Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFA37492FB9611EE8C8F9A69017001B1.roa
File: AFA37492FB9611EE8C8F9A69017001B1.roa (raw, json)
Hash identifier: KoHl3kosdtPAxWANSywlcuaKiF4hsxe9HHxxpUGvUCc=
Subject key identifier: C1:51:8C:84:70:41:E7:F1:B5:07:46:81:69:E4:AF:E6:C8:0C:BF:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8293
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFA37492FB9611EE8C8F9A69017001B1.roa
Signing time: Tue 16 Apr 2024 02:11:51 +0000
ROA not before: Tue 16 Apr 2024 02:11:47 +0000
ROA not after: Mon 29 Apr 2024 02:11:47 +0000
asID: 141883
IP address blocks: 156.249.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33427 (0x8293)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 16 02:11:47 2024 GMT
Not After : Apr 29 02:11:47 2024 GMT
Subject: CN=661dde66-dba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:89:f3:ef:17:54:6f:9e:1c:2a:bb:d8:1a:7a:
86:37:f7:a9:b8:ff:20:18:f1:6a:0b:15:8f:bb:48:
2a:f3:7a:9a:c6:37:06:8d:56:4b:12:f5:99:01:50:
e9:87:a8:a3:89:9c:e1:e2:ae:50:de:74:3f:b0:12:
a5:08:6c:63:70:80:62:ea:53:64:4a:0c:99:f0:02:
d4:d6:3f:20:c6:db:5c:f9:d6:26:9c:76:56:4d:b3:
f4:30:d6:74:34:6b:fc:32:e4:d2:d3:97:1d:01:8f:
b9:8e:97:3d:e4:dd:cc:34:53:56:ea:22:94:f7:34:
5d:b3:2d:27:ab:f7:f0:18:f1:79:ee:f9:71:24:ee:
a0:39:02:d0:b9:f7:30:67:bf:01:e1:73:8b:f8:59:
e0:1c:2e:b3:1d:f5:fd:8c:42:65:ca:d1:99:d5:62:
47:94:bf:5f:fc:5c:80:f6:11:43:67:06:07:8d:2b:
56:29:87:49:5e:40:2f:35:6d:36:7d:fc:75:24:46:
13:9b:2f:21:e4:ca:23:9e:db:2b:8f:a4:05:82:92:
0c:fd:b6:f8:56:bb:25:2a:56:ca:28:09:91:61:48:
25:4e:11:96:cc:f3:63:31:b7:6f:6f:e6:ab:32:f7:
3a:a8:fb:41:72:0c:de:1a:e6:7e:37:3c:92:11:2d:
a7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:51:8C:84:70:41:E7:F1:B5:07:46:81:69:E4:AF:E6:C8:0C:BF:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFA37492FB9611EE8C8F9A69017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.28.0/22
Signature Algorithm: sha256WithRSAEncryption
98:e9:d7:b3:18:db:60:63:12:87:1d:45:f3:e4:44:6a:e3:6a:
18:cd:3e:a5:88:32:20:38:96:44:40:bc:90:11:be:82:cc:56:
51:b8:eb:0d:97:dd:c0:be:4b:27:79:27:19:09:46:00:b4:d0:
81:52:ca:3b:6b:69:6d:8b:cc:51:b3:b2:63:be:bf:b8:fd:6d:
9c:8a:40:ea:06:db:fd:ed:06:47:2e:0a:51:a1:47:de:6f:4b:
95:19:92:ec:fd:e2:4d:8e:fa:3f:12:81:f6:ce:f3:c2:4f:49:
b0:11:12:1d:33:1c:76:60:55:a5:c7:a7:15:01:6f:00:3c:86:
08:71:29:11:87:b3:a9:bb:07:8e:3d:ac:b0:a5:ae:9c:c7:4b:
c5:af:41:1c:52:87:95:5f:6b:ea:2b:dd:f4:a4:e2:03:b8:63:
e8:12:cf:e5:79:be:e9:1d:0c:59:27:32:d2:2b:ea:db:6b:74:
ff:37:92:b0:19:be:95:02:5a:f7:c8:bd:a8:da:a8:1e:76:71:
6d:f6:1d:7b:4f:98:71:a8:dd:21:0f:15:e3:ec:bf:7d:d2:ab:
13:32:f0:54:42:68:e3:8f:2f:5f:f2:89:2e:3e:d0:6f:26:aa:
b0:db:9b:b8:8d:aa:07:ad:59:21:33:de:a8:a7:56:ce:3a:72:
f6:51:cf:e1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIKTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDE2MDIxMTQ3WhcNMjQwNDI5MDIxMTQ3WjAYMRYw
FAYDVQQDEw02NjFkZGU2Ni1kYmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArYnz7xdUb54cKrvYGnqGN/epuP8gGPFqCxWPu0gq83qaxjcGjVZLEvWZ
AVDph6ijiZzh4q5Q3nQ/sBKlCGxjcIBi6lNkSgyZ8ALU1j8gxttc+dYmnHZWTbP0
MNZ0NGv8MuTS05cdAY+5jpc95N3MNFNW6iKU9zRdsy0nq/fwGPF57vlxJO6gOQLQ
ufcwZ78B4XOL+FngHC6zHfX9jEJlytGZ1WJHlL9f/FyA9hFDZwYHjStWKYdJXkAv
NW02ffx1JEYTmy8h5Mojntsrj6QFgpIM/bb4VrslKlbKKAmRYUglThGWzPNjMbdv
b+arMvc6qPtBcgzeGuZ+NzySES2n6wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMFR
jIRwQefxtQdGgWnkr+bIDL++MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRkEzNzQ5MkZCOTYxMUVFOEM4RjlBNjkwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPkcMA0GCSqGSIb3DQEBCwUA
A4IBAQCY6dezGNtgYxKHHUXz5ERq42oYzT6liDIgOJZEQLyQEb6CzFZRuOsNl93A
vksneScZCUYAtNCBUso7a2lti8xRs7Jjvr+4/W2cikDqBtv97QZHLgpRoUfeb0uV
GZLs/eJNjvo/EoH2zvPCT0mwERIdMxx2YFWlx6cVAW8APIYIcSkRh7OpuweOPayw
pa6cx0vFr0EcUoeVX2vqK930pOIDuGPoEs/leb7pHQxZJzLSK+rba3T/N5KwGb6V
Alr3yL2o2qgednFt9h17T5hxqN0hDxXj7L990qsTMvBUQmjjjy9f8okuPtBvJqqw
25u4jaoHrVkhM96op1bOOnL2Uc/h
-----END CERTIFICATE-----
Generated at Mon Apr 29 04:17:23 2024 by rpki-client on console-fra.rpki-client.org