Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05A1DB12CF6411EF8D25406C762E951A.roa
File: 05A1DB12CF6411EF8D25406C762E951A.roa (raw, json)
Hash identifier: ynRQrKrIM3waqTWstDpYp3+GTCUXuj6hJ3M4M+kzEjc=
Subject key identifier: BD:20:11:57:4B:B0:02:49:76:40:93:17:1B:69:8E:3D:7B:F6:6C:BA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010573
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05A1DB12CF6411EF8D25406C762E951A.roa
Signing time: Fri 10 Jan 2025 15:03:17 +0000
ROA not before: Fri 10 Jan 2025 15:03:13 +0000
ROA not after: Wed 22 Jan 2025 15:03:13 +0000
asID: 7018
IP address blocks: 156.248.104.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66931 (0x10573)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 15:03:13 2025 GMT
Not After : Jan 22 15:03:13 2025 GMT
Subject: CN=678136b5-0d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:9b:f7:d8:8a:63:d4:70:74:94:0c:03:79:
c7:59:75:96:3c:11:8a:f6:d0:0c:d1:92:3b:d9:6d:
f1:c3:80:09:99:82:53:7b:e0:1d:2a:cd:3c:dd:67:
e3:57:5a:6b:85:ef:4f:0f:8f:84:9a:45:14:0c:e8:
eb:bc:ce:49:47:16:71:c7:e8:13:b5:0c:e9:68:4e:
cc:a9:7c:92:20:25:23:c8:57:31:e5:1c:6b:81:88:
c8:a9:7a:9c:12:49:ee:b0:4f:22:fb:48:4e:66:64:
59:1a:f1:6d:0f:d0:a8:af:75:25:a6:b5:ab:76:e7:
eb:a3:0f:d8:f9:9b:d7:ac:b7:6d:75:d5:82:5f:6c:
3b:64:9c:60:37:7e:fb:9b:a8:2d:dc:b5:44:f9:b8:
33:7e:2b:7f:d7:68:78:f0:e8:9e:cf:b8:79:b2:22:
a0:ec:66:9b:b0:6d:ec:7c:71:04:a3:5b:2a:19:46:
4b:bd:14:5d:1a:2c:ef:05:5b:46:06:23:85:73:bf:
fc:8a:1c:89:38:c8:9a:c1:c3:88:fe:a2:87:84:91:
84:49:36:b9:98:99:8a:70:7c:b1:4e:78:78:86:75:
77:84:e2:9c:0b:d8:58:05:8b:f7:81:a6:ba:0b:48:
de:e4:48:75:9f:57:d0:78:11:7a:c6:0a:3a:bb:30:
40:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:20:11:57:4B:B0:02:49:76:40:93:17:1B:69:8E:3D:7B:F6:6C:BA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05A1DB12CF6411EF8D25406C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.104.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:70:9d:8e:8f:c0:f7:0a:38:66:2b:bc:be:59:d2:99:21:3a:
32:9f:13:53:76:cc:d5:7c:5c:d2:ad:56:ff:dc:db:d8:0e:ee:
73:e2:a7:56:fb:1f:b9:9b:8c:1e:1e:48:65:a2:28:53:f0:90:
fa:d8:9f:3b:f3:10:02:30:83:02:12:58:f3:f3:79:2d:70:f4:
0c:0f:86:ee:4c:af:68:78:f1:b2:6c:d7:fc:77:86:36:df:0e:
ef:b5:37:62:ba:dc:ec:fa:2c:4e:7f:9a:ba:69:cf:b1:28:dc:
c1:8f:85:6d:6e:9c:29:cf:53:af:19:5a:19:2f:86:54:d2:3b:
f1:51:6c:0e:04:3c:dc:91:07:26:b9:3e:fe:97:e1:06:83:3b:
97:57:ed:51:ed:22:12:44:24:f5:8e:94:77:c3:d6:13:07:63:
c6:cc:11:1d:44:55:fd:8e:3e:c0:96:f2:43:27:3e:62:ce:2d:
76:ba:89:27:c6:33:0f:e3:36:c7:92:87:ae:48:6e:3a:3d:17:
f0:7b:03:a0:28:06:9a:75:2d:eb:69:84:0f:c0:44:b0:2b:ce:
a7:6b:06:28:54:37:f5:58:af:51:14:db:01:f5:87:09:fa:90:
ec:7f:bd:35:f9:69:e6:bb:1e:ab:3b:8d:61:a8:db:55:1d:53:
67:2b:5a:28
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQVzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMTUwMzEzWhcNMjUwMTIyMTUwMzEzWjAYMRYw
FAYDVQQDEw02NzgxMzZiNS0wZDliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoKCb99iKY9RwdJQMA3nHWXWWPBGK9tAM0ZI72W3xw4AJmYJTe+AdKs08
3WfjV1prhe9PD4+EmkUUDOjrvM5JRxZxx+gTtQzpaE7MqXySICUjyFcx5RxrgYjI
qXqcEknusE8i+0hOZmRZGvFtD9Cor3UlprWrdufrow/Y+ZvXrLdtddWCX2w7ZJxg
N377m6gt3LVE+bgzfit/12h48Oiez7h5siKg7GabsG3sfHEEo1sqGUZLvRRdGizv
BVtGBiOFc7/8ihyJOMiawcOI/qKHhJGESTa5mJmKcHyxTnh4hnV3hOKcC9hYBYv3
gaa6C0je5Eh1n1fQeBF6xgo6uzBATQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL0g
EVdLsAJJdkCTFxtpjj179my6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNUExREIxMkNGNjQxMUVGOEQyNTQwNkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPhoMA0GCSqGSIb3DQEBCwUA
A4IBAQAMcJ2Oj8D3CjhmK7y+WdKZIToynxNTdszVfFzSrVb/3NvYDu5z4qdW+x+5
m4weHkhloihT8JD62J878xACMIMCEljz83ktcPQMD4buTK9oePGybNf8d4Y23w7v
tTdiutzs+ixOf5q6ac+xKNzBj4Vtbpwpz1OvGVoZL4ZU0jvxUWwOBDzckQcmuT7+
l+EGgzuXV+1R7SISRCT1jpR3w9YTB2PGzBEdRFX9jj7AlvJDJz5izi12uoknxjMP
4zbHkoeuSG46PRfwewOgKAaadS3raYQPwESwK86nawYoVDf1WK9RFNsB9YcJ+pDs
f701+Wnmux6rO41hqNtVHVNnK1oo
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:44 2025 by rpki-client