Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9FEE61A4A4F11EFBC7E54A0762E951A.roa
File: D9FEE61A4A4F11EFBC7E54A0762E951A.roa (raw, json)
Hash identifier: +kQzueI8Rhxh2TvGLh7qTB8BNWqzK4F5M4CcTHDoEEU=
Subject key identifier: C7:B8:5C:7E:0E:DF:43:C3:C2:59:EB:E3:91:74:33:4E:7C:EA:96:4C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9F6D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9FEE61A4A4F11EFBC7E54A0762E951A.roa
Signing time: Thu 25 Jul 2024 06:33:49 +0000
ROA not before: Thu 25 Jul 2024 06:33:46 +0000
ROA not after: Tue 30 Jul 2024 06:33:46 +0000
asID: 136744
IP address blocks: 156.226.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40813 (0x9f6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 25 06:33:46 2024 GMT
Not After : Jul 30 06:33:46 2024 GMT
Subject: CN=66a1f1cd-cf0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:95:01:86:ad:24:2e:94:5c:40:55:72:06:18:
f5:b4:b8:99:2a:7a:ab:ee:8f:3d:de:45:03:66:39:
5a:09:d4:27:4c:44:18:84:50:8d:7b:2d:66:d6:d7:
85:3f:ae:97:4c:e2:43:ee:84:90:b4:1f:b5:5a:6b:
bc:be:ff:03:d2:a0:38:60:e9:0c:8b:b9:9a:79:d3:
01:20:b0:49:13:ce:73:5e:66:82:de:cd:45:3b:f3:
86:5e:c7:cd:44:53:0d:4e:fc:5e:74:00:a3:ad:ee:
f3:17:e0:f0:e8:a5:0b:d3:23:29:98:a9:eb:b6:35:
db:ee:d1:f1:ad:02:25:74:ff:bc:1e:29:5f:5b:fc:
a4:87:6f:b0:cc:67:5b:b1:c6:c4:c4:e4:37:48:4f:
0a:eb:a1:20:f8:92:d1:23:46:bf:08:f9:ad:08:c9:
71:64:fb:da:89:4b:88:53:11:78:4b:76:93:c0:d0:
4c:b8:d8:ac:11:16:f0:72:b3:89:d9:30:b7:a2:df:
ca:35:b6:3c:e4:43:89:55:5f:76:0b:f5:65:f6:4e:
07:a7:e8:f3:69:d6:89:35:75:6b:f0:39:bf:57:0e:
de:78:b0:b6:c7:75:4c:22:de:b4:67:bf:6f:30:0c:
77:e3:d4:c7:a3:46:9e:68:ed:93:d6:a8:66:6f:31:
f6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B8:5C:7E:0E:DF:43:C3:C2:59:EB:E3:91:74:33:4E:7C:EA:96:4C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9FEE61A4A4F11EFBC7E54A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.3.0/24
Signature Algorithm: sha256WithRSAEncryption
23:a4:86:14:a5:5d:c1:b8:ed:47:33:b2:d7:7b:bd:38:49:8a:
4b:7b:e7:69:23:3b:a8:90:bd:5c:cf:5e:69:01:35:b5:c6:cf:
a5:71:2c:29:a5:93:c6:02:25:61:21:6b:99:c7:4c:a7:40:e9:
37:17:f9:35:da:66:51:c8:2f:47:e5:5f:f6:95:15:3c:b4:49:
23:26:b9:c3:68:25:7b:7e:e2:8f:3d:c2:ac:64:cb:62:71:d8:
e5:81:1d:6d:ff:43:06:83:91:39:ff:2f:43:1d:ce:35:fd:4f:
ee:f6:55:4f:04:de:0a:26:05:14:d0:8c:9a:d6:bd:86:39:74:
9f:c7:f9:74:92:50:a5:2a:b5:37:db:92:45:71:57:e0:0e:6c:
05:ba:0d:81:e1:dc:a9:cf:ca:50:99:bd:4f:7f:89:2c:7b:09:
be:3b:aa:06:d0:01:0a:e0:ac:32:72:bd:e0:e2:2f:92:41:c3:
7e:fc:2f:8e:f7:ea:89:8c:18:ca:fd:8a:ad:59:81:19:7a:cd:
3a:c5:8d:7b:c1:41:24:7d:81:92:e1:6f:e6:68:73:ee:3c:ee:
b4:6f:c6:92:65:b6:2c:95:bd:f9:6a:e4:cc:1b:e2:b8:38:0e:
59:12:b8:cd:db:2a:f6:49:4e:7d:6f:2d:2b:48:1e:bf:61:2e:
17:8d:61:4b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ9tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzI1MDYzMzQ2WhcNMjQwNzMwMDYzMzQ2WjAYMRYw
FAYDVQQDEw02NmExZjFjZC1jZjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp5UBhq0kLpRcQFVyBhj1tLiZKnqr7o893kUDZjlaCdQnTEQYhFCNey1m
1teFP66XTOJD7oSQtB+1Wmu8vv8D0qA4YOkMi7maedMBILBJE85zXmaC3s1FO/OG
XsfNRFMNTvxedACjre7zF+Dw6KUL0yMpmKnrtjXb7tHxrQIldP+8HilfW/ykh2+w
zGdbscbExOQ3SE8K66Eg+JLRI0a/CPmtCMlxZPvaiUuIUxF4S3aTwNBMuNisERbw
crOJ2TC3ot/KNbY85EOJVV92C/Vl9k4Hp+jzadaJNXVr8Dm/Vw7eeLC2x3VMIt60
Z79vMAx349THo0aeaO2T1qhmbzH2AwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMe4
XH4O30PDwlnr45F0M0586pZMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOUZFRTYxQTRBNEYxMUVGQkM3RTU0QTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOIDMA0GCSqGSIb3DQEBCwUA
A4IBAQAjpIYUpV3BuO1HM7LXe704SYpLe+dpIzuokL1cz15pATW1xs+lcSwppZPG
AiVhIWuZx0ynQOk3F/k12mZRyC9H5V/2lRU8tEkjJrnDaCV7fuKPPcKsZMticdjl
gR1t/0MGg5E5/y9DHc41/U/u9lVPBN4KJgUU0Iya1r2GOXSfx/l0klClKrU325JF
cVfgDmwFug2B4dypz8pQmb1Pf4ksewm+O6oG0AEK4Kwycr3g4i+SQcN+/C+O9+qJ
jBjK/YqtWYEZes06xY17wUEkfYGS4W/maHPuPO60b8aSZbYslb35auTMG+K4OA5Z
ErjN2yr2SU59by0rSB6/YS4XjWFL
-----END CERTIFICATE-----
Generated at Tue Jul 30 09:47:35 2024 by rpki-client on console-fra.rpki-client.org