Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A478E32EF0BD11EEA09CEF5B775412E6.roa
File: A478E32EF0BD11EEA09CEF5B775412E6.roa (raw, json)
Hash identifier: QLDRVh7unCS6A4Zj0ptIqwnHnI20OlJAUg4GqJ44kOo=
Subject key identifier: C1:78:02:9C:D1:73:04:80:8D:EB:91:C7:D0:D3:F5:F7:36:30:2D:FA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 813A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A478E32EF0BD11EEA09CEF5B775412E6.roa
Signing time: Tue 02 Apr 2024 06:52:59 +0000
ROA not before: Tue 02 Apr 2024 06:52:56 +0000
ROA not after: Mon 29 Apr 2024 06:52:56 +0000
asID: 139646
IP address blocks: 156.246.4.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33082 (0x813a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 2 06:52:56 2024 GMT
Not After : Apr 29 06:52:56 2024 GMT
Subject: CN=660bab4b-c071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2d:84:ee:37:64:4c:4c:08:c2:53:c1:8d:39:
45:2e:d9:7d:d1:31:af:6f:8c:f8:25:fe:2a:a8:d1:
c5:a4:0e:b0:4d:98:c5:c1:73:77:8e:d1:f6:48:68:
ef:55:ae:3b:fd:d2:82:fa:ca:c1:a6:91:cf:7f:81:
67:d7:f5:18:34:4b:13:7d:b0:85:b8:d0:54:c6:63:
ec:e5:c0:bf:b3:38:52:c1:f9:f6:5e:0a:89:84:d2:
41:60:7f:64:09:61:bd:13:cf:e0:68:6b:5d:6f:39:
22:6b:3b:22:2e:8a:85:fd:32:20:4f:af:b7:78:c8:
a5:14:a6:3c:a6:10:23:01:10:85:88:bd:bf:f9:55:
cd:9b:57:28:00:38:20:fc:44:56:bc:71:21:8b:fd:
fa:62:c0:4f:d3:33:26:1b:03:18:06:85:a7:ee:ae:
f0:7c:c2:b7:1b:0d:36:57:ee:bc:b0:2f:85:93:a2:
da:b5:92:25:af:9b:de:ab:25:2a:19:3f:7a:cb:6f:
0c:28:f3:e4:88:c3:0b:2e:e6:54:ad:0c:a8:cf:3f:
99:a8:29:60:df:e0:15:93:82:5b:c5:e5:4e:0c:85:
9b:d0:bc:aa:16:b5:76:47:89:11:d6:92:20:3e:fb:
c4:f4:c0:25:6f:32:b3:18:be:cb:23:47:55:11:4c:
d5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:78:02:9C:D1:73:04:80:8D:EB:91:C7:D0:D3:F5:F7:36:30:2D:FA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A478E32EF0BD11EEA09CEF5B775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.4.0/23
Signature Algorithm: sha256WithRSAEncryption
76:20:59:5d:39:03:dc:24:4b:bb:83:30:7d:32:79:75:80:94:
65:65:3d:ac:0c:6f:80:2d:7f:25:6a:10:39:d1:49:c9:a6:ca:
12:1f:65:25:1a:00:df:a4:22:b8:97:65:59:16:2a:e2:bb:a8:
8a:4b:00:af:33:8e:5a:43:7a:8f:e7:bf:f8:f2:4b:48:48:10:
ea:2e:2d:c7:41:a8:04:36:94:fa:ca:20:54:89:cc:83:53:5c:
37:e5:98:fb:36:25:bb:ce:ea:2a:dc:1f:7f:a6:9f:fe:92:0d:
fe:49:c1:1d:93:e3:57:3f:ba:d3:a7:fe:06:1d:59:56:d7:63:
19:5a:7a:9c:f1:08:3c:b4:5c:7f:3d:07:41:f8:00:5f:93:b1:
2c:d5:f4:60:7e:3f:ab:2d:80:38:07:9b:ff:78:54:10:b2:ec:
3b:ba:a6:57:bf:2f:88:3d:f2:d9:04:22:0f:f6:52:f5:aa:01:
83:24:f5:30:fb:48:00:41:80:5d:05:9a:fe:11:d5:fd:9e:3d:
1e:86:1e:82:33:33:bc:41:c3:e6:00:1c:91:7d:ab:74:b2:8f:
c8:03:79:54:bc:0f:0c:6f:e7:e1:d2:1f:6d:85:d6:59:ce:f8:
68:35:04:82:a3:17:c8:ad:6a:90:75:97:6e:93:9e:1c:7e:5c:
a6:b4:fe:4d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIE6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDAyMDY1MjU2WhcNMjQwNDI5MDY1MjU2WjAYMRYw
FAYDVQQDEw02NjBiYWI0Yi1jMDcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1C2E7jdkTEwIwlPBjTlFLtl90TGvb4z4Jf4qqNHFpA6wTZjFwXN3jtH2
SGjvVa47/dKC+srBppHPf4Fn1/UYNEsTfbCFuNBUxmPs5cC/szhSwfn2XgqJhNJB
YH9kCWG9E8/gaGtdbzkiazsiLoqF/TIgT6+3eMilFKY8phAjARCFiL2/+VXNm1co
ADgg/ERWvHEhi/36YsBP0zMmGwMYBoWn7q7wfMK3Gw02V+68sC+Fk6LatZIlr5ve
qyUqGT96y28MKPPkiMMLLuZUrQyozz+ZqClg3+AVk4JbxeVODIWb0LyqFrV2R4kR
1pIgPvvE9MAlbzKzGL7LI0dVEUzViwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMF4
ApzRcwSAjeuRx9DT9fc2MC36MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNDc4RTMyRUYwQkQxMUVFQTA5Q0VGNUI3NzU0MTJFNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPYEMA0GCSqGSIb3DQEBCwUA
A4IBAQB2IFldOQPcJEu7gzB9Mnl1gJRlZT2sDG+ALX8lahA50UnJpsoSH2UlGgDf
pCK4l2VZFiriu6iKSwCvM45aQ3qP57/48ktISBDqLi3HQagENpT6yiBUicyDU1w3
5Zj7NiW7zuoq3B9/pp/+kg3+ScEdk+NXP7rTp/4GHVlW12MZWnqc8Qg8tFx/PQdB
+ABfk7Es1fRgfj+rLYA4B5v/eFQQsuw7uqZXvy+IPfLZBCIP9lL1qgGDJPUw+0gA
QYBdBZr+EdX9nj0ehh6CMzO8QcPmAByRfat0so/IA3lUvA8Mb+fh0h9thdZZzvho
NQSCoxfIrWqQdZduk54cflymtP5N
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:25 2024 by rpki-client on console-fra.rpki-client.org