Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D423BF2AFB9611EEBF0EA66E017001B1.roa
File: D423BF2AFB9611EEBF0EA66E017001B1.roa (raw, json)
Hash identifier: pgnNh9B9tqt2OxXTrBD8NIsMljvM5ZrdD4aYeVZnDT4=
Subject key identifier: 82:BB:3B:48:84:8A:E4:80:B3:0B:4D:B2:E6:50:2E:CF:28:FE:64:CA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8295
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D423BF2AFB9611EEBF0EA66E017001B1.roa
Signing time: Tue 16 Apr 2024 02:12:52 +0000
ROA not before: Tue 16 Apr 2024 02:12:48 +0000
ROA not after: Mon 29 Apr 2024 02:12:48 +0000
asID: 139646
IP address blocks: 156.255.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33429 (0x8295)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 16 02:12:48 2024 GMT
Not After : Apr 29 02:12:48 2024 GMT
Subject: CN=661ddea4-de61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2a:84:41:99:a1:08:76:50:8d:cc:7e:b7:db:
e9:12:b5:22:54:b1:a0:a7:1e:66:ae:48:4f:ca:76:
f4:72:f9:3b:78:4b:34:8e:52:fa:b5:1c:82:38:5f:
50:68:e8:f6:ab:4d:46:0e:71:2f:33:35:35:97:9b:
eb:f5:b0:0a:a5:b2:35:a8:44:86:78:80:b4:ec:8f:
4d:46:39:42:6c:3d:ab:4b:da:7f:dc:c5:16:2e:83:
14:9f:71:9c:b7:22:77:15:37:2d:cb:b3:13:e3:e2:
09:a0:76:92:55:6f:e6:54:61:c3:51:ba:56:93:14:
dd:5f:93:4f:bd:cd:57:aa:54:80:25:67:37:86:69:
6d:4a:cc:7a:d0:f6:3f:44:6b:ad:0d:b3:5b:53:e2:
06:4b:f9:0c:e5:4f:19:e9:3c:80:fc:b2:bc:64:a1:
bd:7c:e3:e8:8a:d9:e6:cf:38:3a:c2:1a:af:21:02:
2e:15:a0:a6:a2:41:d1:f8:b3:28:00:2e:46:30:3f:
27:b8:8c:ff:8a:3b:3d:95:4f:14:67:be:1b:11:c9:
43:f9:6f:a3:ef:e4:dd:ba:28:ac:92:5f:69:93:a6:
32:d0:e6:35:39:88:00:22:05:03:d8:9d:1d:5d:b4:
82:d8:65:df:d3:5b:e5:48:bb:d7:43:b2:34:e4:57:
d0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:BB:3B:48:84:8A:E4:80:B3:0B:4D:B2:E6:50:2E:CF:28:FE:64:CA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D423BF2AFB9611EEBF0EA66E017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.0.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:4c:d6:05:b2:f0:26:bb:8c:48:33:27:38:9c:b7:a8:15:a6:
60:7e:20:84:6b:60:e7:24:11:df:39:72:9f:ad:37:d7:fa:15:
4e:e8:0f:54:24:a5:0b:7d:98:0c:b3:75:5f:02:de:f4:7e:6f:
33:72:57:d4:3e:9d:46:c2:6d:1e:44:4d:bf:1a:df:28:38:a6:
7d:7c:f7:d5:3f:0d:4e:db:88:90:05:46:3b:2e:f8:55:85:96:
5e:35:b7:43:04:26:a6:fd:b3:ea:ea:4c:45:ee:4c:b7:0a:7e:
d5:35:87:82:58:64:f0:52:7c:27:ac:e7:87:89:39:0c:45:6f:
42:2c:21:ba:02:df:fd:c1:29:61:6a:ba:b7:b7:61:55:a8:cb:
d4:b7:e4:64:fb:a4:d0:50:7f:31:ea:0c:4b:f6:19:e9:09:d3:
0c:6f:53:ba:8c:c7:e9:35:e0:ba:f7:78:fa:7f:18:54:16:38:
81:81:fe:04:f3:2f:7a:99:d3:c1:fa:eb:3f:55:31:81:54:a4:
84:1e:b2:9c:ab:fe:9b:bf:33:bf:d6:6d:2e:a5:b6:66:79:d5:
36:a2:4a:28:ad:02:66:c5:f6:94:62:1e:26:a3:75:28:0a:96:
77:4a:b0:29:a0:8f:b3:a5:53:4f:75:ad:49:c6:49:43:a0:a4:
02:54:f9:bb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIKVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDE2MDIxMjQ4WhcNMjQwNDI5MDIxMjQ4WjAYMRYw
FAYDVQQDEw02NjFkZGVhNC1kZTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxCqEQZmhCHZQjcx+t9vpErUiVLGgpx5mrkhPynb0cvk7eEs0jlL6tRyC
OF9QaOj2q01GDnEvMzU1l5vr9bAKpbI1qESGeIC07I9NRjlCbD2rS9p/3MUWLoMU
n3GctyJ3FTcty7MT4+IJoHaSVW/mVGHDUbpWkxTdX5NPvc1XqlSAJWc3hmltSsx6
0PY/RGutDbNbU+IGS/kM5U8Z6TyA/LK8ZKG9fOPoitnmzzg6whqvIQIuFaCmokHR
+LMoAC5GMD8nuIz/ijs9lU8UZ74bEclD+W+j7+Tduiiskl9pk6Yy0OY1OYgAIgUD
2J0dXbSC2GXf01vlSLvXQ7I05FfQhwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIK7
O0iEiuSAswtNsuZQLs8o/mTKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENDIzQkYyQUZCOTYxMUVFQkYwRUE2NkUwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8AMA0GCSqGSIb3DQEBCwUA
A4IBAQAuTNYFsvAmu4xIMyc4nLeoFaZgfiCEa2DnJBHfOXKfrTfX+hVO6A9UJKUL
fZgMs3VfAt70fm8zclfUPp1Gwm0eRE2/Gt8oOKZ9fPfVPw1O24iQBUY7LvhVhZZe
NbdDBCam/bPq6kxF7ky3Cn7VNYeCWGTwUnwnrOeHiTkMRW9CLCG6At/9wSlharq3
t2FVqMvUt+Rk+6TQUH8x6gxL9hnpCdMMb1O6jMfpNeC693j6fxhUFjiBgf4E8y96
mdPB+us/VTGBVKSEHrKcq/6bvzO/1m0upbZmedU2okoorQJmxfaUYh4mo3UoCpZ3
SrApoI+zpVNPda1JxklDoKQCVPm7
-----END CERTIFICATE-----
Generated at Mon Apr 29 04:17:23 2024 by rpki-client on console-fra.rpki-client.org