Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2447968F91911EDBAAEB1204AD9E6FC.roa
File: D2447968F91911EDBAAEB1204AD9E6FC.roa (raw, json)
Hash identifier: PfKuQEdz7exARoBtSW4pAnHqbUpmSrCbv2vkKHAi0wA=
Subject key identifier: 20:0A:1D:EC:C4:29:DF:32:3D:5F:72:A5:BA:39:76:5A:E0:A4:7C:A3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 270B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2447968F91911EDBAAEB1204AD9E6FC.roa
Signing time: Tue 23 May 2023 03:28:02 +0000
ROA not before: Tue 23 May 2023 03:27:58 +0000
ROA not after: Sun 05 May 2024 03:27:58 +0000
asID: 398968
IP address blocks: 156.233.208.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9995 (0x270b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 03:27:58 2023 GMT
Not After : May 5 03:27:58 2024 GMT
Subject: CN=646c32c1-d395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:14:0d:b5:ce:9b:91:56:dd:52:e2:d8:9f:8c:
e4:a0:ee:ce:d8:10:fe:4f:dc:74:5f:a2:33:84:d5:
6f:29:62:e9:5b:1c:cb:83:07:3a:c7:8f:aa:aa:2f:
01:2c:79:0b:4c:a4:89:b0:17:05:2c:5e:a2:24:a5:
41:31:45:7c:0c:84:b5:fc:1f:2c:b2:10:9e:3f:73:
70:ff:05:63:d2:11:cb:be:7a:79:48:50:c1:83:1b:
bc:be:ee:15:21:66:18:2d:d4:1d:56:36:70:54:65:
10:54:bd:18:dd:c8:fb:34:f5:a4:12:c9:49:47:ec:
b9:2a:a6:c7:6f:1e:81:21:f4:1d:4f:68:0e:f5:22:
3d:7f:48:2c:e7:39:cb:45:e8:fe:88:ba:f4:83:b5:
5a:8d:2c:0e:64:5e:84:0c:f1:03:17:c0:53:cb:46:
2e:d4:58:02:2a:f9:6c:c7:5b:46:3b:6d:1e:fd:81:
31:0c:ef:16:9d:0a:ed:b8:ce:5f:6d:5d:22:0f:48:
80:f3:a9:24:4e:21:cb:bd:34:dc:a3:f1:79:83:03:
51:d8:01:55:85:49:56:e2:04:54:4b:7f:20:8f:23:
82:93:ec:46:60:9d:a7:ba:a9:96:89:e0:2a:f7:d7:
c3:c1:20:f9:68:c0:68:8b:cb:b5:f7:4c:31:e8:15:
00:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0A:1D:EC:C4:29:DF:32:3D:5F:72:A5:BA:39:76:5A:E0:A4:7C:A3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2447968F91911EDBAAEB1204AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.208.0/21
Signature Algorithm: sha256WithRSAEncryption
73:b0:bb:53:f0:d7:52:06:7f:e1:8f:51:f5:54:17:35:24:bc:
82:c2:b0:f6:ff:98:28:44:cd:41:1d:90:a5:d8:ac:ad:40:e9:
f3:b5:65:ea:e9:9a:8d:b7:48:aa:c1:d4:7f:a7:83:2e:a9:e1:
b4:63:5d:83:25:11:db:18:bd:6b:f2:17:c1:af:70:db:5c:7e:
51:d0:8d:61:c6:82:55:52:48:95:59:2c:ea:6d:da:91:af:dd:
76:ae:38:09:72:db:0d:9e:08:87:0c:6a:1c:c8:58:5b:7a:7c:
66:66:e0:89:b5:06:85:e6:cd:be:07:6c:68:9a:bf:8a:28:df:
0b:e7:2a:de:ae:73:eb:de:1d:d4:1e:c1:66:dc:0f:e5:20:ef:
3e:d3:55:f6:51:96:eb:bd:68:1f:65:00:ca:69:15:42:ff:1e:
cc:cb:51:c6:1d:d1:22:ba:21:5e:b0:10:45:88:c6:05:b7:2d:
cf:b4:9e:1c:91:ef:55:67:6b:4a:7a:7b:24:fe:1d:23:08:78:
27:55:7b:69:f9:c0:ac:2f:87:86:d5:13:ff:5b:2c:5d:db:e7:
28:fa:a2:c4:65:1b:6c:80:71:ac:f8:a8:a4:6c:79:82:01:8e:
20:fe:58:08:57:fd:00:06:f4:f1:f3:f3:a0:8e:75:d2:29:31:
07:52:22:38
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICJwswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzA1MjMwMzI3NThaFw0yNDA1MDUwMzI3NThaMBgxFjAU
BgNVBAMTDTY0NmMzMmMxLWQzOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8FA21zpuRVt1S4tifjOSg7s7YEP5P3HRfojOE1W8pYulbHMuDBzrHj6qq
LwEseQtMpImwFwUsXqIkpUExRXwMhLX8HyyyEJ4/c3D/BWPSEcu+enlIUMGDG7y+
7hUhZhgt1B1WNnBUZRBUvRjdyPs09aQSyUlH7LkqpsdvHoEh9B1PaA71Ij1/SCzn
OctF6P6IuvSDtVqNLA5kXoQM8QMXwFPLRi7UWAIq+WzHW0Y7bR79gTEM7xadCu24
zl9tXSIPSIDzqSROIcu9NNyj8XmDA1HYAVWFSVbiBFRLfyCPI4KT7EZgnae6qZaJ
4Cr318PBIPlowGiLy7X3TDHoFQDRAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUIAod
7MQp3zI9X3Klujl2WuCkfKMwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4L0QyNDQ3OTY4RjkxOTExRURCQUFFQjEyMDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOc6dAwDQYJKoZIhvcNAQELBQAD
ggEBAHOwu1Pw11IGf+GPUfVUFzUkvILCsPb/mChEzUEdkKXYrK1A6fO1Zerpmo23
SKrB1H+ngy6p4bRjXYMlEdsYvWvyF8GvcNtcflHQjWHGglVSSJVZLOpt2pGv3Xau
OAly2w2eCIcMahzIWFt6fGZm4Im1BoXmzb4HbGiav4oo3wvnKt6uc+veHdQewWbc
D+Ug7z7TVfZRluu9aB9lAMppFUL/HszLUcYd0SK6IV6wEEWIxgW3Lc+0nhyR71Vn
a0p6eyT+HSMIeCdVe2n5wKwvh4bVE/9bLF3b5yj6osRlG2yAcaz4qKRseYIBjiD+
WAhX/QAG9PHz86COddIpMQdSIjg=
-----END CERTIFICATE-----
Generated at Mon May 6 02:29:26 2024 by rpki-client on console-fra.rpki-client.org