Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C2B5E32CE5A11EF85A66255762E951A.roa
File: 0C2B5E32CE5A11EF85A66255762E951A.roa (raw, json)
Hash identifier: FnPerEYg/8SNEzOrFZY4nVkbovP9Dpl/BEoR1Mk5CTg=
Subject key identifier: 1E:78:2E:FC:9A:95:CB:2F:EF:F0:F8:41:8E:7F:64:74:A3:50:68:CD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0102F8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C2B5E32CE5A11EF85A66255762E951A.roa
Signing time: Thu 09 Jan 2025 07:19:22 +0000
ROA not before: Thu 09 Jan 2025 07:19:18 +0000
ROA not after: Mon 20 Jan 2025 07:19:18 +0000
asID: 134365
IP address blocks: 156.226.176.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66296 (0x102f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 07:19:18 2025 GMT
Not After : Jan 20 07:19:18 2025 GMT
Subject: CN=677f787a-c69b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:03:7e:3b:96:d1:f0:92:ea:76:bb:c9:60:ef:
ff:a6:d9:67:21:aa:12:38:cb:98:74:2e:b5:c1:08:
8b:75:e6:d7:2b:ce:e3:bf:12:d8:04:c2:f5:4e:ca:
1a:73:55:4a:6e:66:6f:02:01:86:37:6c:79:19:ad:
2c:fa:f6:8a:f8:58:7c:94:9b:2c:bf:99:df:50:c7:
25:c4:df:bf:85:bf:6e:56:96:4a:3a:6a:90:34:fd:
b4:26:4f:4c:71:1e:be:1f:f9:fd:ba:f4:c8:9d:92:
7a:c3:00:0b:25:d9:94:4a:3a:6e:ef:f4:68:f6:85:
b7:32:ab:80:34:a0:0e:3c:e3:e3:bc:1d:4c:fa:e2:
b1:e8:f5:d8:c0:93:ad:99:2e:ca:9d:32:3c:23:f4:
8a:65:14:f2:f6:c9:2a:1d:c5:68:ce:e2:b9:ac:05:
b0:32:08:4c:04:78:02:fb:cf:b2:5b:bd:6f:cd:04:
57:b6:56:e6:07:86:be:a3:6b:b5:c2:46:d5:f6:dc:
6b:f5:0a:16:17:f8:d1:1a:7a:f4:4b:89:ef:ef:4e:
85:4d:0f:b2:01:aa:e7:c8:c6:19:7d:79:2c:b5:37:
85:eb:f7:98:ab:bd:ed:a4:9f:6c:63:35:44:04:d5:
ee:15:d4:fd:dc:78:e2:ae:b6:63:91:70:cb:56:d1:
a8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:78:2E:FC:9A:95:CB:2F:EF:F0:F8:41:8E:7F:64:74:A3:50:68:CD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C2B5E32CE5A11EF85A66255762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.176.0/21
Signature Algorithm: sha256WithRSAEncryption
a0:6d:71:ef:de:40:53:08:0c:2a:ca:a0:e4:a3:d2:a7:74:62:
ef:3f:76:43:c8:95:39:fe:91:93:28:4b:88:29:51:29:0d:9a:
2b:1a:37:89:57:0e:ea:da:b9:8c:68:bf:67:5a:23:f4:72:1a:
3e:00:65:fa:53:f5:37:0a:71:b6:01:13:36:1d:9f:b9:5d:09:
21:4e:12:f1:12:49:3c:81:4b:60:19:ad:33:06:d2:32:33:23:
3a:56:38:aa:00:ee:31:d9:eb:2a:d0:73:0d:1e:f0:8d:24:6a:
1e:d0:98:10:43:a6:f1:00:55:ec:50:ea:a3:b5:85:cf:b0:86:
1c:b3:13:af:1d:14:8e:29:1a:cd:85:6f:79:77:c5:d9:3a:93:
72:c4:df:d3:49:f7:40:e8:65:21:9d:aa:37:b8:b0:d3:d1:c6:
18:bf:42:f5:f2:56:98:70:81:48:c8:19:bc:31:58:34:f7:20:
85:78:25:10:bc:35:d0:a8:a5:83:ac:a2:ca:c4:df:a5:73:e3:
65:b5:c4:f3:80:0d:a2:3f:7a:7e:b5:e0:5e:96:ec:e5:47:bf:
ef:f3:5c:b1:44:32:2a:89:8f:a3:20:96:ae:9d:85:09:6d:c3:
7d:fb:97:d3:56:20:27:80:6c:80:97:c1:57:88:5e:02:fa:92:
12:e5:e2:7d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQL4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDcxOTE4WhcNMjUwMTIwMDcxOTE4WjAYMRYw
FAYDVQQDEw02NzdmNzg3YS1jNjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9QN+O5bR8JLqdrvJYO//ptlnIaoSOMuYdC61wQiLdebXK87jvxLYBML1
Tsoac1VKbmZvAgGGN2x5Ga0s+vaK+Fh8lJssv5nfUMclxN+/hb9uVpZKOmqQNP20
Jk9McR6+H/n9uvTInZJ6wwALJdmUSjpu7/Ro9oW3MquANKAOPOPjvB1M+uKx6PXY
wJOtmS7KnTI8I/SKZRTy9skqHcVozuK5rAWwMghMBHgC+8+yW71vzQRXtlbmB4a+
o2u1wkbV9txr9QoWF/jRGnr0S4nv706FTQ+yAarnyMYZfXkstTeF6/eYq73tpJ9s
YzVEBNXuFdT93HjirrZjkXDLVtGopQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB54
Lvyalcsv7/D4QY5/ZHSjUGjNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQzJCNUUzMkNFNUExMUVGODVBNjYyNTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOKwMA0GCSqGSIb3DQEBCwUA
A4IBAQCgbXHv3kBTCAwqyqDko9KndGLvP3ZDyJU5/pGTKEuIKVEpDZorGjeJVw7q
2rmMaL9nWiP0cho+AGX6U/U3CnG2ARM2HZ+5XQkhThLxEkk8gUtgGa0zBtIyMyM6
VjiqAO4x2esq0HMNHvCNJGoe0JgQQ6bxAFXsUOqjtYXPsIYcsxOvHRSOKRrNhW95
d8XZOpNyxN/TSfdA6GUhnao3uLDT0cYYv0L18laYcIFIyBm8MVg09yCFeCUQvDXQ
qKWDrKLKxN+lc+NltcTzgA2iP3p+teBeluzlR7/v81yxRDIqiY+jIJaunYUJbcN9
+5fTViAngGyAl8FXiF4C+pIS5eJ9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:12 2025 by rpki-client