Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAB8D40C440D11EF8DD99C92762E951A.roa
File: BAB8D40C440D11EF8DD99C92762E951A.roa (raw, json)
Hash identifier: P+yznaVKERn053DB/zT2yqz7iEQiAUgouwukKYM1IR8=
Subject key identifier: 11:5F:53:36:E2:B2:3E:38:4C:D9:F4:51:2B:95:50:8D:AB:E7:E2:94
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9CE6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAB8D40C440D11EF8DD99C92762E951A.roa
Signing time: Wed 17 Jul 2024 07:25:23 +0000
ROA not before: Wed 17 Jul 2024 07:25:20 +0000
ROA not after: Sat 27 Jul 2024 07:25:20 +0000
asID: 22773
IP address blocks: 156.233.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40166 (0x9ce6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 17 07:25:20 2024 GMT
Not After : Jul 27 07:25:20 2024 GMT
Subject: CN=669771e3-2b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:3b:27:65:9c:4f:ea:93:3a:15:0b:ec:c6:f8:
91:23:ac:6d:76:18:ce:a0:ec:09:41:20:c2:04:de:
e7:3b:57:df:2b:2d:c0:46:bf:b5:79:cd:bd:a1:b8:
19:fc:8b:f8:d5:3d:7a:18:fc:85:71:f7:23:75:ce:
62:31:f0:53:72:67:ae:f7:07:ff:4e:f5:ff:f0:6f:
07:37:41:71:7f:94:d2:de:3e:c8:ee:c1:ee:5b:3b:
85:14:ce:2c:5e:80:51:94:fb:48:5b:02:1e:88:d8:
f4:57:e6:cf:82:35:b5:13:ac:9b:88:b0:c6:e9:30:
9e:4d:a0:56:54:2a:39:f6:ab:0c:03:52:a2:30:cb:
d6:19:29:84:af:4a:12:68:f7:f0:2f:41:97:29:f6:
58:16:9f:b7:ed:3f:70:ea:84:66:04:f0:ad:a6:b2:
10:2a:ce:8a:7a:dc:2c:7e:6d:ec:de:4f:2d:48:4e:
dc:41:45:32:b7:ba:ba:9a:db:ac:72:a6:48:ba:19:
3c:85:90:f7:cf:62:74:1a:7c:78:7a:a1:eb:c7:cf:
3a:2c:ca:f9:f3:99:05:da:35:85:bc:f5:d5:4f:65:
57:4e:35:b6:ee:e3:84:76:b0:5f:c4:7a:77:ad:b9:
1c:a6:16:e5:eb:0c:ef:3e:9a:ef:93:53:5a:50:2d:
bf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:5F:53:36:E2:B2:3E:38:4C:D9:F4:51:2B:95:50:8D:AB:E7:E2:94
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAB8D40C440D11EF8DD99C92762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.16.0/22
Signature Algorithm: sha256WithRSAEncryption
55:a8:2a:14:9c:af:a9:e9:84:0b:40:c0:16:f4:0b:fa:2a:12:
d4:04:24:aa:86:f9:d3:c0:6c:3b:f0:88:d2:28:99:d0:96:43:
da:69:20:0c:68:12:8d:45:c2:b2:83:d9:38:82:9c:f9:9f:e6:
30:d3:fb:86:d1:ed:3a:a0:f4:35:b4:7d:27:a4:5f:29:96:4a:
4b:4a:8e:e4:c7:17:4e:c4:9a:fd:d7:a4:50:6f:3e:81:8d:33:
f4:32:87:59:4d:fa:6b:7c:71:d4:cf:43:d9:e3:f6:e6:68:0e:
88:f9:f2:fc:6c:d0:12:b7:0e:f7:be:34:bd:b6:7e:94:a3:2e:
ad:fb:22:84:9f:ef:93:2d:c2:30:33:1b:48:12:ec:36:a5:e0:
01:d3:dd:79:80:5e:ea:3b:21:55:f8:9b:1a:b7:10:2e:7e:d5:
5d:4d:e5:6c:d2:5c:f2:4b:8b:05:51:70:20:fd:09:b0:cf:47:
64:dd:e3:cc:12:27:9f:97:3f:e9:82:93:dd:7a:5e:3e:37:9a:
e6:0c:c4:b2:56:f5:f3:02:a7:b7:27:3c:35:90:a7:f1:a6:ca:
21:4f:e9:6d:86:b7:69:90:26:58:f0:72:8d:53:60:81:0a:08:
a7:1c:9d:69:b0:f3:8e:22:0a:c6:8c:52:2f:6f:65:db:7e:63:
1b:f9:07:d7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJzmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzE3MDcyNTIwWhcNMjQwNzI3MDcyNTIwWjAYMRYw
FAYDVQQDEw02Njk3NzFlMy0yYjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4zsnZZxP6pM6FQvsxviRI6xtdhjOoOwJQSDCBN7nO1ffKy3ARr+1ec29
obgZ/Iv41T16GPyFcfcjdc5iMfBTcmeu9wf/TvX/8G8HN0Fxf5TS3j7I7sHuWzuF
FM4sXoBRlPtIWwIeiNj0V+bPgjW1E6ybiLDG6TCeTaBWVCo59qsMA1KiMMvWGSmE
r0oSaPfwL0GXKfZYFp+37T9w6oRmBPCtprIQKs6Ketwsfm3s3k8tSE7cQUUyt7q6
mtuscqZIuhk8hZD3z2J0Gnx4eqHrx886LMr585kF2jWFvPXVT2VXTjW27uOEdrBf
xHp3rbkcphbl6wzvPprvk1NaUC2/cwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBFf
Uzbisj44TNn0USuVUI2r5+KUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQUI4RDQwQzQ0MEQxMUVGOEREOTlDOTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOkQMA0GCSqGSIb3DQEBCwUA
A4IBAQBVqCoUnK+p6YQLQMAW9Av6KhLUBCSqhvnTwGw78IjSKJnQlkPaaSAMaBKN
RcKyg9k4gpz5n+Yw0/uG0e06oPQ1tH0npF8plkpLSo7kxxdOxJr916RQbz6BjTP0
ModZTfprfHHUz0PZ4/bmaA6I+fL8bNAStw73vjS9tn6Uoy6t+yKEn++TLcIwMxtI
Euw2peAB0915gF7qOyFV+JsatxAuftVdTeVs0lzyS4sFUXAg/Qmwz0dk3ePMEief
lz/pgpPdel4+N5rmDMSyVvXzAqe3Jzw1kKfxpsohT+lthrdpkCZY8HKNU2CBCgin
HJ1psPOOIgrGjFIvb2XbfmMb+QfX
-----END CERTIFICATE-----
Generated at Sun Jul 28 03:06:41 2024 by rpki-client on console-fra.rpki-client.org