Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F5D39/139026B082E011EE9099DC254AD9E6FC/78756D0282E911EEBA2F66424AD9E6FC.roa
File: 78756D0282E911EEBA2F66424AD9E6FC.roa (raw, json)
Hash identifier: OnJQJJ3dbycWsE1uvcglrcaNJEflDhtD++3FUMQe19M=
Subject key identifier: BC:D6:39:0A:8C:D3:7E:6D:0F:F2:33:2E:35:BF:7A:38:32:63:5C:AF
Certificate issuer: /CN=F36F5D39AR/serialNumber=020A4AF0D0FE11B703D11F397A5363CD0FBA13A4
Certificate serial: 02
Authority key identifier: 02:0A:4A:F0:D0:FE:11:B7:03:D1:1F:39:7A:53:63:CD:0F:BA:13:A4
Authority info access: rsync://rpki.afrinic.net/repository/arin/AgpK8ND-EbcD0R85elNjzQ-6E6Q.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F5D39/139026B082E011EE9099DC254AD9E6FC/78756D0282E911EEBA2F66424AD9E6FC.roa
Signing time: Tue 14 Nov 2023 12:29:35 +0000
ROA not before: Tue 14 Nov 2023 12:29:30 +0000
ROA not after: Thu 14 Nov 2024 12:29:30 +0000
asID: 328180
IP address blocks: 156.38.8.0/24 maxlen: 24
156.38.9.0/24 maxlen: 24
156.38.10.0/24 maxlen: 24
156.38.11.0/24 maxlen: 24
156.38.12.0/24 maxlen: 24
156.38.13.0/24 maxlen: 24
156.38.14.0/24 maxlen: 24
156.38.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F5D39AR/serialNumber=020A4AF0D0FE11B703D11F397A5363CD0FBA13A4
Validity
Not Before: Nov 14 12:29:30 2023 GMT
Not After : Nov 14 12:29:30 2024 GMT
Subject: CN=6553682f-0ffe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:01:cb:68:29:02:06:df:d0:82:69:c0:77:db:
4a:dc:e8:29:b7:c5:26:84:d3:35:14:1e:b3:e2:b2:
ff:3c:13:4a:46:cf:44:e7:be:90:b0:5e:a9:57:bc:
4a:9d:a5:fb:13:d1:79:4e:9b:5f:02:2d:93:f8:a7:
26:3f:a3:b3:e6:a7:e4:16:4f:e2:cc:cd:0f:e9:23:
d3:19:6f:8c:d3:d9:3d:4e:0c:b8:3c:68:09:67:2d:
20:12:5b:ae:75:5d:88:c7:22:5a:af:8d:d9:82:61:
85:18:d2:58:c5:46:20:3e:11:71:37:a4:08:2b:ce:
d2:94:3c:8c:23:bb:60:b8:d8:63:9c:fa:46:d6:2e:
88:b2:b5:cb:46:d4:c0:ab:08:a9:36:11:9f:af:ee:
e2:93:30:f2:b6:45:ce:a4:33:7c:b7:d6:2c:23:74:
84:fc:dc:56:44:7a:23:4a:ec:5f:d9:bc:5e:85:73:
ec:48:0b:2a:f9:07:d2:21:9f:d8:c1:bb:2a:2c:3f:
a5:cd:ba:cf:b2:aa:ac:f3:fe:2f:33:24:a7:40:16:
72:5e:38:a9:08:2a:1e:25:36:19:f5:d6:34:f0:61:
1a:a0:ef:1c:26:b5:20:37:1a:91:fc:d6:7e:1c:6f:
2f:92:a5:65:aa:e1:be:3e:c9:e4:b7:89:e9:99:5d:
85:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D6:39:0A:8C:D3:7E:6D:0F:F2:33:2E:35:BF:7A:38:32:63:5C:AF
X509v3 Authority Key Identifier:
keyid:02:0A:4A:F0:D0:FE:11:B7:03:D1:1F:39:7A:53:63:CD:0F:BA:13:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F5D39/139026B082E011EE9099DC254AD9E6FC/AgpK8ND-EbcD0R85elNjzQ-6E6Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/AgpK8ND-EbcD0R85elNjzQ-6E6Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F5D39/139026B082E011EE9099DC254AD9E6FC/78756D0282E911EEBA2F66424AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.38.8.0/21
