Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E39437220DB211EF91FDA90A017001B1.roa
File: E39437220DB211EF91FDA90A017001B1.roa (raw, json)
Hash identifier: 8YRJBrDDbWXgus1VYVXZ+MhatcjNk0HNqcgtLv1CCYc=
Subject key identifier: A7:88:DF:F2:0B:F2:EF:71:1E:E3:7B:E9:65:AD:0B:CD:F4:BF:16:B6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 88AD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E39437220DB211EF91FDA90A017001B1.roa
Signing time: Thu 09 May 2024 03:19:05 +0000
ROA not before: Thu 09 May 2024 03:19:01 +0000
ROA not after: Sat 18 May 2024 03:19:01 +0000
asID: 44559
IP address blocks: 156.233.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34989 (0x88ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 9 03:19:01 2024 GMT
Not After : May 18 03:19:01 2024 GMT
Subject: CN=663c40a8-575e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b6:03:78:b0:48:fe:d4:53:cc:10:d6:5b:85:
3e:dc:ca:60:54:75:b4:db:38:0a:ae:4b:9b:ed:e6:
89:e3:f8:a1:27:3d:2d:a8:82:19:4f:e8:5c:f0:1f:
ea:24:af:ab:fd:a4:fa:e0:ff:55:d5:ee:54:12:f2:
21:1e:e2:a4:f4:0b:74:a1:95:56:dc:56:cc:89:ca:
f5:50:82:f2:86:77:2c:45:ee:39:6a:d4:8d:40:44:
41:e2:25:5a:a8:ee:c5:c8:37:45:9a:a4:c3:a0:7f:
dc:88:c3:00:a6:8f:1e:f1:a1:fa:ba:14:bf:7d:3c:
a3:58:6b:17:96:ce:d5:96:b2:81:d0:c1:cc:1e:4d:
cc:d9:cc:f0:96:23:8c:24:c9:cf:2e:95:90:31:e8:
3d:80:ab:23:64:fd:50:28:31:75:e8:80:36:67:f4:
3f:a3:b0:fc:92:f1:58:f9:a6:76:68:b4:4d:8c:50:
57:5f:1d:70:f0:28:c3:75:33:c5:52:ff:63:22:be:
78:07:87:c9:03:29:5b:3e:ea:81:5e:1c:cd:c3:88:
3d:64:6b:58:26:bf:6d:51:10:a2:7b:a2:62:5d:08:
fd:27:0b:5f:3c:32:b3:ac:23:ff:da:ce:ba:18:1c:
14:40:82:45:92:c3:e4:5a:88:d8:51:a3:d9:9c:33:
fa:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:88:DF:F2:0B:F2:EF:71:1E:E3:7B:E9:65:AD:0B:CD:F4:BF:16:B6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E39437220DB211EF91FDA90A017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.128.0/17
Signature Algorithm: sha256WithRSAEncryption
04:2b:23:57:c3:9b:58:a5:76:31:0f:4d:9e:b9:01:a1:40:8a:
f4:cd:bf:3c:ff:0a:66:ef:5a:65:59:9f:f0:a5:ce:3f:2c:06:
1d:dc:29:5c:14:5e:2d:11:29:0d:6f:f1:02:3a:5f:1d:78:72:
90:76:a5:08:57:ea:15:dd:a9:46:23:0f:47:0b:21:05:e2:92:
79:42:88:ea:a2:d9:33:c0:a1:16:0e:89:e3:dc:47:72:7b:41:
f1:31:2a:e1:a7:4e:f4:fa:30:9d:ed:fe:ea:8e:a8:c7:e3:1f:
4e:13:c2:ca:f8:f2:49:a7:94:77:88:32:f1:b0:b2:a4:82:2a:
a2:29:ae:78:38:39:b3:f4:24:d7:7d:9e:4f:45:f1:3c:e3:13:
a8:2f:9f:21:2d:82:ac:5f:8c:12:a7:6c:af:67:89:fe:93:f4:
81:15:42:4f:26:8e:a4:5d:23:9a:06:50:c0:7c:78:20:22:48:
15:d2:03:7c:fb:b8:f0:e9:57:01:05:cc:7a:95:a8:d5:e2:57:
97:79:86:c3:f3:7c:dd:48:fd:a4:f0:a3:5c:b3:61:d3:91:c7:
a4:55:10:40:f8:c7:d3:16:7f:df:c1:4c:10:ea:ab:c9:5c:84:
b8:4a:8a:01:d0:9b:4c:bb:60:3f:56:e6:05:17:53:3e:89:c4:
8b:28:08:e4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIitMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTA5MDMxOTAxWhcNMjQwNTE4MDMxOTAxWjAYMRYw
FAYDVQQDEw02NjNjNDBhOC01NzVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1LYDeLBI/tRTzBDWW4U+3MpgVHW02zgKrkub7eaJ4/ihJz0tqIIZT+hc
8B/qJK+r/aT64P9V1e5UEvIhHuKk9At0oZVW3FbMicr1UILyhncsRe45atSNQERB
4iVaqO7FyDdFmqTDoH/ciMMApo8e8aH6uhS/fTyjWGsXls7VlrKB0MHMHk3M2czw
liOMJMnPLpWQMeg9gKsjZP1QKDF16IA2Z/Q/o7D8kvFY+aZ2aLRNjFBXXx1w8CjD
dTPFUv9jIr54B4fJAylbPuqBXhzNw4g9ZGtYJr9tURCie6JiXQj9JwtfPDKzrCP/
2s66GBwUQIJFksPkWojYUaPZnDP6KwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKeI
3/IL8u9xHuN76WWtC830vxa2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMzk0MzcyMjBEQjIxMUVGOTFGREE5MEEwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHnOmAMA0GCSqGSIb3DQEBCwUA
A4IBAQAEKyNXw5tYpXYxD02euQGhQIr0zb88/wpm71plWZ/wpc4/LAYd3ClcFF4t
ESkNb/ECOl8deHKQdqUIV+oV3alGIw9HCyEF4pJ5QojqotkzwKEWDonj3Edye0Hx
MSrhp070+jCd7f7qjqjH4x9OE8LK+PJJp5R3iDLxsLKkgiqiKa54ODmz9CTXfZ5P
RfE84xOoL58hLYKsX4wSp2yvZ4n+k/SBFUJPJo6kXSOaBlDAfHggIkgV0gN8+7jw
6VcBBcx6lajV4leXeYbD83zdSP2k8KNcs2HTkcekVRBA+MfTFn/fwUwQ6qvJXIS4
SooB0JtMu2A/VuYFF1M+icSLKAjk
-----END CERTIFICATE-----
Generated at Sun May 19 02:03:34 2024 by rpki-client on console-fra.rpki-client.org