Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0AF76FB8C9B111EF91805EAE762E951A.roa
File: 0AF76FB8C9B111EF91805EAE762E951A.roa (raw, json)
Hash identifier: lH8g2NfECq5N6IS62hbbHadLJpwyNUiOrjQubTSilbY=
Subject key identifier: 63:E9:05:70:BE:BE:56:0E:06:0D:03:DD:B6:A2:0A:E9:43:30:B0:DB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6B5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0AF76FB8C9B111EF91805EAE762E951A.roa
Signing time: Fri 03 Jan 2025 08:59:30 +0000
ROA not before: Fri 03 Jan 2025 08:59:27 +0000
ROA not after: Sat 18 Jan 2025 08:59:27 +0000
asID: 141883
IP address blocks: 156.249.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63157 (0xf6b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 08:59:27 2025 GMT
Not After : Jan 18 08:59:27 2025 GMT
Subject: CN=6777a6f2-171f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ff:88:5d:61:42:7f:50:9c:82:24:b9:5b:dd:
7a:36:39:4e:d3:be:f3:66:78:9b:68:fd:37:22:21:
75:8a:0d:45:ba:f2:03:f4:94:bc:50:59:e0:5a:6a:
c3:5e:36:b6:92:8e:bc:2e:34:b1:28:29:4a:cb:27:
49:8a:38:93:e5:12:f2:e0:f7:83:95:75:b5:d0:da:
5f:0b:c1:73:97:11:67:f6:3d:df:b8:37:e7:8f:df:
26:f9:cb:08:91:19:ec:cc:68:cc:75:27:97:58:c1:
b0:4e:4c:ff:4e:30:b0:aa:78:c8:9a:3f:63:f7:16:
98:ee:f5:59:0d:b2:1c:55:d6:dc:5c:30:d3:fa:03:
1f:79:39:f1:1c:94:42:f3:00:64:6d:f2:3b:87:08:
ab:bb:7d:3d:bc:ab:3a:13:eb:61:29:98:d3:77:da:
41:5a:51:b1:d2:de:3a:d3:7d:39:b5:22:dd:e0:03:
e2:58:5f:a2:2c:da:9a:d1:8c:90:21:0d:1a:c3:de:
f5:02:37:e4:f4:6f:33:06:98:1e:42:6e:55:20:19:
45:61:e1:f2:a7:86:a0:90:e3:83:d2:7a:54:0a:23:
6d:9d:09:ea:5f:db:51:10:6a:8e:49:3b:32:70:0f:
8d:13:f4:34:db:51:76:39:eb:86:6a:96:b8:90:32:
0b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E9:05:70:BE:BE:56:0E:06:0D:03:DD:B6:A2:0A:E9:43:30:B0:DB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0AF76FB8C9B111EF91805EAE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.28.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:ca:97:c1:bf:97:6c:01:93:88:9d:cb:97:80:51:ba:5c:d4:
b6:24:ac:4b:53:98:a1:20:5f:c3:68:65:6b:fc:94:bd:3c:e0:
f6:be:39:bd:ad:89:6f:99:7b:f6:28:64:5a:c2:03:d5:ca:80:
8a:6d:0f:01:93:c9:6f:e6:dd:f2:86:0b:33:bb:e8:87:91:ff:
48:38:5d:8a:95:47:9a:70:3e:b3:19:be:07:21:93:d8:a5:a9:
99:e3:a0:1d:74:64:75:c1:24:31:8f:fa:db:84:ad:6c:e4:42:
bb:29:b1:c8:58:75:d5:c4:7e:5b:d6:c3:79:b2:6b:46:b8:a4:
7c:72:7a:53:0c:9c:01:72:59:0b:75:1e:5d:3b:f9:f8:3e:b9:
60:b7:95:61:e3:65:88:b6:2d:3b:34:7e:1a:b3:98:05:5f:26:
66:13:4b:05:f5:f0:aa:36:87:b0:67:11:21:7d:39:6b:a4:97:
b9:f5:56:dc:a7:c6:19:30:0c:8f:6e:0a:f7:14:11:ac:15:98:
57:b1:fe:00:66:05:5c:0b:f9:9a:ab:8c:67:be:8c:8b:85:e8:
b8:0b:2c:83:2b:a6:85:10:5d:b2:8d:73:6c:c5:ee:04:46:7d:
3a:cc:84:b7:8a:c9:43:57:91:7e:6d:08:18:1b:48:a2:60:f7:
28:c6:6f:97
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPa1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDg1OTI3WhcNMjUwMTE4MDg1OTI3WjAYMRYw
FAYDVQQDEw02Nzc3YTZmMi0xNzFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1v+IXWFCf1CcgiS5W916NjlO077zZnibaP03IiF1ig1FuvID9JS8UFng
WmrDXja2ko68LjSxKClKyydJijiT5RLy4PeDlXW10NpfC8FzlxFn9j3fuDfnj98m
+csIkRnszGjMdSeXWMGwTkz/TjCwqnjImj9j9xaY7vVZDbIcVdbcXDDT+gMfeTnx
HJRC8wBkbfI7hwiru309vKs6E+thKZjTd9pBWlGx0t460305tSLd4APiWF+iLNqa
0YyQIQ0aw971Ajfk9G8zBpgeQm5VIBlFYeHyp4agkOOD0npUCiNtnQnqX9tREGqO
STsycA+NE/Q021F2OeuGapa4kDILxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGPp
BXC+vlYOBg0D3baiCulDMLDbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQUY3NkZCOEM5QjExMUVGOTE4MDVFQUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPkcMA0GCSqGSIb3DQEBCwUA
A4IBAQA9ypfBv5dsAZOIncuXgFG6XNS2JKxLU5ihIF/DaGVr/JS9POD2vjm9rYlv
mXv2KGRawgPVyoCKbQ8Bk8lv5t3yhgszu+iHkf9IOF2KlUeacD6zGb4HIZPYpamZ
46AddGR1wSQxj/rbhK1s5EK7KbHIWHXVxH5b1sN5smtGuKR8cnpTDJwBclkLdR5d
O/n4Prlgt5Vh42WIti07NH4as5gFXyZmE0sF9fCqNoewZxEhfTlrpJe59Vbcp8YZ
MAyPbgr3FBGsFZhXsf4AZgVcC/maq4xnvoyLhei4CyyDK6aFEF2yjXNsxe4ERn06
zIS3islDV5F+bQgYG0iiYPcoxm+X
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:58 2025 by rpki-client