Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4D3E84616CB11EC82DE597BD8A014CE.roa
File: B4D3E84616CB11EC82DE597BD8A014CE.roa (raw, json)
Hash identifier: aXSY0PvB4MnI/kwT0IaqlnRjiRv1jKO1Xw5l+V9GQw0=
Subject key identifier: 03:BF:9D:F1:0F:ED:46:B5:7F:96:E2:41:79:CB:3B:78:17:FF:DF:3F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 096D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4D3E84616CB11EC82DE597BD8A014CE.roa
Signing time: Thu 16 Sep 2021 08:54:31 +0000
ROA not before: Thu 16 Sep 2021 08:54:27 +0000
ROA not after: Fri 16 Dec 2022 08:54:27 +0000
asID: 135097
IP address blocks: 156.225.136.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2413 (0x96d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 16 08:54:27 2021 GMT
Not After : Dec 16 08:54:27 2022 GMT
Subject: CN=61430647-411a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3e:80:d4:51:36:d9:55:8d:58:e6:fc:e3:b3:
61:58:cd:ae:0b:7a:8f:e8:fd:31:d9:97:f3:55:0e:
c2:d2:91:36:fa:c1:21:44:40:91:05:2a:9d:5d:7c:
cb:c6:c1:d8:9c:93:db:63:56:4e:ed:33:c5:b7:64:
d0:b2:67:ab:c5:df:c9:1f:47:03:cc:eb:39:95:d4:
81:79:71:67:5b:e4:af:5d:fb:2b:ad:82:44:2e:48:
3a:90:c2:bd:c8:92:67:23:f4:e9:d5:39:33:7d:19:
cc:52:88:30:96:80:0f:75:e9:94:b0:06:3a:9f:9a:
24:77:2e:9f:ca:41:44:2a:10:dd:66:6f:f5:12:e1:
fd:21:14:73:9a:41:92:5b:cc:d5:8d:e6:33:d9:7d:
6c:e2:3a:18:4e:29:75:9f:45:23:fe:6e:c0:73:14:
f3:dd:6b:ba:b3:6c:51:02:20:ff:82:95:7c:05:98:
bc:a8:76:59:10:c5:fb:94:28:aa:75:61:e4:fa:57:
ce:be:a5:f3:b6:8e:26:d6:58:de:f1:d5:43:c8:7e:
82:f2:fb:0f:4e:b3:d2:1f:3b:8c:77:d0:9b:77:04:
89:36:65:78:77:77:ec:ce:e5:24:50:63:2f:70:ef:
29:10:43:3b:83:5b:d3:6d:bb:ad:1f:31:58:b1:fc:
be:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:BF:9D:F1:0F:ED:46:B5:7F:96:E2:41:79:CB:3B:78:17:FF:DF:3F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4D3E84616CB11EC82DE597BD8A014CE.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.136.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:5a:eb:f2:8f:b9:2e:73:b3:93:4f:b1:6f:bb:75:c3:d3:ec:
06:5e:a2:b3:1f:e0:88:0b:95:0c:d9:02:16:26:2b:5b:d0:da:
b0:dd:93:80:bc:dd:fd:f3:8e:fb:88:26:2c:3d:35:33:f5:57:
24:4d:c5:a4:cf:67:c9:fd:5b:c7:37:6f:5d:26:ea:e6:34:fd:
f2:52:c9:21:70:38:a6:93:75:28:e9:b4:a9:7f:e1:09:21:a4:
ac:72:0f:20:fe:55:75:a6:bc:15:cb:ce:0f:3e:76:10:ea:a1:
45:9c:23:ef:b6:d4:24:24:9b:c0:3f:26:86:0b:dc:12:b9:24:
59:c8:1a:cc:6d:80:1d:c2:ca:a1:7d:1a:cb:02:ed:b0:ba:15:
ea:ff:ef:55:c7:26:dc:de:69:0b:95:22:09:be:c3:fc:69:ad:
42:45:e5:e1:2a:0c:53:e2:ee:b2:45:e9:fb:16:f5:b7:81:cf:
4c:d9:b2:c5:2d:97:82:42:00:2c:d2:61:31:44:c6:18:d2:a7:
b7:ca:ed:e1:bb:d1:84:cf:71:ce:65:79:e9:fb:82:cb:95:e6:
23:be:e7:38:f6:02:3c:ff:ce:18:8d:0b:bb:a9:e6:cb:66:3a:
de:ae:e5:47:dc:fb:ed:f6:64:91:61:7d:6f:9b:3f:74:c1:2b:
0d:0d:0d:0d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCW0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMTA5MTYwODU0MjdaFw0yMjEyMTYwODU0MjdaMBgxFjAU
BgNVBAMMDTYxNDMwNjQ3LTQxMWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5PoDUUTbZVY1Y5vzjs2FYza4Leo/o/THZl/NVDsLSkTb6wSFEQJEFKp1d
fMvGwdick9tjVk7tM8W3ZNCyZ6vF38kfRwPM6zmV1IF5cWdb5K9d+yutgkQuSDqQ
wr3Ikmcj9OnVOTN9GcxSiDCWgA916ZSwBjqfmiR3Lp/KQUQqEN1mb/US4f0hFHOa
QZJbzNWN5jPZfWziOhhOKXWfRSP+bsBzFPPda7qzbFECIP+ClXwFmLyodlkQxfuU
KKp1YeT6V86+pfO2jibWWN7x1UPIfoLy+w9Os9IfO4x30Jt3BIk2ZXh3d+zO5SRQ
Yy9w7ykQQzuDW9Ntu60fMVix/L7fAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUA7+d
8Q/tRrV/luJBecs7eBf/3z8wHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4L0I0RDNFODQ2MTZDQjExRUM4MkRFNTk3QkQ4QTAxNENFLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOc4YgwDQYJKoZIhvcNAQELBQAD
ggEBABxa6/KPuS5zs5NPsW+7dcPT7AZeorMf4IgLlQzZAhYmK1vQ2rDdk4C83f3z
jvuIJiw9NTP1VyRNxaTPZ8n9W8c3b10m6uY0/fJSySFwOKaTdSjptKl/4QkhpKxy
DyD+VXWmvBXLzg8+dhDqoUWcI++21CQkm8A/JoYL3BK5JFnIGsxtgB3CyqF9GssC
7bC6Fer/71XHJtzeaQuVIgm+w/xprUJF5eEqDFPi7rJF6fsW9beBz0zZssUtl4JC
ACzSYTFExhjSp7fK7eG70YTPcc5leen7gsuV5iO+5zj2Ajz/zhiNC7up5stmOt6u
5Ufc++32ZJFhfW+bP3TBKw0NDQ0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:26 2023 by rpki-client on console-fra.rpki-client.org