Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C524CABA47DF11EFAEB4158E762E951A.roa
File: C524CABA47DF11EFAEB4158E762E951A.roa (raw, json)
Hash identifier: NeyFW4GAUV8SW7IscsIrMyOpGHP1BVG/aEUJWS6w8N8=
Subject key identifier: 37:A5:74:E6:8E:C4:4A:B1:BB:2F:20:AA:4C:89:20:F4:CD:F6:83:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9E13
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C524CABA47DF11EFAEB4158E762E951A.roa
Signing time: Mon 22 Jul 2024 04:06:28 +0000
ROA not before: Mon 22 Jul 2024 04:06:25 +0000
ROA not after: Sat 24 Aug 2024 04:06:25 +0000
asID: 135391
IP address blocks: 156.253.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40467 (0x9e13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 22 04:06:25 2024 GMT
Not After : Aug 24 04:06:25 2024 GMT
Subject: CN=669ddac4-f4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4a:c6:f5:01:24:be:ee:98:98:cb:a4:02:d3:
89:f5:96:29:1b:17:04:a4:97:e5:1d:95:a2:20:6d:
b9:66:1b:1f:86:1c:04:31:a6:50:76:50:23:ab:87:
ed:3c:5b:1a:8c:75:0d:f5:9f:7f:80:30:62:6e:6d:
7a:28:f3:63:2c:40:6d:9e:ba:0d:9e:54:1d:8c:e5:
c4:ec:5e:18:5c:cf:e3:57:48:dd:1a:ba:f4:d8:73:
79:6b:a3:ac:59:0c:21:b7:fd:e2:70:a7:cc:9d:47:
83:47:2a:04:0f:2a:88:20:ce:77:1b:2e:9f:92:5b:
00:de:67:5a:6d:7e:e0:c8:c6:0a:2b:77:cc:7b:89:
31:12:a7:a0:7d:12:8c:36:19:6e:71:58:3a:10:58:
4f:39:76:65:29:9c:39:92:a2:c9:76:87:cb:10:11:
b3:9d:89:89:a6:28:a4:ce:99:99:33:4d:51:bc:3b:
ae:5e:8e:27:4a:50:20:30:d5:ff:02:35:c0:59:0a:
24:a7:64:b1:27:b3:98:66:c5:7f:a0:64:3c:e3:75:
d8:4c:27:b2:f6:11:07:6f:e6:b1:1d:db:aa:99:f6:
69:30:56:56:d6:89:1f:1a:cb:92:ec:c0:91:fb:df:
c5:1a:17:3f:fa:00:0e:27:a5:6e:02:21:e4:37:90:
ef:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A5:74:E6:8E:C4:4A:B1:BB:2F:20:AA:4C:89:20:F4:CD:F6:83:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C524CABA47DF11EFAEB4158E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.3.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:0a:98:1c:81:8a:bc:d7:26:32:a9:95:c1:e1:24:c9:62:32:
b1:cd:ce:94:e4:b9:3f:aa:c0:02:d6:89:6f:95:5c:71:3c:ac:
00:0a:a4:e4:4b:72:41:af:fe:82:9c:b2:a4:0e:d3:f3:4b:34:
5f:3b:da:5a:77:8e:ff:a2:b8:3b:7d:fe:65:b0:48:84:3f:8a:
73:1a:d0:8e:83:1c:66:1b:f8:a4:95:92:5d:51:93:3d:a4:49:
4d:25:47:68:e9:3f:f9:6e:0a:56:bb:5e:9d:95:c0:87:9e:f8:
f8:d6:39:8a:db:fa:67:44:36:68:f6:e5:55:e6:c7:e0:ef:55:
fb:4a:37:6b:6f:ca:29:f3:ad:c3:8c:f1:4f:5d:cb:07:af:81:
f0:10:d3:d5:20:33:ba:11:d2:1d:63:1b:7a:11:ac:43:be:92:
4d:59:03:37:84:14:ce:7e:4f:d8:a3:37:d9:29:ab:e4:1e:dd:
18:30:bc:30:28:f1:f7:3a:77:46:a3:07:a4:4e:46:89:bd:fc:
40:af:fd:c7:90:58:ae:f1:e1:01:d2:2e:45:4b:3d:d2:54:6a:
8c:94:5b:20:99:39:84:e1:a9:df:75:a7:0e:3c:51:7f:26:22:
4a:d3:f1:ae:93:f9:d5:8f:68:75:03:07:7a:61:7b:48:7b:10:
45:63:20:cc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ4TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzIyMDQwNjI1WhcNMjQwODI0MDQwNjI1WjAYMRYw
FAYDVQQDEw02NjlkZGFjNC1mNGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArkrG9QEkvu6YmMukAtOJ9ZYpGxcEpJflHZWiIG25ZhsfhhwEMaZQdlAj
q4ftPFsajHUN9Z9/gDBibm16KPNjLEBtnroNnlQdjOXE7F4YXM/jV0jdGrr02HN5
a6OsWQwht/3icKfMnUeDRyoEDyqIIM53Gy6fklsA3mdabX7gyMYKK3fMe4kxEqeg
fRKMNhlucVg6EFhPOXZlKZw5kqLJdofLEBGznYmJpiikzpmZM01RvDuuXo4nSlAg
MNX/AjXAWQokp2SxJ7OYZsV/oGQ843XYTCey9hEHb+axHduqmfZpMFZW1okfGsuS
7MCR+9/FGhc/+gAOJ6VuAiHkN5DvNwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDel
dOaOxEqxuy8gqkyJIPTN9oNdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNTI0Q0FCQTQ3REYxMUVGQUVCNDE1OEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP0DMA0GCSqGSIb3DQEBCwUA
A4IBAQAMCpgcgYq81yYyqZXB4STJYjKxzc6U5Lk/qsAC1olvlVxxPKwACqTkS3JB
r/6CnLKkDtPzSzRfO9pad47/org7ff5lsEiEP4pzGtCOgxxmG/iklZJdUZM9pElN
JUdo6T/5bgpWu16dlcCHnvj41jmK2/pnRDZo9uVV5sfg71X7Sjdrb8op863DjPFP
XcsHr4HwENPVIDO6EdIdYxt6EaxDvpJNWQM3hBTOfk/YozfZKavkHt0YMLwwKPH3
OndGowekTkaJvfxAr/3HkFiu8eEB0i5FSz3SVGqMlFsgmTmE4anfdacOPFF/JiJK
0/Guk/nVj2h1Awd6YXtIexBFYyDM
-----END CERTIFICATE-----
Generated at Sun Aug 25 05:06:07 2024 by rpki-client on console-ams.rpki-client.org