Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CBD6E63E02FE11EF8066DE4F017001B1.roa
File: CBD6E63E02FE11EF8066DE4F017001B1.roa (raw, json)
Hash identifier: lRqEafPxwT2kPj00TNp2ctMHVa/PdSVO9a8YQkjB/xg=
Subject key identifier: B1:34:33:7B:24:DB:E0:76:D7:29:85:79:90:45:A6:72:3E:A6:03:CB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8535
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CBD6E63E02FE11EF8066DE4F017001B1.roa
Signing time: Thu 25 Apr 2024 12:24:44 +0000
ROA not before: Thu 25 Apr 2024 12:24:40 +0000
ROA not after: Sun 05 May 2024 12:24:40 +0000
asID: 211392
IP address blocks: 156.239.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34101 (0x8535)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 25 12:24:40 2024 GMT
Not After : May 5 12:24:40 2024 GMT
Subject: CN=662a4b8c-3ce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:86:08:c3:e6:4a:55:6e:80:13:e4:3b:07:2e:
e9:95:ad:8f:6d:ac:1e:03:21:f9:54:71:bc:54:3e:
5f:68:4c:94:5d:22:c0:3a:24:c7:98:b3:bd:06:71:
6b:5c:7f:40:2b:1f:ec:0f:70:cc:87:0c:e3:8a:98:
16:7a:f9:96:46:90:6f:4c:97:3c:9d:4b:46:a6:fe:
92:4d:bb:e1:41:9f:06:d7:64:07:1f:68:f3:36:7b:
02:a4:91:5e:26:df:1d:33:36:d1:f8:09:f9:16:33:
44:e6:6d:ae:6c:53:87:f7:1c:26:83:c7:e0:c1:84:
86:c4:0a:fa:01:37:8e:3c:57:c4:1e:0b:1b:7b:d3:
d2:de:c8:19:5a:1e:b2:8b:c1:44:5e:16:81:55:ce:
4d:ec:89:38:7b:62:8a:2a:73:15:58:0c:53:19:2f:
33:7e:1b:be:1d:40:3c:27:03:4e:1b:1d:22:19:0d:
0e:37:e7:37:51:28:9c:f5:82:f5:01:13:0a:6c:2d:
18:52:56:b3:6a:48:01:6b:bd:dd:8b:83:13:a1:74:
43:6e:41:87:2b:54:ab:f7:d6:06:68:2a:51:e9:b5:
69:d3:54:e7:97:cd:b8:26:ea:48:a1:b1:d6:11:61:
e5:cc:7e:2c:c3:7f:d8:6d:8e:02:25:cf:f2:8f:82:
c4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:34:33:7B:24:DB:E0:76:D7:29:85:79:90:45:A6:72:3E:A6:03:CB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CBD6E63E02FE11EF8066DE4F017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.154.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:cf:24:f7:a3:d1:ff:4a:05:c3:5d:34:e4:5f:43:98:51:be:
3b:ac:b4:57:43:48:af:5d:c7:e6:ea:d6:bc:0c:88:6d:74:a5:
55:d4:3f:e9:df:f7:1b:7e:2e:fd:42:06:a8:aa:64:85:9c:12:
5a:58:3e:c5:9e:c0:5d:ab:95:12:46:90:13:e3:0c:55:88:55:
6a:e3:c0:d4:50:72:2e:10:bc:eb:0c:bd:fa:6f:09:7f:c2:a5:
1a:38:dd:ee:9d:4d:92:36:0e:f3:b8:06:f2:55:b7:25:c6:f0:
b3:96:3d:61:ad:23:fd:ea:a5:c7:92:aa:40:f1:d1:bf:ba:21:
b4:8c:28:fa:c9:f9:b0:54:63:9c:b5:ad:12:d4:02:4d:83:ae:
54:8c:ac:0f:86:4c:3c:79:11:88:2b:37:61:26:fb:78:e8:0d:
94:60:12:bd:ac:8f:2f:0c:4a:69:89:50:47:b1:45:25:95:ce:
f0:32:03:28:80:7b:ed:cd:d4:60:39:e9:4b:c4:70:96:51:3a:
9f:ca:99:aa:c9:a0:f0:24:7a:52:6c:de:a5:5e:a6:10:ab:89:
db:91:46:54:c8:cf:1a:07:05:76:18:00:55:dd:0e:84:66:d0:
b9:03:ff:86:fb:da:19:10:a1:91:93:cc:3c:8b:c7:41:ea:17:
c4:56:6c:f8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIU1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI1MTIyNDQwWhcNMjQwNTA1MTIyNDQwWjAYMRYw
FAYDVQQDEw02NjJhNGI4Yy0zY2U3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtYYIw+ZKVW6AE+Q7By7pla2PbaweAyH5VHG8VD5faEyUXSLAOiTHmLO9
BnFrXH9AKx/sD3DMhwzjipgWevmWRpBvTJc8nUtGpv6STbvhQZ8G12QHH2jzNnsC
pJFeJt8dMzbR+An5FjNE5m2ubFOH9xwmg8fgwYSGxAr6ATeOPFfEHgsbe9PS3sgZ
Wh6yi8FEXhaBVc5N7Ik4e2KKKnMVWAxTGS8zfhu+HUA8JwNOGx0iGQ0ON+c3USic
9YL1ARMKbC0YUlazakgBa73di4MToXRDbkGHK1Sr99YGaCpR6bVp01Tnl824JupI
obHWEWHlzH4sw3/YbY4CJc/yj4LEeQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLE0
M3sk2+B21ymFeZBFpnI+pgPLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQkQ2RTYzRTAyRkUxMUVGODA2NkRFNEYwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO+aMA0GCSqGSIb3DQEBCwUA
A4IBAQAPzyT3o9H/SgXDXTTkX0OYUb47rLRXQ0ivXcfm6ta8DIhtdKVV1D/p3/cb
fi79QgaoqmSFnBJaWD7FnsBdq5USRpAT4wxViFVq48DUUHIuELzrDL36bwl/wqUa
ON3unU2SNg7zuAbyVbclxvCzlj1hrSP96qXHkqpA8dG/uiG0jCj6yfmwVGOcta0S
1AJNg65UjKwPhkw8eRGIKzdhJvt46A2UYBK9rI8vDEppiVBHsUUllc7wMgMogHvt
zdRgOelLxHCWUTqfypmqyaDwJHpSbN6lXqYQq4nbkUZUyM8aBwV2GABV3Q6EZtC5
A/+G+9oZEKGRk8w8i8dB6hfEVmz4
-----END CERTIFICATE-----
Generated at Mon May 6 02:29:26 2024 by rpki-client on console-fra.rpki-client.org