Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB2B15F822E911EFA9494D357DDC24C2.roa
File: AB2B15F822E911EFA9494D357DDC24C2.roa (raw, json)
Hash identifier: V5aEbK6o5gMbxc5JeoAhJT0BXHef1bgE1G9EsOB7tiw=
Subject key identifier: EC:95:BA:DB:AE:74:6E:BF:76:91:4F:49:25:8B:B2:F4:9B:27:C3:89
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8F03
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB2B15F822E911EFA9494D357DDC24C2.roa
Signing time: Wed 05 Jun 2024 03:14:07 +0000
ROA not before: Wed 05 Jun 2024 03:14:03 +0000
ROA not after: Mon 02 Sep 2024 03:14:03 +0000
asID: 135377
IP address blocks: 156.229.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36611 (0x8f03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 5 03:14:03 2024 GMT
Not After : Sep 2 03:14:03 2024 GMT
Subject: CN=665fd7ff-a752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d7:10:70:af:a5:29:6d:2a:3e:f3:46:cf:10:
0e:dc:f1:58:42:49:2e:d1:bc:4e:c1:96:7c:0a:2a:
3a:1d:b8:6f:80:93:a3:2f:ff:bd:04:fd:8e:b9:4d:
75:0f:19:40:99:71:18:ef:64:f0:64:54:61:d8:b6:
e7:03:d3:e2:8f:f0:78:58:85:8a:4f:eb:cb:12:70:
05:4b:76:ae:d4:5f:f9:76:b3:d8:46:31:fd:cf:65:
d9:b7:23:80:f6:d6:8c:5d:77:28:ee:41:61:76:10:
cd:56:89:79:6a:eb:e1:6f:96:69:df:76:a4:03:b0:
0e:72:57:d8:c0:d3:7f:55:57:3d:5b:07:22:1b:ff:
7c:be:58:33:a0:7f:10:ed:58:af:de:2d:b5:3a:5f:
9e:3f:71:49:27:4f:29:32:76:8d:4c:ce:09:f9:c4:
84:c8:a3:6f:1d:af:d2:fe:78:52:21:de:67:db:b2:
23:18:48:ec:c5:73:fd:ea:7b:14:d8:ca:17:ce:03:
06:e2:40:96:d3:e8:f3:52:7d:ed:0a:4e:7d:09:00:
9f:a5:69:f4:58:a7:02:7c:f3:02:bb:61:65:bb:11:
de:27:e4:85:0d:79:2a:27:4a:7d:4a:a8:ed:64:0e:
03:3f:ad:62:16:02:24:66:86:54:33:a0:a3:9d:73:
2b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:95:BA:DB:AE:74:6E:BF:76:91:4F:49:25:8B:B2:F4:9B:27:C3:89
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB2B15F822E911EFA9494D357DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.20.0/24
Signature Algorithm: sha256WithRSAEncryption
32:8f:be:6e:db:84:57:57:be:f2:a7:18:dd:5d:82:bd:a1:e7:
6f:4c:85:81:a3:ef:3a:6c:9f:37:00:6b:a5:18:af:44:e6:46:
86:cd:19:60:2d:1c:5a:61:63:3f:2b:ca:ea:03:aa:c8:4e:96:
af:11:cf:e0:f8:6c:5e:a2:5c:b3:aa:e4:b2:bd:a7:71:59:a2:
94:ff:86:93:35:93:a3:15:fc:33:45:ba:10:6f:b0:3e:4d:09:
0f:e6:e3:b7:c8:36:42:0f:29:df:02:ec:00:66:d2:18:b8:96:
71:a1:c5:92:7e:77:de:d4:95:ef:d9:40:c5:c0:90:db:1c:fd:
17:a1:ac:76:25:5c:c5:58:3b:25:7d:8d:8e:55:1b:87:11:ba:
57:1c:38:0b:17:dd:5b:9e:16:51:79:fa:93:c4:2f:b7:ca:f1:
67:70:e0:d9:79:22:cb:90:4e:73:64:d5:c9:68:a9:45:9c:30:
b1:b0:51:ad:99:bd:79:bb:29:33:4c:3f:9c:4f:6e:7e:cf:eb:
ba:55:bd:83:23:6d:17:3f:e2:9e:1c:89:9b:ab:55:ce:39:df:
70:12:26:55:be:8d:0e:27:43:e7:b2:93:ac:b8:36:07:45:ca:
96:e5:f0:33:14:58:02:9d:fb:07:65:29:6c:52:3b:2c:2e:2b:
47:78:b2:9f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAI8DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjA1MDMxNDAzWhcNMjQwOTAyMDMxNDAzWjAYMRYw
FAYDVQQDEw02NjVmZDdmZi1hNzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAytcQcK+lKW0qPvNGzxAO3PFYQkku0bxOwZZ8Cio6HbhvgJOjL/+9BP2O
uU11DxlAmXEY72TwZFRh2LbnA9Pij/B4WIWKT+vLEnAFS3au1F/5drPYRjH9z2XZ
tyOA9taMXXco7kFhdhDNVol5auvhb5Zp33akA7AOclfYwNN/VVc9WwciG/98vlgz
oH8Q7Viv3i21Ol+eP3FJJ08pMnaNTM4J+cSEyKNvHa/S/nhSId5n27IjGEjsxXP9
6nsU2MoXzgMG4kCW0+jzUn3tCk59CQCfpWn0WKcCfPMCu2FluxHeJ+SFDXkqJ0p9
SqjtZA4DP61iFgIkZoZUM6CjnXMrPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOyV
utuudG6/dpFPSSWLsvSbJ8OJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQjJCMTVGODIyRTkxMUVGQTk0OTREMzU3RERDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOUUMA0GCSqGSIb3DQEBCwUA
A4IBAQAyj75u24RXV77ypxjdXYK9oedvTIWBo+86bJ83AGulGK9E5kaGzRlgLRxa
YWM/K8rqA6rITpavEc/g+GxeolyzquSyvadxWaKU/4aTNZOjFfwzRboQb7A+TQkP
5uO3yDZCDynfAuwAZtIYuJZxocWSfnfe1JXv2UDFwJDbHP0Xoax2JVzFWDslfY2O
VRuHEbpXHDgLF91bnhZRefqTxC+3yvFncODZeSLLkE5zZNXJaKlFnDCxsFGtmb15
uykzTD+cT25+z+u6Vb2DI20XP+KeHImbq1XOOd9wEiZVvo0OJ0PnspOsuDYHRcqW
5fAzFFgCnfsHZSlsUjssLitHeLKf
-----END CERTIFICATE-----
Generated at Mon Sep 2 11:27:49 2024 by rpki-client on console-fra.rpki-client.org