Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12F8A5DEC05A11EFADF8BA45762E951A.roa
File: 12F8A5DEC05A11EFADF8BA45762E951A.roa (raw, json)
Hash identifier: +mE707LzIfxqYDSAhE6A+fq1GSec9Vgqtb3fmjdnLjI=
Subject key identifier: BA:3C:18:58:36:3F:71:1A:1C:35:81:70:26:D8:D0:A2:28:20:79:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E7E1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12F8A5DEC05A11EFADF8BA45762E951A.roa
Signing time: Sun 22 Dec 2024 11:44:17 +0000
ROA not before: Sun 22 Dec 2024 11:44:13 +0000
ROA not after: Wed 29 Jan 2025 11:44:13 +0000
asID: 61112
IP address blocks: 156.231.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59361 (0xe7e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 22 11:44:13 2024 GMT
Not After : Jan 29 11:44:13 2025 GMT
Subject: CN=6767fb91-a18a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8b:62:d4:91:3d:fd:ec:2e:54:57:18:29:00:
9b:9f:09:9e:48:14:eb:78:cf:22:3d:ac:79:33:2a:
cd:13:4a:c2:e1:40:a5:cb:80:59:c6:a2:9a:55:a5:
a2:04:8e:82:cd:09:b2:f6:6d:10:60:6d:8d:ad:26:
ff:b2:07:ec:b6:5d:cc:a5:64:e2:d3:06:a9:df:68:
11:3b:28:77:d7:ef:7b:90:cf:14:49:84:62:9f:5d:
14:2d:72:42:fa:92:71:d7:0a:18:3d:6e:70:d1:a4:
65:24:85:be:1f:5d:3c:86:bb:79:13:9a:f2:5b:00:
58:8d:33:0b:d6:07:b8:8c:77:3f:c8:ef:b0:c0:15:
40:0d:02:d1:0d:35:30:66:8c:3a:20:6d:29:5a:86:
e9:a9:8d:46:ca:39:da:02:44:83:6f:c2:5c:84:8b:
f6:cd:18:48:84:de:26:23:cc:d9:8f:17:52:fc:b4:
a6:ad:93:8d:69:11:a6:5e:6d:31:b3:13:6a:e5:b0:
85:44:61:2d:ee:2d:81:d7:95:21:9a:61:dd:de:ff:
28:fd:5c:49:22:aa:60:77:34:37:5e:a1:3e:9f:85:
1b:00:83:b6:42:18:e6:c2:6c:07:34:dc:04:c5:7c:
b7:1e:4d:ec:c7:e1:3c:ea:b9:a8:88:4e:44:43:3f:
59:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3C:18:58:36:3F:71:1A:1C:35:81:70:26:D8:D0:A2:28:20:79:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12F8A5DEC05A11EFADF8BA45762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.111.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:db:ba:52:89:97:af:fb:cf:5a:60:99:96:aa:37:89:b7:ae:
9f:b2:f7:f7:87:4f:c4:e2:66:ef:1f:5a:09:4b:89:a0:e3:be:
cf:52:c0:50:26:e9:a2:90:48:4a:7f:c8:35:36:40:00:db:a3:
4f:3c:45:62:8c:25:43:df:67:72:b0:65:0b:70:99:6f:b6:bc:
e1:a1:99:95:65:0f:3a:dd:78:2d:b9:17:c8:4f:92:a2:4f:57:
05:0a:84:7a:c3:e8:a9:d3:29:1e:41:57:48:e3:01:82:dd:31:
f8:1c:2c:ba:cc:07:f6:5d:26:e0:b2:01:ab:60:e2:11:6a:ad:
f5:38:a5:a4:b0:05:3d:00:6c:f4:44:02:05:1d:36:fe:09:cc:
24:f3:b5:75:2d:84:e0:72:e9:b7:06:02:8a:d7:c7:77:7b:20:
3f:21:54:af:62:9b:14:11:db:82:e4:7f:9b:c2:43:cb:62:cb:
c6:1a:e3:be:2c:67:f0:17:84:de:eb:ef:2a:0f:c1:68:31:67:
5c:fe:1d:3d:7a:f6:de:1b:ee:f4:cf:c6:7f:51:0c:6f:b1:30:
a1:04:08:b8:41:e7:be:c9:cf:06:e5:35:47:e1:0d:1f:9c:aa:
b2:08:63:99:f4:e2:ad:1d:d9:9a:8b:ad:d0:30:fe:9d:ef:41:
b1:2b:83:75
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOfhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIyMTE0NDEzWhcNMjUwMTI5MTE0NDEzWjAYMRYw
FAYDVQQDEw02NzY3ZmI5MS1hMThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAooti1JE9/ewuVFcYKQCbnwmeSBTreM8iPax5MyrNE0rC4UCly4BZxqKa
VaWiBI6CzQmy9m0QYG2NrSb/sgfstl3MpWTi0wap32gROyh31+97kM8USYRin10U
LXJC+pJx1woYPW5w0aRlJIW+H108hrt5E5ryWwBYjTML1ge4jHc/yO+wwBVADQLR
DTUwZow6IG0pWobpqY1GyjnaAkSDb8JchIv2zRhIhN4mI8zZjxdS/LSmrZONaRGm
Xm0xsxNq5bCFRGEt7i2B15UhmmHd3v8o/VxJIqpgdzQ3XqE+n4UbAIO2QhjmwmwH
NNwExXy3Hk3sx+E86rmoiE5EQz9ZawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLo8
GFg2P3EaHDWBcCbY0KIoIHmMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMkY4QTVERUMwNUExMUVGQURGOEJBNDU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOdvMA0GCSqGSIb3DQEBCwUA
A4IBAQCh27pSiZev+89aYJmWqjeJt66fsvf3h0/E4mbvH1oJS4mg477PUsBQJumi
kEhKf8g1NkAA26NPPEVijCVD32dysGULcJlvtrzhoZmVZQ863XgtuRfIT5KiT1cF
CoR6w+ip0ykeQVdI4wGC3TH4HCy6zAf2XSbgsgGrYOIRaq31OKWksAU9AGz0RAIF
HTb+Ccwk87V1LYTgcum3BgKK18d3eyA/IVSvYpsUEduC5H+bwkPLYsvGGuO+LGfw
F4Te6+8qD8FoMWdc/h09evbeG+70z8Z/UQxvsTChBAi4Qee+yc8G5TVH4Q0fnKqy
CGOZ9OKtHdmai63QMP6d70GxK4N1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:38 2025 by rpki-client