Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF8AC5DE4A6111EF93F60498762E951A.roa
File: CF8AC5DE4A6111EF93F60498762E951A.roa (raw, json)
Hash identifier: 6Flm+L1+MfIzR4GNaUQt4Q+c1r6Xvmjx8Uji5LYTMhI=
Subject key identifier: C2:DE:B8:93:70:29:0E:A3:20:D0:F1:9A:13:2E:B3:BC:42:0B:73:31
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9FF1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF8AC5DE4A6111EF93F60498762E951A.roa
Signing time: Thu 25 Jul 2024 08:42:23 +0000
ROA not before: Thu 25 Jul 2024 08:42:19 +0000
ROA not after: Sat 03 Aug 2024 08:42:19 +0000
asID: 22773
IP address blocks: 156.235.48.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40945 (0x9ff1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 25 08:42:19 2024 GMT
Not After : Aug 3 08:42:19 2024 GMT
Subject: CN=66a20fee-de52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:56:10:5f:2e:e9:dd:20:d2:79:e4:76:51:2f:
af:3a:ba:d6:5a:8b:b7:2b:d4:b9:bc:73:a4:40:17:
2d:3a:be:78:7b:98:2a:70:14:ea:01:d7:5a:cc:4b:
16:7f:e3:92:64:33:2b:e7:5a:48:31:c9:91:82:2a:
e0:7b:3e:16:65:8c:a6:c1:7a:5d:0a:b8:1c:7d:53:
2a:75:45:9a:94:05:07:40:f9:37:23:67:ab:d0:e0:
32:24:39:63:89:19:13:ea:58:da:d2:eb:0a:8d:1d:
05:38:44:6a:80:de:92:94:98:77:38:8d:18:66:26:
30:6a:ed:b0:14:c5:46:fe:30:c9:fa:5a:0e:17:2c:
cc:7a:bb:6b:d2:58:7d:10:93:9f:6d:2c:a7:65:48:
bd:df:b8:53:e7:4f:42:9b:40:1c:23:22:e9:c0:46:
77:71:cf:b2:b4:0c:c0:64:7a:fc:a5:68:2b:22:67:
34:9a:a3:27:29:1f:45:0f:f4:72:58:bb:ed:09:e2:
55:79:28:7d:05:36:3e:aa:07:16:12:19:30:28:1a:
1a:d3:68:4e:bf:7f:11:3a:69:c3:43:f8:01:75:9b:
8e:cc:9e:13:20:c4:8d:ca:b7:3a:a4:57:b7:a8:b3:
b1:76:32:86:b4:25:4f:e7:8a:02:d2:4b:b5:63:28:
c5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:DE:B8:93:70:29:0E:A3:20:D0:F1:9A:13:2E:B3:BC:42:0B:73:31
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF8AC5DE4A6111EF93F60498762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.48.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:34:27:0a:7e:c0:67:2f:3e:1a:78:a0:91:60:45:79:58:bc:
53:60:33:74:57:51:17:43:de:ad:4d:84:14:90:4a:3f:9a:42:
42:cd:15:fe:e9:10:5a:97:f9:b3:0b:25:a9:10:16:af:99:a2:
20:74:8f:85:5e:b5:87:37:e6:84:ba:c8:ed:ef:cc:f0:5a:1b:
52:8d:2d:62:91:c6:cc:c5:38:f0:11:2c:63:ce:de:9b:e7:5c:
3b:1f:8d:2f:a1:b3:d9:94:47:64:1f:fa:ca:15:78:1f:4e:c8:
fb:0a:08:74:ea:ce:a7:d1:3d:2b:f8:b9:ab:ef:8e:24:4a:52:
84:28:95:c9:74:a6:4e:ae:b6:a5:92:56:ef:7c:41:2c:4c:d1:
1b:ee:20:66:96:19:21:33:13:61:1b:07:ce:85:65:7a:c6:2f:
e1:30:45:4a:db:f6:21:71:7c:08:67:3d:b7:b0:ed:e9:7c:31:
48:b4:b0:17:9a:75:7d:c3:ed:b1:ea:4a:45:be:bd:b0:2c:79:
f2:81:ce:53:90:bc:28:ae:c1:62:23:b3:48:d8:b1:22:7c:4a:
a9:c3:33:52:af:ce:bb:67:f7:d4:cf:1d:82:a5:c5:5f:d5:f2:
b0:ad:90:9b:58:63:20:ba:1f:ca:5d:07:98:70:dd:80:5d:98:
ff:60:92:dc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ/xMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzI1MDg0MjE5WhcNMjQwODAzMDg0MjE5WjAYMRYw
FAYDVQQDEw02NmEyMGZlZS1kZTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq1YQXy7p3SDSeeR2US+vOrrWWou3K9S5vHOkQBctOr54e5gqcBTqAdda
zEsWf+OSZDMr51pIMcmRgirgez4WZYymwXpdCrgcfVMqdUWalAUHQPk3I2er0OAy
JDljiRkT6lja0usKjR0FOERqgN6SlJh3OI0YZiYwau2wFMVG/jDJ+loOFyzMertr
0lh9EJOfbSynZUi937hT509Cm0AcIyLpwEZ3cc+ytAzAZHr8pWgrImc0mqMnKR9F
D/RyWLvtCeJVeSh9BTY+qgcWEhkwKBoa02hOv38ROmnDQ/gBdZuOzJ4TIMSNyrc6
pFe3qLOxdjKGtCVP54oC0ku1YyjFOwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMLe
uJNwKQ6jINDxmhMus7xCC3MxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRjhBQzVERTRBNjExMUVGOTNGNjA0OTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOswMA0GCSqGSIb3DQEBCwUA
A4IBAQA/NCcKfsBnLz4aeKCRYEV5WLxTYDN0V1EXQ96tTYQUkEo/mkJCzRX+6RBa
l/mzCyWpEBavmaIgdI+FXrWHN+aEusjt78zwWhtSjS1ikcbMxTjwESxjzt6b51w7
H40vobPZlEdkH/rKFXgfTsj7Cgh06s6n0T0r+Lmr744kSlKEKJXJdKZOrralklbv
fEEsTNEb7iBmlhkhMxNhGwfOhWV6xi/hMEVK2/YhcXwIZz23sO3pfDFItLAXmnV9
w+2x6kpFvr2wLHnygc5TkLworsFiI7NI2LEifEqpwzNSr867Z/fUzx2CpcVf1fKw
rZCbWGMguh/KXQeYcN2AXZj/YJLc
-----END CERTIFICATE-----
Generated at Sun Aug 4 03:57:24 2024 by rpki-client on console-fra.rpki-client.org