Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FFB88446FB9511EEA6523F63017001B1.roa
File: FFB88446FB9511EEA6523F63017001B1.roa (raw, json)
Hash identifier: Hk59cMdxNyMSPegT100YQ2xVDw/XtVo06vDlD5IVpWI=
Subject key identifier: AF:CC:10:2C:FB:91:31:CC:EF:B1:FE:35:69:10:F6:45:1E:C3:89:2C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8289
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FFB88446FB9511EEA6523F63017001B1.roa
Signing time: Tue 16 Apr 2024 02:06:55 +0000
ROA not before: Tue 16 Apr 2024 02:06:52 +0000
ROA not after: Mon 29 Apr 2024 02:06:52 +0000
asID: 141883
IP address blocks: 45.200.24.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33417 (0x8289)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 16 02:06:52 2024 GMT
Not After : Apr 29 02:06:52 2024 GMT
Subject: CN=661ddd3f-84de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ad:91:81:19:58:f7:96:a2:1c:fc:6f:e5:04:
69:be:8b:66:80:6f:1e:0d:03:2b:a0:18:a3:fe:4c:
0d:0d:ea:4a:b9:83:74:d4:ad:cd:92:95:38:89:f8:
e8:85:8b:f2:c6:c7:25:f4:6d:fa:f6:40:86:80:20:
62:5d:6e:39:76:14:8a:78:ff:f1:bb:e7:e5:6d:3c:
bc:b1:0f:36:67:ef:65:b1:a1:cf:6e:a9:c4:6b:6a:
58:e4:08:75:3d:17:e8:82:d1:d0:0f:16:39:1d:57:
59:6a:af:a2:e0:a3:e3:a7:f7:43:93:5d:79:92:a8:
99:ed:9f:87:f1:c0:b7:81:60:b5:6e:9c:a4:9a:6e:
29:1c:e7:74:21:dd:a7:8c:1b:cf:5d:11:e4:7f:ec:
dc:e3:9f:5e:9a:a5:a6:ad:8a:2a:bf:df:2e:3e:c3:
22:1c:c9:75:88:39:68:fe:b5:48:26:d8:4a:15:72:
07:cd:dc:8d:a6:3e:de:85:3b:59:3a:d2:e3:2e:5f:
30:8e:97:7e:d1:9d:80:ee:c6:7d:c0:46:22:19:6d:
05:2e:4e:38:66:67:a1:b5:22:66:55:b2:58:1e:1b:
18:0a:c3:51:8a:a7:84:59:24:95:5b:be:e6:16:75:
97:e5:96:09:0e:76:0f:ff:40:08:91:2b:07:69:17:
cd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:CC:10:2C:FB:91:31:CC:EF:B1:FE:35:69:10:F6:45:1E:C3:89:2C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FFB88446FB9511EEA6523F63017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.24.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:38:6a:28:39:47:9b:06:3d:cc:c6:04:61:61:6b:73:45:5f:
86:b4:23:33:f4:02:22:89:c5:4e:0e:96:35:e8:e4:81:a4:06:
63:ab:39:3c:17:93:b3:48:85:0d:3d:3c:69:2c:d1:55:4b:40:
22:c2:e6:70:90:0e:c3:02:d5:59:d3:d2:9e:69:1e:7d:10:79:
03:5c:95:0c:ed:69:8f:3c:4f:93:62:bc:72:9e:09:4d:84:9d:
cc:c7:6b:10:28:e0:f3:9c:10:01:c8:01:15:04:03:dd:37:68:
41:17:fb:82:c0:57:10:0a:5a:c8:09:ea:28:24:43:27:cc:99:
be:dc:54:81:f7:4c:69:3b:9d:db:6d:06:39:83:55:11:78:6d:
92:43:4c:87:43:2b:1e:54:ec:ec:f5:4d:42:7a:1f:17:9a:22:
fd:21:5b:bb:33:c9:8e:a0:cc:88:f1:38:65:f8:19:cd:fa:56:
64:ea:24:d4:ac:d4:56:ad:7b:fd:a1:41:f5:af:e6:d2:17:6e:
0a:9d:13:81:b9:81:42:f5:57:bb:e6:1a:c9:36:37:4b:8a:48:
83:2b:d4:76:9d:e5:75:9b:f5:e5:da:63:26:ee:5e:5b:24:f1:
93:7e:21:ac:45:ca:e2:31:c1:cd:19:ff:28:8e:c4:09:e0:64:
cd:a1:6b:b8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIKJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDE2MDIwNjUyWhcNMjQwNDI5MDIwNjUyWjAYMRYw
FAYDVQQDEw02NjFkZGQzZi04NGRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsq2RgRlY95aiHPxv5QRpvotmgG8eDQMroBij/kwNDepKuYN01K3NkpU4
ifjohYvyxscl9G369kCGgCBiXW45dhSKeP/xu+flbTy8sQ82Z+9lsaHPbqnEa2pY
5Ah1PRfogtHQDxY5HVdZaq+i4KPjp/dDk115kqiZ7Z+H8cC3gWC1bpykmm4pHOd0
Id2njBvPXRHkf+zc459emqWmrYoqv98uPsMiHMl1iDlo/rVIJthKFXIHzdyNpj7e
hTtZOtLjLl8wjpd+0Z2A7sZ9wEYiGW0FLk44ZmehtSJmVbJYHhsYCsNRiqeEWSSV
W77mFnWX5ZYJDnYP/0AIkSsHaRfNVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK/M
ECz7kTHM77H+NWkQ9kUew4ksMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRkI4ODQ0NkZCOTUxMUVFQTY1MjNGNjMwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcgYMA0GCSqGSIb3DQEBCwUA
A4IBAQA8OGooOUebBj3MxgRhYWtzRV+GtCMz9AIiicVODpY16OSBpAZjqzk8F5Oz
SIUNPTxpLNFVS0AiwuZwkA7DAtVZ09KeaR59EHkDXJUM7WmPPE+TYrxynglNhJ3M
x2sQKODznBAByAEVBAPdN2hBF/uCwFcQClrICeooJEMnzJm+3FSB90xpO53bbQY5
g1UReG2SQ0yHQyseVOzs9U1Ceh8XmiL9IVu7M8mOoMyI8Thl+BnN+lZk6iTUrNRW
rXv9oUH1r+bSF24KnROBuYFC9Ve75hrJNjdLikiDK9R2neV1m/Xl2mMm7l5bJPGT
fiGsRcriMcHNGf8ojsQJ4GTNoWu4
-----END CERTIFICATE-----
Generated at Mon Apr 29 04:17:23 2024 by rpki-client on console-fra.rpki-client.org