Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8CCFC0CF70311EE9EBEDB7D775412E6.roa
File: F8CCFC0CF70311EE9EBEDB7D775412E6.roa (raw, json)
Hash identifier: VQIFmEoYqQ6mIaF52uH3WpBO8FBxgMh4mvwcu96+aaM=
Subject key identifier: D5:4D:2D:0A:7F:59:96:0F:DB:35:F9:19:F0:B0:03:B1:82:A3:AB:26
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 81EF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8CCFC0CF70311EE9EBEDB7D775412E6.roa
Signing time: Wed 10 Apr 2024 06:31:33 +0000
ROA not before: Wed 10 Apr 2024 06:31:29 +0000
ROA not after: Wed 01 May 2024 06:31:29 +0000
asID: 44559
IP address blocks: 156.236.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33263 (0x81ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 10 06:31:29 2024 GMT
Not After : May 1 06:31:29 2024 GMT
Subject: CN=66163245-aa79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5f:bd:87:78:35:75:4c:f8:e4:43:c6:99:c2:
07:73:79:b7:59:17:1e:36:26:7f:bf:5b:f7:5a:b3:
c9:1e:07:ca:56:b6:85:5e:d3:85:37:6c:b3:4d:17:
3a:ed:8f:f5:b3:f3:18:bd:ae:53:34:7a:36:6a:f7:
1e:65:a1:5a:8c:32:f9:3a:64:c7:87:71:98:2e:61:
cb:62:fb:52:6e:19:df:8c:9d:ca:d1:73:fa:5d:de:
db:52:fb:61:ba:50:bf:f0:0d:f1:f0:4f:66:7a:58:
1d:00:b4:ab:81:bf:52:46:0a:50:b5:65:39:76:df:
60:cf:82:24:3f:3e:ae:ab:b9:9e:66:44:ac:76:1d:
2f:8e:6a:67:19:59:de:2a:fd:69:c4:7b:e6:da:c6:
98:15:1a:56:c3:c6:15:0a:cc:8a:35:27:6e:1c:2e:
42:46:91:cd:e2:20:57:47:6e:5b:e9:3d:86:0d:21:
89:62:0d:b7:04:99:74:e7:ef:0a:0f:f9:5f:86:c3:
c1:7a:d1:0d:fd:ba:bd:56:a2:00:34:cd:96:28:63:
37:c4:6b:62:8d:c3:83:c0:a8:fd:86:7a:ba:5d:ac:
f0:c9:8b:74:76:d7:58:93:b9:3d:8f:11:1a:c5:14:
b4:3c:6d:e8:ff:73:b1:f6:cf:8f:67:20:2f:3b:a8:
d1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:4D:2D:0A:7F:59:96:0F:DB:35:F9:19:F0:B0:03:B1:82:A3:AB:26
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8CCFC0CF70311EE9EBEDB7D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.8.0/22
Signature Algorithm: sha256WithRSAEncryption
33:0b:c3:f4:34:03:89:19:9b:0b:33:6c:38:64:32:cb:13:89:
57:f9:a5:d5:9e:8d:b7:66:e3:ed:34:df:e0:13:2c:49:36:a8:
d4:ad:74:2e:ea:c4:ac:b9:03:bd:d3:b8:c8:a8:59:70:97:d7:
e6:d7:66:fa:01:87:c8:6a:f0:41:09:fe:fb:13:d4:4d:64:b0:
11:fd:82:11:f1:bd:9a:82:46:98:a4:e0:50:07:1c:9b:70:c9:
f4:83:5c:6c:dc:3f:96:40:4f:ca:b4:6f:6c:55:bf:08:b4:a8:
6e:e6:11:65:1b:71:4e:ba:75:19:02:19:49:c9:de:ed:81:d8:
2f:62:41:8c:25:08:01:e2:ea:04:a7:3e:66:8d:a8:aa:ae:f0:
c8:27:36:ab:5e:86:3c:42:8d:b5:50:fe:88:b2:bf:69:15:2d:
7f:96:21:75:18:10:7f:76:38:7f:f6:bc:3a:f3:1e:c5:70:27:
cf:b2:a0:91:d1:4d:a5:d2:a1:5c:fe:f0:fc:32:35:33:25:f3:
d9:7d:ea:85:5f:03:e2:e0:18:51:37:17:49:08:e1:cc:9f:24:
b8:67:66:da:68:28:2c:ba:78:72:75:66:58:31:81:5e:7c:09:
e2:53:7f:b5:b0:ce:b9:91:00:48:5c:81:3b:a0:68:7d:f3:64:
3e:d3:3e:88
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIHvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDEwMDYzMTI5WhcNMjQwNTAxMDYzMTI5WjAYMRYw
FAYDVQQDEw02NjE2MzI0NS1hYTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA11+9h3g1dUz45EPGmcIHc3m3WRceNiZ/v1v3WrPJHgfKVraFXtOFN2yz
TRc67Y/1s/MYva5TNHo2avceZaFajDL5OmTHh3GYLmHLYvtSbhnfjJ3K0XP6Xd7b
UvthulC/8A3x8E9melgdALSrgb9SRgpQtWU5dt9gz4IkPz6uq7meZkSsdh0vjmpn
GVneKv1pxHvm2saYFRpWw8YVCsyKNSduHC5CRpHN4iBXR25b6T2GDSGJYg23BJl0
5+8KD/lfhsPBetEN/bq9VqIANM2WKGM3xGtijcODwKj9hnq6XazwyYt0dtdYk7k9
jxEaxRS0PG3o/3Ox9s+PZyAvO6jREwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNVN
LQp/WZYP2zX5GfCwA7GCo6smMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GOENDRkMwQ0Y3MDMxMUVFOUVCRURCN0Q3NzU0MTJFNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOwIMA0GCSqGSIb3DQEBCwUA
A4IBAQAzC8P0NAOJGZsLM2w4ZDLLE4lX+aXVno23ZuPtNN/gEyxJNqjUrXQu6sSs
uQO907jIqFlwl9fm12b6AYfIavBBCf77E9RNZLAR/YIR8b2agkaYpOBQBxybcMn0
g1xs3D+WQE/KtG9sVb8ItKhu5hFlG3FOunUZAhlJyd7tgdgvYkGMJQgB4uoEpz5m
jaiqrvDIJzarXoY8Qo21UP6Isr9pFS1/liF1GBB/djh/9rw68x7FcCfPsqCR0U2l
0qFc/vD8MjUzJfPZfeqFXwPi4BhRNxdJCOHMnyS4Z2baaCgsunhydWZYMYFefAni
U3+1sM65kQBIXIE7oGh982Q+0z6I
-----END CERTIFICATE-----
Generated at Wed May 1 12:38:37 2024 by rpki-client on console-ams.rpki-client.org