Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8D4E96A49A811EF99CC45AB762E951A.roa
File: A8D4E96A49A811EF99CC45AB762E951A.roa (raw, json)
Hash identifier: amB3HGGvZByDXIZzZI64o//KMkxZijdDO9PRNkbzhUI=
Subject key identifier: 64:77:37:3D:FC:EE:29:09:49:14:0D:5D:9D:B4:B8:E2:5B:09:BA:A8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9F49
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8D4E96A49A811EF99CC45AB762E951A.roa
Signing time: Wed 24 Jul 2024 10:37:01 +0000
ROA not before: Wed 24 Jul 2024 10:36:58 +0000
ROA not after: Fri 02 Aug 2024 10:36:58 +0000
asID: 204957
IP address blocks: 156.225.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40777 (0x9f49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 24 10:36:58 2024 GMT
Not After : Aug 2 10:36:58 2024 GMT
Subject: CN=66a0d94d-c079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:74:ad:f3:8f:de:55:bd:96:8f:86:2b:0a:38:
ba:eb:9c:e5:5e:29:01:9f:70:15:a9:5e:cf:17:b8:
5c:18:15:94:7d:fe:c7:f7:8d:2a:3f:ac:27:9e:be:
c3:e2:09:e1:58:7d:e4:26:73:dd:c1:98:28:8c:d6:
2a:e0:ce:4d:35:4f:35:62:15:0d:6b:0c:a8:ce:c4:
a7:89:f2:0c:c0:09:62:fc:f8:14:80:b7:09:2b:87:
1b:3a:91:2b:98:a0:42:0b:1a:ff:62:4c:59:59:33:
fb:a7:ab:30:18:4d:59:0d:5a:ac:bb:6d:6c:31:70:
11:9f:99:f2:71:bd:6b:5b:4d:72:3a:bd:e3:33:3d:
77:c2:b3:ba:91:0d:f6:e0:6b:92:cd:8f:81:a6:fb:
05:90:73:c0:ec:56:f6:91:5f:e4:8e:80:fc:83:df:
9a:95:85:d4:f2:69:d4:68:cb:44:b8:87:ab:e6:2f:
76:ee:aa:d0:25:c2:9d:54:80:08:a2:31:78:6d:70:
c7:ab:5a:a9:e1:e4:31:67:4b:67:ab:0b:15:bf:8c:
66:e6:0a:bf:bb:b7:71:59:81:15:6c:81:33:9d:c6:
c1:d7:79:24:85:7a:3a:1a:6d:42:8c:ac:89:d7:77:
9b:7b:5e:ff:78:c5:ee:8e:3a:9c:48:da:d8:2a:f1:
a0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:77:37:3D:FC:EE:29:09:49:14:0D:5D:9D:B4:B8:E2:5B:09:BA:A8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8D4E96A49A811EF99CC45AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.9.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:66:8a:f4:2d:28:c1:fe:bd:c0:8f:09:27:9c:c2:e5:e0:71:
75:6a:b6:02:19:c9:e6:00:34:52:0f:c3:97:a8:5e:fd:5b:c5:
d6:ae:d2:43:45:3f:e3:2f:78:db:70:37:77:c3:3d:f6:4f:27:
22:a3:65:c7:1d:ec:07:38:26:89:fc:ac:9b:84:3d:10:02:de:
3f:fe:34:15:a2:67:8b:cf:12:03:4f:96:fe:a9:a9:d6:ae:0c:
45:26:82:c6:0a:0e:95:e5:f1:e8:c3:50:61:24:f0:31:f3:d2:
35:ce:9c:f4:67:8c:8c:ce:a4:c0:5f:1b:66:9c:6d:fc:35:c8:
e4:13:11:d5:1c:08:82:fe:c6:0b:8b:75:9c:1a:89:dd:8f:8b:
5b:ce:7c:6d:84:ca:b7:42:b8:88:3b:b6:c3:15:4b:e6:1d:41:
e6:47:a0:16:c7:ac:1c:86:bd:39:81:3a:fd:2c:85:be:42:5a:
fd:a2:f4:2d:28:4b:af:e1:7a:45:1c:50:37:b6:4f:c4:e3:b9:
01:e4:43:8f:83:f6:01:e5:6b:83:2b:25:20:37:fe:d8:48:80:
0a:27:82:62:15:8a:29:1e:52:ba:e6:43:1b:a0:fd:44:5c:8d:
42:e4:63:bd:66:1d:df:7c:39:b3:60:3b:06:f8:f3:65:72:f2:
70:79:3b:ca
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ9JMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzI0MTAzNjU4WhcNMjQwODAyMTAzNjU4WjAYMRYw
FAYDVQQDEw02NmEwZDk0ZC1jMDc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv3St84/eVb2Wj4YrCji665zlXikBn3AVqV7PF7hcGBWUff7H940qP6wn
nr7D4gnhWH3kJnPdwZgojNYq4M5NNU81YhUNawyozsSnifIMwAli/PgUgLcJK4cb
OpErmKBCCxr/YkxZWTP7p6swGE1ZDVqsu21sMXARn5nycb1rW01yOr3jMz13wrO6
kQ324GuSzY+BpvsFkHPA7Fb2kV/kjoD8g9+alYXU8mnUaMtEuIer5i927qrQJcKd
VIAIojF4bXDHq1qp4eQxZ0tnqwsVv4xm5gq/u7dxWYEVbIEzncbB13kkhXo6Gm1C
jKyJ13ebe17/eMXujjqcSNrYKvGgOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGR3
Nz387ikJSRQNXZ20uOJbCbqoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOEQ0RTk2QTQ5QTgxMUVGOTlDQzQ1QUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEJMA0GCSqGSIb3DQEBCwUA
A4IBAQBKZor0LSjB/r3AjwknnMLl4HF1arYCGcnmADRSD8OXqF79W8XWrtJDRT/j
L3jbcDd3wz32Tycio2XHHewHOCaJ/KybhD0QAt4//jQVomeLzxIDT5b+qanWrgxF
JoLGCg6V5fHow1BhJPAx89I1zpz0Z4yMzqTAXxtmnG38NcjkExHVHAiC/sYLi3Wc
Gondj4tbznxthMq3QriIO7bDFUvmHUHmR6AWx6wchr05gTr9LIW+Qlr9ovQtKEuv
4XpFHFA3tk/E47kB5EOPg/YB5WuDKyUgN/7YSIAKJ4JiFYopHlK65kMboP1EXI1C
5GO9Zh3ffDmzYDsG+PNlcvJweTvK
-----END CERTIFICATE-----
Generated at Fri Aug 2 14:56:25 2024 by rpki-client on console-ams.rpki-client.org