Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/04309F14C10111EFBFA1EC67762E951A.roa
File: 04309F14C10111EFBFA1EC67762E951A.roa (raw, json)
Hash identifier: yLCPZs6f3DeMXYNz5x6gn/xfJDZtblz3lZfElfuvt/M=
Subject key identifier: AE:BC:39:CA:49:AC:6F:BC:66:79:E8:2F:98:56:70:FD:5A:40:59:7F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E818
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/04309F14C10111EFBFA1EC67762E951A.roa
Signing time: Mon 23 Dec 2024 07:39:18 +0000
ROA not before: Mon 23 Dec 2024 07:39:15 +0000
ROA not after: Sat 01 Feb 2025 07:39:15 +0000
asID: 395886
IP address blocks: 156.238.224.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59416 (0xe818)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 23 07:39:15 2024 GMT
Not After : Feb 1 07:39:15 2025 GMT
Subject: CN=676913a6-9411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d4:d5:7b:7c:0e:32:fc:27:99:d8:70:8b:ec:
2c:7a:09:33:6f:f3:a9:47:7e:e1:1b:cc:0a:47:76:
94:11:01:7a:34:0a:20:82:45:7b:f1:fd:58:7d:f6:
ed:53:d0:c8:e0:12:ce:fd:11:b2:c7:f1:fa:f4:d2:
5b:de:6d:db:52:7c:2c:db:1d:ca:40:c7:03:19:08:
d8:10:cd:70:cb:11:e7:a8:cc:79:c4:2f:d8:9e:37:
06:04:8b:02:5f:a0:23:05:6e:70:87:da:02:fa:b2:
c4:2d:1a:10:64:68:88:aa:6f:1e:2b:33:74:a9:b5:
56:9f:b9:f1:e6:54:e0:a6:9f:19:b2:9d:12:bc:c6:
77:49:fe:0d:0e:37:7e:0d:df:ba:e0:2c:7f:92:08:
89:10:a6:26:92:0b:bf:b5:3b:03:a9:b1:42:bd:0e:
e8:ec:64:53:8c:9c:3e:4a:e2:ee:c4:ab:73:88:de:
6a:b1:88:0e:5e:21:46:4a:39:a7:e1:b7:08:7e:d3:
e6:04:5c:67:96:71:d5:85:50:91:d5:4a:11:84:a5:
42:22:44:bc:6d:4c:44:f7:54:e9:4f:58:d0:57:ec:
12:84:04:21:6d:a3:c8:7f:6d:4e:c7:aa:19:33:2c:
ee:73:75:ab:df:df:17:bb:26:23:40:36:29:1b:88:
f8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BC:39:CA:49:AC:6F:BC:66:79:E8:2F:98:56:70:FD:5A:40:59:7F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/04309F14C10111EFBFA1EC67762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.224.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:d4:ef:9d:db:b2:02:36:05:30:9d:e9:9a:d3:56:e6:f8:2f:
0b:c6:57:6c:7e:f7:cd:3a:24:9d:5a:91:ee:18:77:38:40:ef:
e8:ac:74:b8:fa:8d:9c:a6:0e:a8:08:32:b3:9d:15:dc:89:ea:
18:19:81:1f:fc:5e:66:e9:71:50:93:41:a6:b8:30:97:7c:ee:
3e:64:8d:f5:16:31:c7:34:47:94:d7:fd:fd:7d:eb:97:f0:a1:
d5:a9:0f:ca:ad:48:05:00:dd:1f:ca:24:a1:6d:7a:c2:73:34:
59:50:43:08:63:ad:95:e7:db:fa:1e:94:6f:7d:7a:03:d7:30:
75:6c:67:20:d3:61:ee:bc:44:2f:a9:79:d3:7a:20:a1:87:74:
c2:24:11:83:48:c9:c8:6c:42:7f:cf:75:fb:6f:31:ca:36:1b:
9a:61:d9:98:63:e7:d8:d0:8d:1c:07:3d:71:3d:d9:a3:7c:9d:
c6:38:74:bd:52:4a:4e:03:98:c2:af:fb:83:2c:79:0d:0c:f3:
c6:e6:42:67:01:5d:7c:83:2d:d5:b5:e0:68:df:e5:1b:06:92:
cc:b0:64:b3:05:d3:57:d2:45:57:73:d1:ed:af:8a:40:17:0c:
d6:f2:e4:cf:34:5f:a9:bb:39:0c:20:73:b0:b2:b0:c6:ce:d9:
b7:fb:b7:e3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOgYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIzMDczOTE1WhcNMjUwMjAxMDczOTE1WjAYMRYw
FAYDVQQDEw02NzY5MTNhNi05NDExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq9TVe3wOMvwnmdhwi+wsegkzb/OpR37hG8wKR3aUEQF6NAoggkV78f1Y
ffbtU9DI4BLO/RGyx/H69NJb3m3bUnws2x3KQMcDGQjYEM1wyxHnqMx5xC/YnjcG
BIsCX6AjBW5wh9oC+rLELRoQZGiIqm8eKzN0qbVWn7nx5lTgpp8Zsp0SvMZ3Sf4N
Djd+Dd+64Cx/kgiJEKYmkgu/tTsDqbFCvQ7o7GRTjJw+SuLuxKtziN5qsYgOXiFG
Sjmn4bcIftPmBFxnlnHVhVCR1UoRhKVCIkS8bUxE91TpT1jQV+wShAQhbaPIf21O
x6oZMyzuc3Wr398XuyYjQDYpG4j4kQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK68
OcpJrG+8ZnnoL5hWcP1aQFl/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNDMwOUYxNEMxMDExMUVGQkZBMUVDNjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO7gMA0GCSqGSIb3DQEBCwUA
A4IBAQAK1O+d27ICNgUwnema01bm+C8LxldsfvfNOiSdWpHuGHc4QO/orHS4+o2c
pg6oCDKznRXcieoYGYEf/F5m6XFQk0GmuDCXfO4+ZI31FjHHNEeU1/39feuX8KHV
qQ/KrUgFAN0fyiShbXrCczRZUEMIY62V59v6HpRvfXoD1zB1bGcg02HuvEQvqXnT
eiChh3TCJBGDSMnIbEJ/z3X7bzHKNhuaYdmYY+fY0I0cBz1xPdmjfJ3GOHS9UkpO
A5jCr/uDLHkNDPPG5kJnAV18gy3VteBo3+UbBpLMsGSzBdNX0kVXc9Htr4pAFwzW
8uTPNF+puzkMIHOwsrDGztm3+7fj
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:21 2025 by rpki-client