Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1709BFB2CF0211EF87428084762E951A.roa
File: 1709BFB2CF0211EF87428084762E951A.roa (raw, json)
Hash identifier: P1FucaZQcbTkhUrGrSrBsDOFbOzXhCDNCFC/Lfb8FTQ=
Subject key identifier: A3:82:63:E1:65:BB:E8:62:19:34:DD:7C:99:7E:76:2A:06:BF:F1:FB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0104DB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1709BFB2CF0211EF87428084762E951A.roa
Signing time: Fri 10 Jan 2025 03:22:16 +0000
ROA not before: Fri 10 Jan 2025 03:22:12 +0000
ROA not after: Mon 27 Jan 2025 03:22:12 +0000
asID: 137547
IP address blocks: 156.245.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66779 (0x104db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 03:22:12 2025 GMT
Not After : Jan 27 03:22:12 2025 GMT
Subject: CN=67809267-9686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b6:c2:20:fa:45:52:bc:86:62:a0:03:8d:a5:
69:c3:ef:a8:b0:c3:d4:a5:ec:85:e6:48:11:af:9a:
9e:b3:d1:e5:45:b0:53:7e:af:e8:6a:6c:d1:c7:25:
12:51:a4:1a:c6:c5:70:04:80:71:c1:ea:0f:a6:ab:
2d:aa:18:af:ae:e3:c9:a1:cd:b4:08:21:e3:97:53:
2f:f3:b8:cd:58:0d:51:a5:0c:46:82:ed:a2:0e:98:
20:e1:f7:35:c7:c1:d4:23:32:56:c5:3e:cf:ab:3a:
f1:91:1b:ec:95:ab:03:47:4c:a9:d0:e0:7b:37:24:
fd:a9:e8:ab:8b:66:19:c7:f8:36:8f:48:19:c4:89:
46:fc:75:f5:4b:bf:02:a7:c6:57:af:93:c4:5b:fe:
12:6a:2b:22:25:d9:b9:68:77:00:97:9f:05:44:fa:
ca:e3:27:1d:7c:1a:c1:b2:3f:5a:01:b2:ca:77:65:
5c:a9:e8:4c:97:20:f1:a9:58:4f:83:ac:56:1f:df:
a8:d5:0c:81:d5:52:28:37:a5:d3:e1:8b:05:98:85:
e9:41:39:bc:ba:9c:2c:42:ec:c6:61:93:d4:c8:51:
ab:b3:bd:c8:e0:aa:02:ef:96:82:8a:56:ea:a2:3a:
e6:95:c0:cb:81:10:dc:10:94:d2:8d:ef:60:99:a0:
01:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:82:63:E1:65:BB:E8:62:19:34:DD:7C:99:7E:76:2A:06:BF:F1:FB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1709BFB2CF0211EF87428084762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.128.0/21
Signature Algorithm: sha256WithRSAEncryption
6c:3e:ff:9c:1d:9b:91:57:26:73:e4:d9:e5:d1:b2:08:ee:93:
0d:a8:b6:40:6c:8e:02:e8:e4:25:a9:06:86:50:43:98:86:29:
a9:4a:86:11:15:8d:bb:f0:2c:e6:fd:22:32:67:77:5b:1d:42:
b9:9c:41:90:93:c1:7e:5a:24:76:aa:13:69:5e:d1:99:75:a5:
7f:43:58:e8:76:d8:70:c7:c0:a8:9e:17:41:40:59:ee:3e:7f:
2c:84:b6:c2:d9:d8:18:62:0d:18:17:79:dc:4f:66:de:9f:a6:
22:1d:f6:70:b0:4a:aa:89:d9:8b:87:ea:59:3f:10:51:0c:26:
fc:c4:1b:27:36:d9:2d:ce:5c:ea:57:c0:1a:3f:2e:1a:4f:c0:
bd:d4:ed:59:69:61:1c:85:8c:89:95:54:ac:71:0d:64:08:66:
55:f5:33:98:bd:5e:57:cf:ce:da:87:33:1d:2b:a0:61:72:52:
bc:54:13:bb:37:4d:c7:b6:98:f1:6c:c6:1f:0a:35:c0:57:d5:
2c:1b:ce:0c:86:fe:49:39:fe:f3:c6:b3:9d:92:8a:8b:24:6f:
03:d8:be:2f:98:ad:75:e2:c7:d9:82:41:c1:c6:a9:41:58:ac:
f9:16:c4:c2:17:cb:7c:75:3d:db:ef:5b:ca:1b:b2:94:9f:08:
91:1f:2f:de
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQTbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDMyMjEyWhcNMjUwMTI3MDMyMjEyWjAYMRYw
FAYDVQQDEw02NzgwOTI2Ny05Njg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxLbCIPpFUryGYqADjaVpw++osMPUpeyF5kgRr5qes9HlRbBTfq/oamzR
xyUSUaQaxsVwBIBxweoPpqstqhivruPJoc20CCHjl1Mv87jNWA1RpQxGgu2iDpgg
4fc1x8HUIzJWxT7PqzrxkRvslasDR0yp0OB7NyT9qeiri2YZx/g2j0gZxIlG/HX1
S78Cp8ZXr5PEW/4SaisiJdm5aHcAl58FRPrK4ycdfBrBsj9aAbLKd2VcqehMlyDx
qVhPg6xWH9+o1QyB1VIoN6XT4YsFmIXpQTm8upwsQuzGYZPUyFGrs73I4KoC75aC
ilbqojrmlcDLgRDcEJTSje9gmaAB6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKOC
Y+Flu+hiGTTdfJl+dioGv/H7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNzA5QkZCMkNGMDIxMUVGODc0MjgwODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPWAMA0GCSqGSIb3DQEBCwUA
A4IBAQBsPv+cHZuRVyZz5Nnl0bII7pMNqLZAbI4C6OQlqQaGUEOYhimpSoYRFY27
8Czm/SIyZ3dbHUK5nEGQk8F+WiR2qhNpXtGZdaV/Q1jodthwx8ConhdBQFnuPn8s
hLbC2dgYYg0YF3ncT2ben6YiHfZwsEqqidmLh+pZPxBRDCb8xBsnNtktzlzqV8Aa
Py4aT8C91O1ZaWEchYyJlVSscQ1kCGZV9TOYvV5Xz87ahzMdK6BhclK8VBO7N03H
tpjxbMYfCjXAV9UsG84Mhv5JOf7zxrOdkoqLJG8D2L4vmK114sfZgkHBxqlBWKz5
FsTCF8t8dT3b71vKG7KUnwiRHy/e
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:42 2025 by rpki-client