Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF1BB4243F5111EF97D8B5B6762E951A.roa
File: DF1BB4243F5111EF97D8B5B6762E951A.roa (raw, json)
Hash identifier: C85a0CPFWtWpjKOPrrn16qPChpLiH+Gj6v5buxL88E4=
Subject key identifier: CB:98:19:49:73:E7:1E:AB:1A:6C:3C:B9:C8:2C:45:5C:2C:16:AA:B5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9B70
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF1BB4243F5111EF97D8B5B6762E951A.roa
Signing time: Thu 11 Jul 2024 06:50:34 +0000
ROA not before: Thu 11 Jul 2024 06:50:30 +0000
ROA not after: Sun 11 Aug 2024 06:50:30 +0000
asID: 273478
IP address blocks: 156.232.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39792 (0x9b70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 11 06:50:30 2024 GMT
Not After : Aug 11 06:50:30 2024 GMT
Subject: CN=668f80ba-4b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:78:b8:03:33:f2:a0:e4:f5:6c:be:92:f9:df:
64:10:c1:fa:64:41:47:8c:04:1c:26:2a:c8:1e:f1:
90:8d:4e:11:b2:64:5c:52:a1:8b:9b:10:bb:0e:7b:
99:94:bf:93:f0:d0:6f:b3:d7:54:d1:13:d2:84:e1:
d3:2b:5f:e0:7d:82:ff:a6:0b:ef:b7:26:27:c2:1b:
f4:74:64:8f:9e:6f:0b:cf:9b:81:6e:3f:2b:5b:b4:
1f:57:04:f5:97:e9:91:de:1b:eb:f7:6b:57:15:8d:
50:7c:b1:98:40:34:30:a1:d2:6e:d5:cf:45:9b:b1:
61:4c:a0:5e:f1:81:0f:8a:cd:46:98:62:7e:38:54:
9f:a1:d7:8e:07:08:3b:b6:df:4b:7a:56:a6:8b:6f:
b2:73:e2:08:99:cb:f0:5a:ab:08:90:d4:61:0b:25:
23:1a:ed:46:ea:17:a6:88:b2:b1:23:a0:5b:9d:15:
7d:5a:cd:e5:10:3c:c3:7e:69:4f:23:8a:f0:b0:46:
42:59:b6:78:51:f9:66:31:9d:0a:87:2d:60:f8:cd:
7a:78:13:65:45:2d:c2:99:ba:16:be:85:7b:23:4b:
b1:f5:fe:6b:e7:1f:d4:a8:94:28:bd:6d:a7:fd:71:
e6:ed:89:59:83:ff:99:01:91:42:86:ff:8c:00:e6:
1a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:98:19:49:73:E7:1E:AB:1A:6C:3C:B9:C8:2C:45:5C:2C:16:AA:B5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF1BB4243F5111EF97D8B5B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.104.0/24
Signature Algorithm: sha256WithRSAEncryption
16:4c:51:33:97:1d:0d:fd:2b:ef:93:74:9c:9c:1c:80:ce:ec:
80:49:7c:01:21:a3:4b:b5:a7:b8:07:2f:1c:35:b8:a7:26:96:
b2:88:76:60:2e:c7:8f:a8:30:b8:13:10:a6:c1:c4:b7:37:95:
94:54:72:01:e7:c1:35:a8:65:a7:61:5c:3b:28:d5:c3:26:57:
3d:e6:fa:38:1b:3f:99:8a:07:00:2c:59:8a:15:a1:db:5e:e3:
2d:ab:67:a4:d6:4f:97:c7:e2:1a:cd:52:44:be:f7:bd:80:3c:
ad:bd:c7:97:6e:61:4a:73:da:92:96:22:96:0e:8a:31:9c:40:
8b:34:ab:7a:44:83:4b:0c:7b:26:c2:fd:51:87:e9:ac:9d:f8:
95:d4:34:15:55:c4:9d:9c:bf:5a:d5:95:06:2c:60:68:d6:f9:
3a:6c:65:f8:2d:06:29:ef:30:b5:ea:48:47:87:f6:69:84:a2:
68:a5:9a:82:dc:d5:c3:2b:d5:49:6c:4d:27:c5:17:ef:81:1b:
4f:b6:9c:4e:d4:8e:7a:0e:c2:a1:88:66:fb:dc:92:a7:76:f9:
32:9d:5a:da:b5:ad:fb:af:fb:87:31:ec:74:8e:b4:fb:9e:e6:
7b:31:b4:fa:ed:70:22:09:33:28:63:85:d7:08:a9:1a:4d:3f:
f4:f2:ff:4a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJtwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzExMDY1MDMwWhcNMjQwODExMDY1MDMwWjAYMRYw
FAYDVQQDEw02NjhmODBiYS00YjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxHi4AzPyoOT1bL6S+d9kEMH6ZEFHjAQcJirIHvGQjU4RsmRcUqGLmxC7
DnuZlL+T8NBvs9dU0RPShOHTK1/gfYL/pgvvtyYnwhv0dGSPnm8Lz5uBbj8rW7Qf
VwT1l+mR3hvr92tXFY1QfLGYQDQwodJu1c9Fm7FhTKBe8YEPis1GmGJ+OFSfodeO
Bwg7tt9Lelami2+yc+IImcvwWqsIkNRhCyUjGu1G6hemiLKxI6BbnRV9Ws3lEDzD
fmlPI4rwsEZCWbZ4UflmMZ0Khy1g+M16eBNlRS3CmboWvoV7I0ux9f5r5x/UqJQo
vW2n/XHm7YlZg/+ZAZFChv+MAOYaLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMuY
GUlz5x6rGmw8ucgsRVwsFqq1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERjFCQjQyNDNGNTExMUVGOTdEOEI1QjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhoMA0GCSqGSIb3DQEBCwUA
A4IBAQAWTFEzlx0N/Svvk3ScnByAzuyASXwBIaNLtae4By8cNbinJpayiHZgLseP
qDC4ExCmwcS3N5WUVHIB58E1qGWnYVw7KNXDJlc95vo4Gz+ZigcALFmKFaHbXuMt
q2ek1k+Xx+IazVJEvve9gDytvceXbmFKc9qSliKWDooxnECLNKt6RINLDHsmwv1R
h+msnfiV1DQVVcSdnL9a1ZUGLGBo1vk6bGX4LQYp7zC16khHh/ZphKJopZqC3NXD
K9VJbE0nxRfvgRtPtpxO1I56DsKhiGb73JKndvkynVrata37r/uHMex0jrT7nuZ7
MbT67XAiCTMoY4XXCKkaTT/08v9K
-----END CERTIFICATE-----
Generated at Sun Aug 11 09:41:02 2024 by rpki-client on console-fra.rpki-client.org