Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD219B04440F11EFBE5794A0762E951A.roa
File: CD219B04440F11EFBE5794A0762E951A.roa (raw, json)
Hash identifier: /hcimthtNOAH1Ik1m+Ss0B/n9hCSu6+d3+HSHDiIC7Q=
Subject key identifier: 64:40:43:80:7E:D4:62:85:EE:5D:EB:62:0F:38:02:1D:C9:4A:78:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9CF2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD219B04440F11EFBE5794A0762E951A.roa
Signing time: Wed 17 Jul 2024 07:40:13 +0000
ROA not before: Wed 17 Jul 2024 07:40:09 +0000
ROA not after: Sat 27 Jul 2024 07:40:09 +0000
asID: 22773
IP address blocks: 156.242.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40178 (0x9cf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 17 07:40:09 2024 GMT
Not After : Jul 27 07:40:09 2024 GMT
Subject: CN=6697755d-0dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d5:0f:6a:0d:61:9f:2a:8d:bd:2f:50:b7:97:
e0:cc:4a:fe:9a:40:5e:d0:f6:15:27:6a:f9:05:93:
c8:4c:cd:e5:99:7c:5d:57:4d:fd:64:0c:8e:d3:00:
c2:46:45:9d:c1:82:0c:63:1f:07:72:e4:49:9c:98:
1e:f6:20:1e:30:5b:49:86:fb:96:0b:0c:05:6b:f9:
af:52:cf:9e:42:8f:80:c5:bb:ea:a6:c5:52:b5:06:
f0:a8:4f:ee:76:62:f1:b5:cc:d9:4a:63:13:f0:e9:
ec:bb:d2:f7:f6:17:9e:70:7f:da:71:27:00:2b:bb:
50:4f:f1:4f:e9:93:6f:cb:e8:26:fc:1a:9f:4e:6c:
da:1d:39:f7:cd:65:c6:df:8f:e0:2e:ab:1c:d0:cb:
29:ed:db:bb:e6:bd:ce:18:94:63:05:d0:c5:e0:a5:
9c:c5:1f:4c:a3:77:1e:71:f8:f7:eb:97:c2:0b:2d:
cd:ed:9c:e5:4d:17:65:3d:5c:b9:c7:7d:f3:73:8b:
d9:9a:5f:55:89:1a:73:1e:eb:23:ed:dd:70:85:9f:
e5:af:ce:d3:70:a6:39:8b:a0:f0:3d:88:eb:63:2b:
c9:37:f4:85:fe:bc:70:d8:9d:b0:43:43:0b:c5:97:
be:4a:f3:51:f2:1c:69:83:49:14:f1:b1:ea:02:d1:
8f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:40:43:80:7E:D4:62:85:EE:5D:EB:62:0F:38:02:1D:C9:4A:78:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD219B04440F11EFBE5794A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.28.0/22
Signature Algorithm: sha256WithRSAEncryption
20:6b:06:c2:1c:85:3c:64:f8:a9:21:6f:72:1a:ba:13:b4:82:
bf:e6:d8:eb:4e:bc:95:63:8d:e9:17:00:ba:83:98:f3:44:36:
12:15:c2:f0:d1:22:e9:fb:e4:b2:68:88:18:64:74:5c:a7:61:
67:b3:d4:36:6b:f2:8a:68:97:c8:6a:8e:eb:da:7c:b7:cf:09:
6b:d7:30:0d:5b:7d:56:d5:8a:00:4a:fb:c7:f8:55:b1:e0:93:
4f:9b:11:8f:95:d3:da:15:2c:62:ac:3d:6e:01:46:c8:fd:d3:
04:d0:75:fa:eb:47:c8:21:67:18:f5:a5:51:50:4a:aa:a5:3d:
2f:97:e5:de:bb:25:84:30:52:3a:58:da:e3:92:56:6a:59:cc:
23:c8:95:eb:38:a9:e8:09:e4:fc:70:63:73:d7:5c:fe:f9:5d:
67:f3:59:3d:4a:4d:ed:a8:d4:92:86:24:54:ce:80:5e:2a:74:
8b:0b:73:6b:67:62:ea:9d:dd:95:d6:ed:7d:8e:2a:01:47:87:
6a:12:6b:d8:db:f8:b0:0f:5d:95:c4:a8:fe:fb:66:c0:7c:d6:
d8:e0:cb:df:53:f1:62:16:aa:cf:92:a0:34:2a:9d:4d:10:49:
17:23:de:ce:6f:2a:7a:02:21:53:60:0a:0e:31:b3:93:5d:95:
e1:73:e5:af
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJzyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzE3MDc0MDA5WhcNMjQwNzI3MDc0MDA5WjAYMRYw
FAYDVQQDEw02Njk3NzU1ZC0wZGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAptUPag1hnyqNvS9Qt5fgzEr+mkBe0PYVJ2r5BZPITM3lmXxdV039ZAyO
0wDCRkWdwYIMYx8HcuRJnJge9iAeMFtJhvuWCwwFa/mvUs+eQo+AxbvqpsVStQbw
qE/udmLxtczZSmMT8Onsu9L39heecH/acScAK7tQT/FP6ZNvy+gm/BqfTmzaHTn3
zWXG34/gLqsc0Msp7du75r3OGJRjBdDF4KWcxR9Mo3cecfj365fCCy3N7ZzlTRdl
PVy5x33zc4vZml9ViRpzHusj7d1whZ/lr87TcKY5i6DwPYjrYyvJN/SF/rxw2J2w
Q0MLxZe+SvNR8hxpg0kU8bHqAtGPLQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGRA
Q4B+1GKF7l3rYg84Ah3JSniLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRDIxOUIwNDQ0MEYxMUVGQkU1Nzk0QTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPIcMA0GCSqGSIb3DQEBCwUA
A4IBAQAgawbCHIU8ZPipIW9yGroTtIK/5tjrTryVY43pFwC6g5jzRDYSFcLw0SLp
++SyaIgYZHRcp2Fns9Q2a/KKaJfIao7r2ny3zwlr1zANW31W1YoASvvH+FWx4JNP
mxGPldPaFSxirD1uAUbI/dME0HX660fIIWcY9aVRUEqqpT0vl+XeuyWEMFI6WNrj
klZqWcwjyJXrOKnoCeT8cGNz11z++V1n81k9Sk3tqNSShiRUzoBeKnSLC3NrZ2Lq
nd2V1u19jioBR4dqEmvY2/iwD12VxKj++2bAfNbY4MvfU/FiFqrPkqA0Kp1NEEkX
I97Obyp6AiFTYAoOMbOTXZXhc+Wv
-----END CERTIFICATE-----
Generated at Sun Jul 28 03:03:27 2024 by rpki-client on console-ams.rpki-client.org