Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEA39D0CFB9411EEBBB3815A017001B1.roa
File: BEA39D0CFB9411EEBBB3815A017001B1.roa (raw, json)
Hash identifier: pcp9FmytwGA9fx32jeoVgR0tllOp4RdzsnSnG5wJ3+w=
Subject key identifier: EB:EF:30:8D:FD:27:FE:C2:AC:BD:D2:FB:B3:4E:71:AA:3B:31:45:62
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8277
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEA39D0CFB9411EEBBB3815A017001B1.roa
Signing time: Tue 16 Apr 2024 01:57:57 +0000
ROA not before: Tue 16 Apr 2024 01:57:53 +0000
ROA not after: Mon 29 Apr 2024 01:57:53 +0000
asID: 141883
IP address blocks: 156.240.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33399 (0x8277)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 16 01:57:53 2024 GMT
Not After : Apr 29 01:57:53 2024 GMT
Subject: CN=661ddb25-57f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:01:10:da:fc:f0:7b:2b:77:8a:3c:f2:05:e4:
36:99:63:ae:21:8e:c2:80:94:79:a5:34:f4:ab:04:
c4:13:c9:4e:a9:12:73:53:56:4b:e6:1d:f4:0a:43:
29:05:d2:9a:d2:7f:a0:32:cb:2a:ef:7b:e3:d3:79:
bb:43:1a:62:81:87:56:3d:66:ad:4a:31:c2:73:f3:
5b:30:92:c8:b6:a0:18:17:a1:88:27:80:e2:1d:61:
e9:87:bb:14:94:f1:76:74:0a:25:1f:3b:aa:a3:c6:
bb:dc:73:d3:15:6b:4f:ae:23:0b:4d:7d:9a:c8:81:
6e:bb:f2:d1:ad:16:bd:df:7b:e0:39:ea:35:5e:90:
9c:8f:1a:c1:7d:22:df:37:73:df:bf:86:80:73:6b:
b4:2d:1e:d6:32:40:34:a0:2d:cc:7d:d0:50:90:41:
09:78:8b:78:6d:fb:45:b9:3e:65:1b:48:d2:25:11:
a8:5b:79:c7:09:e8:c9:56:40:0b:14:11:eb:61:d5:
be:c0:2f:e1:35:47:93:7b:48:25:c1:6f:bd:72:54:
de:82:7b:78:04:84:b7:5e:ff:bd:05:45:78:f6:c4:
06:85:14:ec:f1:1d:c9:44:1c:17:35:99:35:a8:b4:
20:39:a1:7b:03:c4:64:8b:f1:a2:24:08:aa:a2:44:
28:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:EF:30:8D:FD:27:FE:C2:AC:BD:D2:FB:B3:4E:71:AA:3B:31:45:62
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEA39D0CFB9411EEBBB3815A017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.48.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:d7:33:b4:41:20:8e:73:52:d2:b6:6d:57:ba:d3:0d:ca:66:
b1:37:94:12:b0:a9:b4:62:dd:22:01:94:6d:01:5b:7c:ab:29:
f6:9d:29:b3:b7:46:a8:29:e7:e1:5c:1e:e2:69:d9:be:8c:2d:
47:f2:4d:1c:81:36:db:a5:9a:db:e6:8a:dd:3a:9c:59:ca:c6:
f9:ac:a4:d1:ce:73:58:64:fd:7f:2b:cb:84:72:67:80:1c:0c:
f3:d0:d5:9b:47:45:60:1a:68:59:de:76:21:64:89:82:f9:81:
8a:08:c8:0c:49:82:a5:6b:39:04:07:25:25:4c:c4:87:29:57:
8c:b3:27:97:80:6a:e8:3b:6c:96:d4:a8:6a:b5:ef:dc:74:d6:
6b:f1:3c:91:bc:33:0f:92:fe:23:db:66:c9:7f:94:36:7d:01:
58:21:d4:dc:db:4a:ac:67:0e:eb:cd:8b:d3:71:e6:db:e3:d1:
7e:35:14:cd:c6:34:60:e7:6b:cf:a2:c8:30:07:26:43:b9:f3:
56:8a:c3:26:99:aa:04:fd:1f:32:38:eb:50:a3:27:2b:dc:56:
e0:7a:e7:3f:76:0e:04:11:8c:f0:13:9a:32:9a:e9:e8:ee:c8:
dd:76:4f:c8:40:ba:5d:d9:0d:17:1f:c1:6b:d8:3c:ad:ca:44:
2d:bd:1b:da
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIJ3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDE2MDE1NzUzWhcNMjQwNDI5MDE1NzUzWjAYMRYw
FAYDVQQDEw02NjFkZGIyNS01N2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwAEQ2vzweyt3ijzyBeQ2mWOuIY7CgJR5pTT0qwTEE8lOqRJzU1ZL5h30
CkMpBdKa0n+gMssq73vj03m7QxpigYdWPWatSjHCc/NbMJLItqAYF6GIJ4DiHWHp
h7sUlPF2dAolHzuqo8a73HPTFWtPriMLTX2ayIFuu/LRrRa933vgOeo1XpCcjxrB
fSLfN3Pfv4aAc2u0LR7WMkA0oC3MfdBQkEEJeIt4bftFuT5lG0jSJRGoW3nHCejJ
VkALFBHrYdW+wC/hNUeTe0glwW+9clTegnt4BIS3Xv+9BUV49sQGhRTs8R3JRBwX
NZk1qLQgOaF7A8Rki/GiJAiqokQoewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOvv
MI39J/7CrL3S+7NOcao7MUViMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRUEzOUQwQ0ZCOTQxMUVFQkJCMzgxNUEwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPAwMA0GCSqGSIb3DQEBCwUA
A4IBAQCM1zO0QSCOc1LStm1XutMNymaxN5QSsKm0Yt0iAZRtAVt8qyn2nSmzt0ao
KefhXB7iadm+jC1H8k0cgTbbpZrb5ordOpxZysb5rKTRznNYZP1/K8uEcmeAHAzz
0NWbR0VgGmhZ3nYhZImC+YGKCMgMSYKlazkEByUlTMSHKVeMsyeXgGroO2yW1Khq
te/cdNZr8TyRvDMPkv4j22bJf5Q2fQFYIdTc20qsZw7rzYvTcebb49F+NRTNxjRg
52vPosgwByZDufNWisMmmaoE/R8yOOtQoycr3Fbgeuc/dg4EEYzwE5oymuno7sjd
dk/IQLpd2Q0XH8Fr2DytykQtvRva
-----END CERTIFICATE-----
Generated at Mon Apr 29 03:01:25 2024 by rpki-client on console-ams.rpki-client.org