Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C84D2C084F311EE97DAD3444AD9E6FC.roa
File: 0C84D2C084F311EE97DAD3444AD9E6FC.roa (raw, json)
Hash identifier: 24V39qiWkBcEpbxdeIF5iO/YT1CCFoskCulo1mhd8T4=
Subject key identifier: BA:D6:45:2A:8E:6E:AA:BB:CB:A6:2C:1A:31:11:63:F3:A1:E7:6F:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 494B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C84D2C084F311EE97DAD3444AD9E6FC.roa
Signing time: Fri 17 Nov 2023 02:43:12 +0000
ROA not before: Fri 17 Nov 2023 02:43:09 +0000
ROA not after: Tue 12 Nov 2024 02:43:09 +0000
asID: 64267
IP address blocks: 156.239.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18763 (0x494b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 17 02:43:09 2023 GMT
Not After : Nov 12 02:43:09 2024 GMT
Subject: CN=6556d340-9a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:11:9f:8e:52:e6:d1:c0:6a:75:ce:d8:7f:6f:
44:1a:40:01:25:4d:7a:17:38:3d:3a:a3:5a:c8:f5:
07:21:37:41:79:95:20:ce:0b:d6:01:dd:50:47:7a:
9e:f7:aa:87:ca:4a:29:d8:0d:7b:09:b6:6b:11:bd:
93:0e:05:ab:83:c5:1e:23:8e:3d:44:8e:a3:01:89:
b5:91:72:78:34:64:ee:08:01:89:d1:94:cf:9e:be:
82:30:7a:d1:18:c7:74:97:7e:15:bf:92:86:0e:40:
00:c3:28:8d:f2:a4:87:f4:71:9a:82:d1:b1:31:92:
f7:be:1a:ad:ba:b4:1c:e8:8b:ff:00:51:87:1a:19:
ca:71:3d:29:30:ad:81:af:fe:bb:36:4f:5b:bf:62:
32:5f:58:65:53:a3:2d:9f:06:a9:69:73:a8:79:54:
c3:53:96:20:09:a0:10:a6:c5:1a:71:4f:40:86:d5:
de:57:76:a0:d4:db:5a:dc:bb:f8:0c:d1:b5:f0:82:
7f:0f:47:48:b8:23:f5:52:6f:7c:f4:3f:80:e3:32:
fa:7a:a7:9b:b3:e0:c6:64:16:4c:2b:79:ff:cd:a0:
64:f8:fa:a1:77:22:44:86:7c:8d:10:fa:ce:62:dc:
7b:6e:74:ac:00:f9:86:69:c3:e7:d8:4c:45:e4:7d:
3b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D6:45:2A:8E:6E:AA:BB:CB:A6:2C:1A:31:11:63:F3:A1:E7:6F:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0C84D2C084F311EE97DAD3444AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.60.0/24
Signature Algorithm: sha256WithRSAEncryption
43:4a:6f:c9:c0:e5:45:f1:da:95:c7:96:81:d5:4b:fb:7c:76:
82:21:5d:ac:83:3e:ae:b5:ef:1a:5d:71:f8:d9:44:06:c1:c2:
a1:72:45:c8:35:b4:bc:70:23:41:44:ba:7c:8d:95:4c:90:c2:
b9:ee:22:e0:32:fb:f1:b9:2d:57:39:e1:2e:04:6d:10:18:7e:
5f:ec:a8:b8:c3:c3:00:81:e9:fe:90:43:24:87:66:77:cb:82:
f7:f4:a0:0f:6b:d8:d5:2a:91:6d:c0:a3:84:4e:77:90:c4:af:
38:27:38:73:90:7a:40:b3:83:9f:84:07:ee:53:55:c8:7d:60:
98:39:74:c0:13:1a:d3:95:91:e3:94:af:0e:e7:a7:64:1f:08:
75:b3:57:fc:5d:e2:57:03:f0:af:e6:a4:08:94:05:99:26:4c:
be:56:49:4e:a0:ee:f5:97:c0:e9:fe:db:c0:32:83:78:9a:c7:
c1:1f:93:7d:91:1f:fc:aa:db:b7:2f:90:a4:64:c3:d3:16:e4:
81:d5:b6:22:ae:a2:cb:99:4d:50:9b:03:d9:94:2e:5d:0d:07:
3c:8b:dd:48:83:cd:5b:27:3c:26:ca:ac:cc:be:5e:ad:36:10:
54:3e:e0:9f:90:68:60:c2:9c:41:8e:22:5f:5c:96:8e:f0:d7:
3e:a2:09:aa
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICSUswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzExMTcwMjQzMDlaFw0yNDExMTIwMjQzMDlaMBgxFjAU
BgNVBAMTDTY1NTZkMzQwLTlhNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDNEZ+OUubRwGp1zth/b0QaQAElTXoXOD06o1rI9QchN0F5lSDOC9YB3VBH
ep73qofKSinYDXsJtmsRvZMOBauDxR4jjj1EjqMBibWRcng0ZO4IAYnRlM+evoIw
etEYx3SXfhW/koYOQADDKI3ypIf0cZqC0bExkve+Gq26tBzoi/8AUYcaGcpxPSkw
rYGv/rs2T1u/YjJfWGVToy2fBqlpc6h5VMNTliAJoBCmxRpxT0CG1d5XdqDU21rc
u/gM0bXwgn8PR0i4I/VSb3z0P4DjMvp6p5uz4MZkFkwref/NoGT4+qF3IkSGfI0Q
+s5i3HtudKwA+YZpw+fYTEXkfTv/AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUutZF
Ko5uqrvLpiwaMRFj86HnbzcwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzBDODREMkMwODRGMzExRUU5N0RBRDM0NDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc7zwwDQYJKoZIhvcNAQELBQAD
ggEBAENKb8nA5UXx2pXHloHVS/t8doIhXayDPq617xpdcfjZRAbBwqFyRcg1tLxw
I0FEunyNlUyQwrnuIuAy+/G5LVc54S4EbRAYfl/sqLjDwwCB6f6QQySHZnfLgvf0
oA9r2NUqkW3Ao4ROd5DErzgnOHOQekCzg5+EB+5TVch9YJg5dMATGtOVkeOUrw7n
p2QfCHWzV/xd4lcD8K/mpAiUBZkmTL5WSU6g7vWXwOn+28Ayg3iax8Efk32RH/yq
27cvkKRkw9MW5IHVtiKuosuZTVCbA9mULl0NBzyL3UiDzVsnPCbKrMy+Xq02EFQ+
4J+QaGDCnEGOIl9clo7w1z6iCao=
-----END CERTIFICATE-----
Generated at Sun May 11 15:51:39 2025 by rpki-client