Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A7039E4C29A11EFA66E4196762E951A.roa
File: 0A7039E4C29A11EFA66E4196762E951A.roa (raw, json)
Hash identifier: MQ1l5KktTFLrzSMmZXXyOx9om8vxh9nl/XCcChLgB2M=
Subject key identifier: 84:01:95:63:34:55:7C:7C:0B:6F:7E:43:EB:4A:F4:54:99:5F:D7:B3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E9E1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A7039E4C29A11EFA66E4196762E951A.roa
Signing time: Wed 25 Dec 2024 08:27:13 +0000
ROA not before: Wed 25 Dec 2024 08:27:09 +0000
ROA not after: Mon 03 Feb 2025 08:27:09 +0000
asID: 21859
IP address blocks: 156.226.164.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59873 (0xe9e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 08:27:09 2024 GMT
Not After : Feb 3 08:27:09 2025 GMT
Subject: CN=676bc1e1-e360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:cc:3a:6e:2b:ee:b3:5b:c8:5a:23:83:dd:
03:8e:8c:2f:4e:73:d8:28:df:bc:99:41:7c:6d:18:
9b:f2:7e:9e:88:f6:f1:55:17:45:1e:a0:84:98:f2:
42:16:6d:d7:8e:9d:5c:fe:7d:28:d2:71:57:17:5a:
c0:37:e8:76:37:5c:29:fa:59:c6:4e:47:c7:a3:78:
72:0d:2f:1c:43:4d:0e:5a:8c:66:b7:e6:3f:70:30:
30:28:ae:97:2a:cd:87:e6:42:1a:21:54:cd:8c:fc:
7e:2f:fd:40:2a:fb:fa:ec:ac:46:99:ee:56:17:78:
1c:84:6d:26:42:27:ea:ed:da:1f:aa:cd:2a:12:cf:
06:82:28:8b:a7:82:eb:c9:e2:89:b5:24:f8:7a:c8:
ce:0e:c4:a5:0a:c5:a8:94:52:94:26:c6:9e:f0:6f:
69:e3:03:a9:29:1d:4f:ef:c5:1d:26:df:7c:55:fd:
db:78:11:02:bd:46:13:a7:c2:09:f4:4a:30:3e:83:
18:88:1d:9f:7d:02:16:94:77:15:02:84:3d:d1:88:
73:a6:20:fc:30:34:fe:a7:85:f7:f6:36:e3:c7:ea:
a7:3a:3d:c7:06:7a:da:9b:5b:ca:72:62:52:0d:a7:
d6:b1:76:6c:5a:25:ea:96:73:ad:37:6a:2c:75:98:
98:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:01:95:63:34:55:7C:7C:0B:6F:7E:43:EB:4A:F4:54:99:5F:D7:B3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A7039E4C29A11EFA66E4196762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.164.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:55:00:4f:3f:f6:69:91:38:79:88:47:1e:a2:92:9a:c2:68:
25:d7:95:30:dd:8f:c6:13:d3:fd:c2:0c:13:9b:de:04:3e:4e:
39:0b:ed:ea:15:7d:bf:3a:30:03:6b:5b:de:f1:e1:28:7e:88:
f5:51:87:bf:62:e2:0e:60:e5:b9:65:fa:82:1e:61:f0:ff:0d:
9f:8c:c9:96:73:61:79:a4:1b:e2:e7:5c:14:80:44:72:b2:39:
0b:ca:08:60:3c:9b:92:0a:7d:07:5a:1a:4a:a0:db:05:29:8c:
a3:a3:c5:ce:80:42:39:af:94:e0:1e:f1:fe:c1:55:c5:f7:d3:
23:f6:ac:b7:ad:62:a5:4b:c8:d0:63:d3:06:b6:e0:fc:5e:fb:
f8:07:fb:d4:10:67:62:92:2e:50:6b:23:af:29:66:d9:24:8f:
f5:d4:88:c5:1a:81:68:c1:a9:ec:c7:8e:78:01:87:9d:9c:90:
ed:fe:60:a4:57:ff:f1:5e:41:36:eb:f8:fb:b2:19:c0:7f:a1:
ec:1d:7c:12:21:93:15:43:3e:ce:09:ab:a7:09:8f:bc:ec:e8:
36:03:0e:d2:3b:65:49:29:1f:58:5f:42:d9:57:e0:c1:fa:2e:
53:73:63:09:a8:1e:26:eb:5d:82:26:8b:ac:4e:eb:0a:4f:b1:
b2:ac:50:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOnhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDgyNzA5WhcNMjUwMjAzMDgyNzA5WjAYMRYw
FAYDVQQDEw02NzZiYzFlMS1lMzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv8DMOm4r7rNbyFojg90DjowvTnPYKN+8mUF8bRib8n6eiPbxVRdFHqCE
mPJCFm3Xjp1c/n0o0nFXF1rAN+h2N1wp+lnGTkfHo3hyDS8cQ00OWoxmt+Y/cDAw
KK6XKs2H5kIaIVTNjPx+L/1AKvv67KxGme5WF3gchG0mQifq7dofqs0qEs8GgiiL
p4LryeKJtST4esjODsSlCsWolFKUJsae8G9p4wOpKR1P78UdJt98Vf3beBECvUYT
p8IJ9EowPoMYiB2ffQIWlHcVAoQ90YhzpiD8MDT+p4X39jbjx+qnOj3HBnram1vK
cmJSDafWsXZsWiXqlnOtN2osdZiYywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIQB
lWM0VXx8C29+Q+tK9FSZX9ezMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQTcwMzlFNEMyOUExMUVGQTY2RTQxOTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOKkMA0GCSqGSIb3DQEBCwUA
A4IBAQBuVQBPP/ZpkTh5iEceopKawmgl15Uw3Y/GE9P9wgwTm94EPk45C+3qFX2/
OjADa1ve8eEofoj1UYe/YuIOYOW5ZfqCHmHw/w2fjMmWc2F5pBvi51wUgERysjkL
yghgPJuSCn0HWhpKoNsFKYyjo8XOgEI5r5TgHvH+wVXF99Mj9qy3rWKlS8jQY9MG
tuD8Xvv4B/vUEGdiki5QayOvKWbZJI/11IjFGoFowansx454AYednJDt/mCkV//x
XkE26/j7shnAf6HsHXwSIZMVQz7OCaunCY+87Og2Aw7SO2VJKR9YX0LZV+DB+i5T
c2MJqB4m612CJousTusKT7GyrFAb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:34 2025 by rpki-client