Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05D7D5E4CACF11EFB9C7B1B7762E951A.roa
File: 05D7D5E4CACF11EFB9C7B1B7762E951A.roa (raw, json)
Hash identifier: 7g1w72I0kKcSrOaStxVHtRpbUXI8QP/wQzOe07lVnow=
Subject key identifier: 38:E9:EB:87:F1:D8:F6:2F:E4:FC:12:4E:46:96:19:A1:57:B4:C0:99
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F770
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05D7D5E4CACF11EFB9C7B1B7762E951A.roa
Signing time: Sat 04 Jan 2025 19:06:38 +0000
ROA not before: Sun 05 Jan 2025 19:06:34 +0000
ROA not after: Sat 18 Jan 2025 19:06:34 +0000
asID: 135097
IP address blocks: 156.250.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63344 (0xf770)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 19:06:34 2025 GMT
Not After : Jan 18 19:06:34 2025 GMT
Subject: CN=677986be-47ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0b:97:2c:b0:f7:be:57:78:9b:65:55:cf:b9:
ad:9e:55:d0:07:46:cb:c0:39:5b:00:a7:32:2f:30:
df:43:12:c5:6e:ef:59:39:fd:d4:11:0f:30:05:ec:
93:a3:30:9e:49:1b:34:f1:e3:2a:fd:aa:a1:d4:11:
50:12:ff:c4:d3:8d:fa:4e:5d:03:72:c5:6d:f3:91:
29:98:1e:0b:aa:85:03:d8:8e:38:88:0b:58:08:63:
ee:d0:33:c3:b1:f9:a3:47:ce:7d:95:97:cd:fc:fb:
a7:72:91:6c:a9:53:28:a8:55:4d:f3:3f:e8:0b:11:
78:76:31:af:3a:a2:34:7d:8b:a9:7d:67:dd:54:d7:
8f:ea:e2:04:87:2c:14:b6:78:c4:dc:0f:30:3d:f6:
93:60:d6:63:f1:87:de:32:12:b9:67:be:57:c2:a6:
91:29:ca:66:7d:39:f1:1f:57:ed:4b:38:9f:58:48:
5c:90:9a:07:f2:d2:1d:65:af:9e:21:d1:8d:5c:90:
39:b4:8b:b3:60:4b:17:af:2d:c6:3f:99:05:dd:6a:
c9:16:85:04:10:49:24:9f:8c:6e:8b:53:eb:24:51:
c2:ae:f1:c4:ba:c5:c4:4c:48:cb:8e:73:d3:7d:29:
c0:d6:31:b7:38:15:35:77:36:9a:a0:89:fd:26:55:
81:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E9:EB:87:F1:D8:F6:2F:E4:FC:12:4E:46:96:19:A1:57:B4:C0:99
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05D7D5E4CACF11EFB9C7B1B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.16.0/20
Signature Algorithm: sha256WithRSAEncryption
00:60:0e:b3:7c:4b:b3:7d:26:83:88:ab:e8:88:bf:3d:c8:eb:
37:ba:3e:65:52:2c:92:58:0f:7a:db:ec:0c:54:bc:7c:1b:13:
39:da:a1:10:cd:0b:39:ea:01:d9:d9:4b:05:c3:59:2e:0f:2e:
9c:67:de:a1:b5:91:e5:cd:af:21:6c:6c:16:ee:79:a5:bc:c6:
1e:97:00:fe:8f:48:e4:13:da:c5:f6:67:b8:c9:90:95:c0:65:
31:e1:b2:b8:2e:06:c0:2c:3e:54:7a:10:95:22:c7:e7:3c:7a:
2b:b4:31:a3:a3:2f:8f:5f:35:de:60:49:fc:31:18:18:5a:98:
42:05:a7:86:64:f3:02:8d:ea:64:08:a5:f5:95:d2:dc:fe:dd:
75:ad:c8:c0:66:10:44:12:a6:b3:d9:80:18:c5:94:3a:c5:40:
cf:78:c3:79:53:89:54:a5:5f:5f:82:d1:8a:8f:37:7e:5d:ed:
9c:6a:49:4a:a1:c0:db:1e:fc:c8:a3:68:4d:d2:a9:43:36:59:
ec:65:fd:fe:ce:42:79:8b:b0:dc:45:f3:3c:2b:f4:ff:20:5d:
8d:4c:c6:00:bc:6c:11:09:f2:13:53:8b:ab:7c:a2:63:0d:a2:
6e:ac:80:9d:71:1f:6d:55:0d:70:28:d7:88:f5:1e:2f:e1:48:
08:83:fa:a8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPdwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTkwNjM0WhcNMjUwMTE4MTkwNjM0WjAYMRYw
FAYDVQQDEw02Nzc5ODZiZS00N2NlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3guXLLD3vld4m2VVz7mtnlXQB0bLwDlbAKcyLzDfQxLFbu9ZOf3UEQ8w
BeyTozCeSRs08eMq/aqh1BFQEv/E0436Tl0DcsVt85EpmB4LqoUD2I44iAtYCGPu
0DPDsfmjR859lZfN/PuncpFsqVMoqFVN8z/oCxF4djGvOqI0fYupfWfdVNeP6uIE
hywUtnjE3A8wPfaTYNZj8YfeMhK5Z75XwqaRKcpmfTnxH1ftSzifWEhckJoH8tId
Za+eIdGNXJA5tIuzYEsXry3GP5kF3WrJFoUEEEkkn4xui1PrJFHCrvHEusXETEjL
jnPTfSnA1jG3OBU1dzaaoIn9JlWBrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDjp
64fx2PYv5PwSTkaWGaFXtMCZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNUQ3RDVFNENBQ0YxMUVGQjlDN0IxQjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPoQMA0GCSqGSIb3DQEBCwUA
A4IBAQAAYA6zfEuzfSaDiKvoiL89yOs3uj5lUiySWA962+wMVLx8GxM52qEQzQs5
6gHZ2UsFw1kuDy6cZ96htZHlza8hbGwW7nmlvMYelwD+j0jkE9rF9me4yZCVwGUx
4bK4LgbALD5UehCVIsfnPHortDGjoy+PXzXeYEn8MRgYWphCBaeGZPMCjepkCKX1
ldLc/t11rcjAZhBEEqaz2YAYxZQ6xUDPeMN5U4lUpV9fgtGKjzd+Xe2caklKocDb
HvzIo2hN0qlDNlnsZf3+zkJ5i7DcRfM8K/T/IF2NTMYAvGwRCfITU4urfKJjDaJu
rICdcR9tVQ1wKNeI9R4v4UgIg/qo
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:10 2025 by rpki-client