Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9D2543E021E11EF991B3E2C017001B1.roa
File: D9D2543E021E11EF991B3E2C017001B1.roa (raw, json)
Hash identifier: otrxfsal5q0VsDKLs/OTZ8vsV45FHZtzjd/Lw4voyro=
Subject key identifier: 9D:E7:96:B5:3D:77:71:17:2A:49:8B:AC:52:6C:67:E3:6A:4C:98:9A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 84C6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9D2543E021E11EF991B3E2C017001B1.roa
Signing time: Wed 24 Apr 2024 09:41:40 +0000
ROA not before: Wed 24 Apr 2024 09:41:36 +0000
ROA not after: Mon 29 Apr 2024 09:41:36 +0000
asID: 399077
IP address blocks: 156.248.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33990 (0x84c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 24 09:41:36 2024 GMT
Not After : Apr 29 09:41:36 2024 GMT
Subject: CN=6628d3d4-3611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8d:b6:fb:65:75:23:28:03:b1:19:43:c5:67:
c4:2b:08:90:49:1b:d5:20:31:b0:d6:4b:1b:0f:f7:
d1:de:02:37:6c:09:ce:4a:04:92:c2:ae:97:4e:e1:
68:6f:f8:42:6c:0f:2c:07:a6:f0:fb:5e:0b:b8:00:
1f:b3:66:4f:45:df:43:e6:ff:6f:6c:49:cd:ad:0f:
2d:0b:9f:09:3d:78:a3:34:e8:ae:45:9d:4c:96:6a:
0a:9d:ec:9c:28:9d:33:fa:7c:7e:9e:2a:1a:70:aa:
ab:3c:85:59:11:ba:ee:f6:28:87:ee:9a:9c:6b:8a:
ee:e0:51:60:67:3d:13:c1:6a:e6:db:79:47:36:ed:
47:ef:62:2a:0e:f9:01:03:d1:17:53:80:55:25:c0:
e2:6c:fb:ee:34:2a:4a:6a:2b:98:33:bc:5f:1d:cf:
aa:71:c7:66:cc:72:b2:0b:0a:7b:69:c9:38:e4:03:
a3:e2:91:93:58:a0:af:f9:2b:ea:34:46:c3:40:d5:
2f:7b:a3:5d:09:39:45:db:63:c2:b8:24:9d:ef:ee:
04:ac:12:bc:41:17:bf:88:16:aa:5b:a5:fc:a3:ca:
d0:e3:ed:37:4d:ed:70:69:a8:e6:86:40:01:9f:98:
c8:62:a7:ad:42:cb:61:3d:57:67:b6:94:67:a1:90:
84:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E7:96:B5:3D:77:71:17:2A:49:8B:AC:52:6C:67:E3:6A:4C:98:9A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9D2543E021E11EF991B3E2C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.74.0/24
Signature Algorithm: sha256WithRSAEncryption
87:a5:4f:d9:8e:87:14:cf:6b:93:1a:8f:75:03:05:bc:d7:31:
66:74:59:3e:f4:e7:90:94:5c:1b:dd:d8:6e:c0:de:37:5b:76:
e2:b2:ea:ba:50:58:d7:9d:6e:a6:82:67:15:29:2b:0e:95:6c:
35:81:e1:fc:76:8a:53:10:f0:fd:cb:97:59:7f:f3:ec:8e:47:
26:3f:7f:3b:42:45:bc:e1:18:e7:d8:15:e9:92:69:fa:7c:69:
93:86:83:74:36:7b:a7:e0:27:35:80:a7:d4:34:62:44:08:4a:
a7:9b:6d:54:27:52:08:b2:23:50:6d:5c:c7:67:37:93:5c:78:
06:01:5c:fd:2a:23:22:ea:72:1b:c6:33:1b:97:72:8c:b2:69:
7d:4e:07:be:aa:69:33:ab:82:ba:8c:39:12:51:97:45:b1:e0:
d0:e2:ce:40:0f:25:49:df:02:b0:44:4e:ef:aa:98:31:0c:24:
92:e1:ca:83:92:09:31:55:a7:30:8b:69:71:26:64:62:6b:cb:
bc:d3:73:ab:db:e6:63:57:70:0a:6a:0e:67:87:f7:db:3a:ff:
27:46:7f:c4:a4:d5:11:af:1e:77:3b:ad:f0:4e:bc:d2:69:c9:
3b:e0:75:f0:69:ff:06:bb:65:40:25:d7:d9:13:d2:f4:d0:50:
50:f9:7e:c2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAITGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI0MDk0MTM2WhcNMjQwNDI5MDk0MTM2WjAYMRYw
FAYDVQQDEw02NjI4ZDNkNC0zNjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwY22+2V1IygDsRlDxWfEKwiQSRvVIDGw1ksbD/fR3gI3bAnOSgSSwq6X
TuFob/hCbA8sB6bw+14LuAAfs2ZPRd9D5v9vbEnNrQ8tC58JPXijNOiuRZ1MlmoK
neycKJ0z+nx+nioacKqrPIVZEbru9iiH7pqca4ru4FFgZz0TwWrm23lHNu1H72Iq
DvkBA9EXU4BVJcDibPvuNCpKaiuYM7xfHc+qccdmzHKyCwp7ack45AOj4pGTWKCv
+SvqNEbDQNUve6NdCTlF22PCuCSd7+4ErBK8QRe/iBaqW6X8o8rQ4+03Te1waajm
hkABn5jIYqetQsthPVdntpRnoZCEGQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ3n
lrU9d3EXKkmLrFJsZ+NqTJiaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOUQyNTQzRTAyMUUxMUVGOTkxQjNFMkMwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPhKMA0GCSqGSIb3DQEBCwUA
A4IBAQCHpU/ZjocUz2uTGo91AwW81zFmdFk+9OeQlFwb3dhuwN43W3bisuq6UFjX
nW6mgmcVKSsOlWw1geH8dopTEPD9y5dZf/PsjkcmP387QkW84Rjn2BXpkmn6fGmT
hoN0Nnun4Cc1gKfUNGJECEqnm21UJ1IIsiNQbVzHZzeTXHgGAVz9KiMi6nIbxjMb
l3KMsml9Tge+qmkzq4K6jDkSUZdFseDQ4s5ADyVJ3wKwRE7vqpgxDCSS4cqDkgkx
Vacwi2lxJmRia8u803Or2+ZjV3AKag5nh/fbOv8nRn/EpNURrx53O63wTrzSack7
4HXwaf8Gu2VAJdfZE9L00FBQ+X7C
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:25 2024 by rpki-client on console-fra.rpki-client.org