Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/002D6E6CF5DE11EF8D763B70762E951A.roa
File: 002D6E6CF5DE11EF8D763B70762E951A.roa (raw, json)
Hash identifier: hvpDjAQbgBxgHQcSB57cKcrdx4bCQ6j1wFjq4gyNOms=
Subject key identifier: 93:F8:D7:73:2E:D7:4C:D7:31:96:37:7D:78:CD:50:FE:9B:99:6B:E3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013E2C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/002D6E6CF5DE11EF8D763B70762E951A.roa
Signing time: Fri 28 Feb 2025 14:12:11 +0000
ROA not before: Fri 28 Feb 2025 14:12:07 +0000
ROA not after: Fri 04 Apr 2025 14:12:07 +0000
asID: 199052
IP address blocks: 156.229.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81452 (0x13e2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 14:12:07 2025 GMT
Not After : Apr 4 14:12:07 2025 GMT
Subject: CN=67c1c43b-6902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8d:60:58:63:4d:36:7c:54:10:84:b7:46:5d:
c6:b7:cb:14:79:90:f2:08:d6:b7:e4:26:f3:57:1a:
6e:4e:a0:9e:23:f6:83:a2:82:be:c3:5f:85:5b:a1:
2a:f2:9b:32:e8:37:26:56:a5:06:80:da:11:f9:12:
27:7a:78:96:2d:62:26:fc:b9:f0:df:a7:9e:36:9e:
96:d9:8f:68:da:79:35:2c:ff:63:65:14:fe:f5:7e:
d7:23:ec:25:52:51:53:b7:71:f5:fe:21:11:35:77:
ed:04:a7:43:e9:47:07:c0:75:60:65:a8:e7:93:44:
31:09:c0:c5:36:9f:3b:3a:e4:c4:4f:6a:5e:a0:7f:
1b:4b:15:53:41:2a:0f:e1:a2:89:9c:fc:fa:fe:60:
97:0f:41:47:c8:e9:6b:ea:c5:3e:f6:6c:9a:44:94:
cd:18:46:c6:6f:ff:8b:de:3c:27:2c:1a:6f:01:e6:
13:71:b9:2c:2a:d5:26:f4:4c:0d:f8:99:5c:2b:b5:
3f:46:6c:68:e3:a8:0d:b1:f5:bd:f5:ba:31:96:f1:
3b:aa:33:a1:12:a8:1d:0b:18:77:3b:a0:76:92:6a:
8f:e2:3b:f7:80:b8:64:49:93:0e:d2:ab:c0:66:6c:
19:0d:bb:83:e6:65:82:f4:aa:84:ea:26:24:ff:3f:
41:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F8:D7:73:2E:D7:4C:D7:31:96:37:7D:78:CD:50:FE:9B:99:6B:E3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/002D6E6CF5DE11EF8D763B70762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.247.0/24
Signature Algorithm: sha256WithRSAEncryption
02:38:4c:5d:65:d1:ae:44:4a:c5:52:0c:ca:f2:f0:ac:c8:4e:
e9:06:41:42:09:1e:e9:19:1e:f8:71:30:a8:c6:e6:75:0f:06:
a7:c7:d4:85:b0:24:9c:d5:1c:fa:0b:32:7b:4f:4e:9c:09:2a:
27:d9:b8:cc:a2:ff:2f:8a:90:39:d7:fd:e4:f9:e2:2c:06:5f:
8c:72:0b:67:0a:14:d4:f0:db:66:23:76:23:2e:2a:2f:83:d1:
e2:5e:6e:6a:88:b6:34:c4:7e:9e:e4:1c:d8:3d:35:76:f1:d1:
91:7c:ab:cd:5c:6d:18:4a:9c:9c:5a:b8:3a:6d:89:3a:5e:c0:
87:b9:90:bc:d0:b9:66:84:b2:39:b6:aa:7b:7d:cd:10:bf:a8:
72:56:23:3e:29:7f:25:31:26:2c:06:e2:e7:cc:57:4a:be:df:
84:23:9b:3e:0f:31:01:3a:e0:e6:74:a9:c1:58:c0:9f:93:2b:
37:71:30:b8:44:4d:1c:8b:68:ff:7e:99:89:ab:40:ef:7d:6a:
11:88:3d:38:e1:d8:3e:51:1d:c3:88:66:1f:d9:24:fc:73:21:
95:a3:3a:9e:90:89:85:ce:0b:2c:c3:e3:ad:d4:68:98:c6:29:
b3:87:86:3e:8d:2c:4c:2a:cc:95:a9:01:e0:e7:57:05:7d:76:
a0:35:79:20
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT4sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTQxMjA3WhcNMjUwNDA0MTQxMjA3WjAYMRYw
FAYDVQQDEw02N2MxYzQzYi02OTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA341gWGNNNnxUEIS3Rl3Gt8sUeZDyCNa35CbzVxpuTqCeI/aDooK+w1+F
W6Eq8psy6DcmVqUGgNoR+RIneniWLWIm/Lnw36eeNp6W2Y9o2nk1LP9jZRT+9X7X
I+wlUlFTt3H1/iERNXftBKdD6UcHwHVgZajnk0QxCcDFNp87OuTET2peoH8bSxVT
QSoP4aKJnPz6/mCXD0FHyOlr6sU+9myaRJTNGEbGb/+L3jwnLBpvAeYTcbksKtUm
9EwN+JlcK7U/Rmxo46gNsfW99boxlvE7qjOhEqgdCxh3O6B2kmqP4jv3gLhkSZMO
0qvAZmwZDbuD5mWC9KqE6iYk/z9BtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJP4
13Mu10zXMZY3fXjNUP6bmWvjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMDJENkU2Q0Y1REUxMUVGOEQ3NjNCNzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOX3MA0GCSqGSIb3DQEBCwUA
A4IBAQACOExdZdGuRErFUgzK8vCsyE7pBkFCCR7pGR74cTCoxuZ1Dwanx9SFsCSc
1Rz6CzJ7T06cCSon2bjMov8vipA51/3k+eIsBl+McgtnChTU8NtmI3YjLiovg9Hi
Xm5qiLY0xH6e5BzYPTV28dGRfKvNXG0YSpycWrg6bYk6XsCHuZC80LlmhLI5tqp7
fc0Qv6hyViM+KX8lMSYsBuLnzFdKvt+EI5s+DzEBOuDmdKnBWMCfkys3cTC4RE0c
i2j/fpmJq0DvfWoRiD044dg+UR3DiGYf2ST8cyGVozqekImFzgssw+Ot1GiYximz
h4Y+jSxMKsyVqQHg51cFfXagNXkg
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:13 2025 by rpki-client