Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9C0EB94FE2211EE82872E33017001B1.roa
File: E9C0EB94FE2211EE82872E33017001B1.roa (raw, json)
Hash identifier: bd1p8V7n0+CjIF1sZ1IydYiFcMB9kXfr+Ip5n9qs4K8=
Subject key identifier: 09:0B:58:DE:D1:3F:78:99:37:08:90:1A:15:C9:C5:13:6D:2A:0A:63
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 838E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9C0EB94FE2211EE82872E33017001B1.roa
Signing time: Fri 19 Apr 2024 08:00:40 +0000
ROA not before: Fri 19 Apr 2024 08:00:37 +0000
ROA not after: Mon 29 Apr 2024 08:00:37 +0000
asID: 5065
IP address blocks: 156.249.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33678 (0x838e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 19 08:00:37 2024 GMT
Not After : Apr 29 08:00:37 2024 GMT
Subject: CN=662224a8-3dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:18:16:1f:e3:b3:58:07:25:af:65:db:9c:7f:
df:55:58:cb:6f:af:30:12:b8:2d:a6:05:58:94:e0:
71:11:ba:de:a3:ef:fc:1f:20:c2:dd:a5:d9:3c:11:
b6:98:3f:06:e1:d2:13:b8:73:43:d2:f3:e5:a7:5e:
d5:71:1a:8a:01:1d:54:0f:31:5a:03:08:57:cf:59:
9c:05:a0:fc:4d:b3:ce:be:58:df:b2:a9:dc:e1:dd:
77:59:81:57:b6:95:f7:81:a3:b0:04:f7:c0:59:8d:
a0:78:7c:71:fb:ae:81:1c:72:9f:96:63:e5:13:73:
d6:b8:50:26:78:dd:d0:d9:0e:24:a7:0a:fd:e2:ef:
25:2e:63:0f:d8:1c:f6:55:0e:94:3c:ba:b7:59:b2:
b8:ce:7e:18:42:5a:1f:b3:5d:44:97:90:c0:c1:27:
74:5b:f7:7f:be:5d:0d:ea:33:1b:98:31:de:94:80:
fd:5b:40:8d:14:54:c2:27:98:9c:b0:bd:64:d1:b3:
6a:7b:d2:27:b4:8b:2b:c1:9c:89:5d:36:68:34:19:
41:4d:2c:c8:78:d9:da:bf:69:b7:db:c9:bd:ec:10:
8f:d0:74:d3:74:de:1d:9d:45:ec:dc:a5:b1:55:06:
59:e1:8d:d8:65:2e:f0:f4:df:88:52:9b:5e:c6:0e:
45:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:0B:58:DE:D1:3F:78:99:37:08:90:1A:15:C9:C5:13:6D:2A:0A:63
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9C0EB94FE2211EE82872E33017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.56.0/22
Signature Algorithm: sha256WithRSAEncryption
24:27:71:9b:c3:16:dd:fb:51:ff:03:d0:47:d4:eb:f5:b2:24:
f3:a2:3d:b1:00:72:45:28:6b:46:73:56:df:b3:d2:ca:e4:1e:
50:aa:46:97:e2:c9:a8:c6:ef:cc:42:ff:be:e3:2a:7e:af:2e:
8f:ac:9c:45:bd:6b:83:06:1d:3e:3f:eb:19:3d:a7:38:67:bc:
96:8d:5d:42:7d:ae:d0:ac:90:44:82:05:e3:2e:dc:c1:9a:47:
29:36:6f:bf:21:11:9b:a3:29:6e:e7:21:02:f9:e7:0b:bb:f4:
e5:73:d0:3b:e0:7a:e3:a3:67:1f:ac:96:1b:bf:5d:89:e6:ba:
12:9e:71:4e:85:2a:37:88:e5:5a:02:2a:08:df:68:e4:c1:af:
74:03:35:19:8b:72:50:f9:1a:d4:2c:d4:b4:01:5d:59:50:e9:
dd:51:82:60:9e:23:e9:c4:31:8a:1f:03:6f:ea:9a:5f:ea:82:
0d:54:9e:1c:fd:1a:6a:a8:eb:93:bf:c8:5a:1d:31:92:31:cc:
f4:77:d3:74:29:4f:3a:7b:4f:8c:e5:f6:71:b5:77:0c:93:4d:
24:65:66:10:02:6b:c2:52:35:18:c2:76:58:5b:8f:e6:1a:6c:
3b:e0:f5:0b:bc:d0:aa:07:fe:aa:77:90:6f:2c:c0:6a:a6:2d:
3a:b6:cd:5b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIOOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDE5MDgwMDM3WhcNMjQwNDI5MDgwMDM3WjAYMRYw
FAYDVQQDEw02NjIyMjRhOC0zZGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0hgWH+OzWAclr2XbnH/fVVjLb68wErgtpgVYlOBxEbreo+/8HyDC3aXZ
PBG2mD8G4dITuHND0vPlp17VcRqKAR1UDzFaAwhXz1mcBaD8TbPOvljfsqnc4d13
WYFXtpX3gaOwBPfAWY2geHxx+66BHHKflmPlE3PWuFAmeN3Q2Q4kpwr94u8lLmMP
2Bz2VQ6UPLq3WbK4zn4YQlofs11El5DAwSd0W/d/vl0N6jMbmDHelID9W0CNFFTC
J5icsL1k0bNqe9IntIsrwZyJXTZoNBlBTSzIeNnav2m328m97BCP0HTTdN4dnUXs
3KWxVQZZ4Y3YZS7w9N+IUptexg5FiwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAkL
WN7RP3iZNwiQGhXJxRNtKgpjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOUMwRUI5NEZFMjIxMUVFODI4NzJFMzMwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPk4MA0GCSqGSIb3DQEBCwUA
A4IBAQAkJ3Gbwxbd+1H/A9BH1Ov1siTzoj2xAHJFKGtGc1bfs9LK5B5QqkaX4smo
xu/MQv++4yp+ry6PrJxFvWuDBh0+P+sZPac4Z7yWjV1Cfa7QrJBEggXjLtzBmkcp
Nm+/IRGboylu5yEC+ecLu/Tlc9A74Hrjo2cfrJYbv12J5roSnnFOhSo3iOVaAioI
32jkwa90AzUZi3JQ+RrULNS0AV1ZUOndUYJgniPpxDGKHwNv6ppf6oINVJ4c/Rpq
qOuTv8haHTGSMcz0d9N0KU86e0+M5fZxtXcMk00kZWYQAmvCUjUYwnZYW4/mGmw7
4PULvNCqB/6qd5BvLMBqpi06ts1b
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:25 2024 by rpki-client on console-fra.rpki-client.org