Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/117C4510C29B11EFBA5F759C762E951A.roa
File: 117C4510C29B11EFBA5F759C762E951A.roa (raw, json)
Hash identifier: LOUD9SY45AyRXN2xm61mGoY0Y1H8wWjwrM6LlzyPlbs=
Subject key identifier: BF:64:9B:28:34:A2:6B:85:98:AE:68:9F:B3:29:BE:40:84:29:77:4A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E9E7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/117C4510C29B11EFBA5F759C762E951A.roa
Signing time: Wed 25 Dec 2024 08:34:34 +0000
ROA not before: Wed 25 Dec 2024 08:34:31 +0000
ROA not after: Mon 27 Jan 2025 08:34:31 +0000
asID: 5068
IP address blocks: 156.224.84.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59879 (0xe9e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 08:34:31 2024 GMT
Not After : Jan 27 08:34:31 2025 GMT
Subject: CN=676bc39a-9a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:85:0a:bd:dc:d2:d6:da:5e:8f:0e:3a:75:c7:
46:c4:63:26:10:d6:ed:a2:0e:fb:d0:86:f9:2e:64:
16:42:c5:07:23:ef:67:54:49:ec:2f:3d:5e:c7:1c:
32:4e:66:a3:fc:1c:70:f5:0d:f2:27:e1:a6:ef:fd:
d7:c5:b6:9b:64:bc:f7:90:c0:f8:c1:a2:94:30:34:
82:29:09:c8:18:3a:c9:1f:73:94:4b:70:57:1c:62:
71:68:66:07:ad:a3:de:d0:b7:42:59:c6:cf:d1:5e:
47:a9:1a:27:c2:8d:84:5a:3b:28:59:30:3c:b1:50:
04:a1:66:35:20:9a:73:23:81:d0:cb:6e:b9:d1:87:
f8:80:8c:92:dc:6a:db:0e:33:03:4b:be:f4:a2:08:
6e:3d:40:f3:66:3f:95:93:69:14:b7:6a:9f:0d:66:
74:53:c7:7f:f9:91:f3:8b:8a:b1:48:9c:c8:3e:49:
a4:7c:4e:77:08:3a:c9:98:ba:01:e8:a7:de:7a:1b:
18:25:a7:96:1a:b8:ce:06:b4:c1:a6:0a:1a:67:03:
b0:e6:78:c1:fa:5b:c1:59:bd:10:9b:17:c7:8b:5c:
b6:9e:a2:f4:fe:bf:23:b1:cc:93:ee:a5:10:4c:29:
9c:82:ee:fc:c2:26:fb:df:00:b7:7b:af:37:30:5c:
90:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:64:9B:28:34:A2:6B:85:98:AE:68:9F:B3:29:BE:40:84:29:77:4A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/117C4510C29B11EFBA5F759C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.84.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:01:d5:00:f8:b6:cc:fb:a5:43:8f:3d:dd:45:fe:ba:6c:d3:
e1:96:af:a6:97:70:b9:4b:a7:f8:2f:23:3c:35:8b:9d:9b:1f:
16:d7:bb:6d:ed:e2:10:ee:ee:25:1d:1d:c5:36:c2:57:23:81:
70:82:55:e7:96:89:a8:c7:63:e6:a2:e0:44:58:ab:39:0e:18:
3e:b4:22:50:f2:e2:6e:d3:7f:12:2d:6d:8b:7a:8d:3c:8f:ea:
06:b7:8b:9e:14:31:53:62:ba:49:56:33:f9:f6:e6:a8:48:b1:
fa:d3:32:63:fa:b3:21:6d:d8:f4:a5:4b:56:aa:bf:ba:b6:93:
91:84:01:c8:88:68:c1:24:b8:7d:a4:fa:96:4c:a0:13:f0:4b:
81:e2:eb:d9:5b:a9:00:0f:50:ef:48:b1:f2:98:34:82:f7:a3:
c0:98:73:6d:c3:89:ef:4e:71:10:23:0d:14:a5:ba:ef:21:8c:
c4:ce:d2:75:7e:0e:72:63:b3:07:f5:33:9b:dc:d3:a1:47:96:
e2:44:ca:c6:e0:93:66:6b:5d:80:e8:2f:7b:43:27:f2:b9:ed:
a9:bd:35:3b:c9:d2:14:99:47:9e:5f:a6:b1:a4:18:62:f5:5c:
56:19:f2:fc:12:cb:fa:72:e1:a8:78:fc:52:d5:60:3e:40:5d:
e4:87:b9:48
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOnnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDgzNDMxWhcNMjUwMTI3MDgzNDMxWjAYMRYw
FAYDVQQDEw02NzZiYzM5YS05YTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApIUKvdzS1tpejw46dcdGxGMmENbtog770Ib5LmQWQsUHI+9nVEnsLz1e
xxwyTmaj/Bxw9Q3yJ+Gm7/3XxbabZLz3kMD4waKUMDSCKQnIGDrJH3OUS3BXHGJx
aGYHraPe0LdCWcbP0V5HqRonwo2EWjsoWTA8sVAEoWY1IJpzI4HQy2650Yf4gIyS
3GrbDjMDS770oghuPUDzZj+Vk2kUt2qfDWZ0U8d/+ZHzi4qxSJzIPkmkfE53CDrJ
mLoB6KfeehsYJaeWGrjOBrTBpgoaZwOw5njB+lvBWb0QmxfHi1y2nqL0/r8jscyT
7qUQTCmcgu78wib73wC3e683MFyQswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL9k
myg0omuFmK5on7MpvkCEKXdKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMTdDNDUxMEMyOUIxMUVGQkE1Rjc1OUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOBUMA0GCSqGSIb3DQEBCwUA
A4IBAQCkAdUA+LbM+6VDjz3dRf66bNPhlq+ml3C5S6f4LyM8NYudmx8W17tt7eIQ
7u4lHR3FNsJXI4FwglXnlomox2PmouBEWKs5Dhg+tCJQ8uJu038SLW2Leo08j+oG
t4ueFDFTYrpJVjP59uaoSLH60zJj+rMhbdj0pUtWqr+6tpORhAHIiGjBJLh9pPqW
TKAT8EuB4uvZW6kAD1DvSLHymDSC96PAmHNtw4nvTnEQIw0UpbrvIYzEztJ1fg5y
Y7MH9TOb3NOhR5biRMrG4JNma12A6C97Qyfyue2pvTU7ydIUmUeeX6axpBhi9VxW
GfL8Esv6cuGoePxS1WA+QF3kh7lI
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:58 2025 by rpki-client