:d3:2d:83:bb:4c:76:
20:e9:6b:95:07:cc:d1:86:55:bd:3f:28:36:c8:6a:69:04:f3:
fa:e1:3d:10
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIJ1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDE2MDE1NjQ5WhcNMjQwNDI5MDE1NjQ5WjAYMRYw
FAYDVQQDEw02NjFkZGFlNC1jYTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy5Em+qvzUXF6zW4b7xnlD55o4g32O3BYd4+/BH9o5muvggmz+Xj5fNOB
DjRhc0lHAFFwCwpCF3JPPe2G6+F+67iEJHWuVz1iQe2UtJm9YWZLwbo6e+6tbC95
lPSo8jqO4+mQV1L//UCnny37Dxfe5KbNcM0RT/w01JcbHME0Bo4Cu0N8GJpUq2Ny
91apRJwmtTIK1cQDGlF5ZbsVzp973p0mNM2mYmEgfUeNCeFos15h89A0Q369abvz
3vauRXBIKVE+K1pjHnjNfWoKB4EWArbrBrhL+0h2TQN1QKI+dJOzi740dSmJNS50
NN9g3TLpeI0xRKjwcoPkQQMFqzWaaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEOy
K40uwVi/FtXYpZSZn4XepqpcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85ODI5Njk0MEZCOTQxMUVFQkVFNzc3NTYwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPAgMA0GCSqGSIb3DQEBCwUA
A4IBAQC3o7hEoNqQofGNQEyv/YODlVIouyVASiUYcZ99joyF307gUwsYzPWcnTFV
Q5tdX+TpU4N3o4AlwaloiF1DDnjlsfGc1NzCDUw37V9ZMH9LcLkj5xrcI0nupQ4a
JW/4vv1z8dgGatGfnK2BA+Pha+Vw6nIB9kwf9ndGZIPKUiUcm+LECz8FWf3cRHCg
v45AFAhmWKMECG8yVmQI8frQROrpiJ+9gdWnC+Rs8WjsdRjeKSpLabuvNC23LLeR
GNiDNQOTKRpgD9sdshBOziKDYmiMh7YozQdCkBq10EWSrwgQIQPB39zTLYO7THYg
6WuVB8zRhlW9Pyg2yGppBPP64T0Q
-----END CERTIFICATE-----
Generated at Mon Apr 29 04:17:23 2024 by rpki-client on console-fra.rpki-client.org