Signature Algorithm: sha256WithRSAEncryption
92:a1:0f:7b:4c:96:f1:97:39:7d:94:30:39:ee:6a:3d:ca:9c:
f2:11:8d:2d:e4:1b:18:41:99:58:2b:14:31:9f:e3:a5:48:9f:
5b:6c:58:31:95:59:eb:7c:5e:f3:1e:8a:c7:e3:6d:a5:95:ed:
d5:fd:de:9c:2c:a5:c3:09:dd:9a:84:6a:3f:32:af:d8:eb:3b:
77:75:cd:e0:91:91:a0:a3:36:7c:4b:10:e6:7b:74:d5:63:86:
56:5e:03:d6:55:d1:e8:69:e7:35:3c:38:d2:ae:d5:81:ca:36:
f0:c2:86:2a:b6:e7:64:f2:93:be:ca:5d:70:e2:10:6f:a9:60:
58:65:a9:5e:bd:03:e8:ae:4e:ce:e1:84:d3:eb:cf:19:7a:7d:
01:2f:b1:25:51:75:5c:9b:c3:bb:5c:ac:40:16:c8:4a:e7:c5:
c4:01:e9:87:c0:4a:12:e3:ed:4d:d9:06:30:fe:80:1a:94:95:
78:31:f6:b9:d0:51:f3:c8:bf:04:d0:d8:b7:db:d7:ab:1e:3f:
e6:3c:af:7e:72:21:c2:6b:49:59:d7:48:2a:f7:69:fb:7a:ed:
d0:03:df:56:65:40:43:0c:db:ee:02:85:23:a8:47:29:89:23:
4d:a5:22:a8:fe:47:73:45:45:4e:44:93:18:2f:15:17:31:85:
93:54:5b:65
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
NUQzOUFSMTEwLwYDVQQFEygwMjBBNEFGMEQwRkUxMUI3MDNEMTFGMzk3QTUzNjND
RDBGQkExM0E0MB4XDTIzMTExNDEyMjkzMFoXDTI0MTExNDEyMjkzMFowGDEWMBQG
A1UEAxMNNjU1MzY4MmYtMGZmZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPoBy2gpAgbf0IJpwHfbStzoKbfFJoTTNRQes+Ky/zwTSkbPROe+kLBeqVe8
Sp2l+xPReU6bXwItk/inJj+js+an5BZP4szND+kj0xlvjNPZPU4MuDxoCWctIBJb
rnVdiMciWq+N2YJhhRjSWMVGID4RcTekCCvO0pQ8jCO7YLjYY5z6RtYuiLK1y0bU
wKsIqTYRn6/u4pMw8rZFzqQzfLfWLCN0hPzcVkR6I0rsX9m8XoVz7EgLKvkH0iGf
2MG7Kiw/pc26z7KqrPP+LzMkp0AWcl44qQgqHiU2GfXWNPBhGqDvHCa1IDcakfzW
fhxvL5KlZarhvj7J5LeJ6ZldhYkCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBS81jkK
jNN+bQ/yMy41v3o4MmNcrzAfBgNVHSMEGDAWgBQCCkrw0P4RtwPRHzl6U2PND7oT
pDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjVEMzkvMTM5MDI2QjA4MkUwMTFFRTkwOTlEQzI1NEFEOUU2RkMvQWdwSzhO
RC1FYmNEMFI4NWVsTmp6US02RTZRLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
QWdwSzhORC1FYmNEMFI4NWVsTmp6US02RTZRLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2RjVEMzkvMTM5MDI2QjA4MkUwMTFFRTkwOTlEQzI1NEFEOUU2
RkMvNzg3NTZEMDI4MkU5MTFFRUJBMkY2NjQyNEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA5wmCDANBgkqhkiG9w0BAQsFAAOC
AQEAkqEPe0yW8Zc5fZQwOe5qPcqc8hGNLeQbGEGZWCsUMZ/jpUifW2xYMZVZ63xe
8x6Kx+NtpZXt1f3enCylwwndmoRqPzKv2Os7d3XN4JGRoKM2fEsQ5nt01WOGVl4D
1lXR6GnnNTw40q7Vgco28MKGKrbnZPKTvspdcOIQb6lgWGWpXr0D6K5OzuGE0+vP
GXp9AS+xJVF1XJvDu1ysQBbISufFxAHph8BKEuPtTdkGMP6AGpSVeDH2udBR88i/
BNDYt9vXqx4/5jyvfnIhwmtJWddIKvdp+3rt0APfVmVAQwzb7gKFI6hHKYkjTaUi
qP5Hc0VFTkSTGC8VFzGFk1RbZQ==
-----END CERTIFICATE-----
Generated at Thu Nov 14 18:30:08 2024 by rpki-client on console-fra.rpki-client.org