Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/174B8892BA2711EFB0E13949762E951A.roa
File: 174B8892BA2711EFB0E13949762E951A.roa (raw, json)
Hash identifier: kPopYTooAv0YOtcm/q2Df90TLbyEbZY50pHFjXBMI7A=
Subject key identifier: E6:B6:80:7F:13:30:B9:0A:F4:8A:BE:4C:33:72:35:8A:86:63:CE:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E3A2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/174B8892BA2711EFB0E13949762E951A.roa
Signing time: Sat 14 Dec 2024 14:24:13 +0000
ROA not before: Sat 14 Dec 2024 14:24:09 +0000
ROA not after: Mon 20 Jan 2025 14:24:09 +0000
asID: 200080
IP address blocks: 156.253.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58274 (0xe3a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 14 14:24:09 2024 GMT
Not After : Jan 20 14:24:09 2025 GMT
Subject: CN=675d950d-7239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dc:6c:0d:26:e3:00:57:74:47:e9:f3:5c:88:
0a:76:4c:3a:58:0c:e1:e5:74:b9:6f:83:82:f6:7b:
aa:8c:f3:7b:b0:38:44:60:e2:bf:42:b2:11:9c:64:
d6:96:2e:55:0e:df:9c:6c:05:2c:75:c2:3b:9c:19:
c9:af:b8:b4:fc:64:4e:ed:68:42:c9:ae:f0:05:b5:
35:d7:81:cb:41:9b:ac:dc:95:75:4b:f7:60:51:fe:
78:cf:32:90:e0:86:7c:dc:cc:df:92:59:5f:20:88:
99:92:dc:cf:45:d6:1c:9c:8a:30:80:06:f5:8f:2a:
da:99:22:e4:46:ab:35:24:76:ac:fe:65:cf:f6:de:
a2:5b:d8:b5:73:33:cc:a1:6e:6a:2c:7a:d9:5e:80:
c0:8e:41:d0:7d:f4:74:6a:85:4e:64:14:b1:3a:f1:
66:1e:7c:54:e5:42:f0:25:45:45:d2:3d:f0:a4:3e:
7d:13:43:38:6c:ee:81:db:ae:74:4b:74:7d:04:84:
92:b2:c0:2f:aa:5d:ef:f9:ee:38:65:de:52:c0:42:
f0:b3:cb:17:85:39:f3:bc:75:2d:4b:8c:4b:b1:01:
0c:d5:06:0d:c6:21:ae:4c:1d:4d:d5:13:07:29:b7:
58:88:d0:e0:b0:0f:68:78:43:27:39:81:4d:76:33:
77:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:B6:80:7F:13:30:B9:0A:F4:8A:BE:4C:33:72:35:8A:86:63:CE:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/174B8892BA2711EFB0E13949762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.236.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:9e:fb:6b:81:a0:61:89:af:76:11:ae:c5:c5:56:99:cf:5b:
99:b5:c2:1c:72:14:a7:df:71:bb:cd:95:b5:94:9a:67:a4:d6:
b1:ee:b3:0f:9a:7f:d4:8f:1f:b4:e6:52:aa:ef:ff:4f:f7:31:
55:ee:f9:cc:53:ba:2d:8b:54:f3:1c:49:22:0c:5c:4f:e4:24:
72:9b:35:4f:91:1e:7d:ef:87:cd:6e:b9:78:46:55:1d:75:67:
0e:f7:7b:95:68:54:d8:25:43:c5:1b:7e:1b:cf:ab:b7:4b:9e:
9d:37:44:78:4c:71:8f:b0:ca:7f:32:1d:0e:6e:dc:16:d5:39:
d9:6f:ac:96:0c:4e:1b:ff:03:9e:fd:46:ae:92:91:78:8a:e2:
3f:b6:e1:d4:3e:27:66:60:b7:5e:ac:c8:b1:a7:6f:1f:b4:11:
0a:48:37:92:81:12:95:9e:b0:6d:97:4a:b2:05:25:7b:27:32:
e6:bc:63:e4:07:54:30:ea:6c:78:41:38:27:43:9d:6b:f8:a9:
25:29:08:d1:12:7d:98:cc:2b:44:a0:db:a4:68:96:12:b5:bb:
16:e2:c7:12:fe:c2:45:a1:57:69:c2:8b:02:97:95:6f:8c:66:
ee:67:eb:0d:34:5d:23:94:62:01:95:02:dd:93:a0:b1:a9:f1:
81:f6:16:e6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOOiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE0MTQyNDA5WhcNMjUwMTIwMTQyNDA5WjAYMRYw
FAYDVQQDEw02NzVkOTUwZC03MjM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr9xsDSbjAFd0R+nzXIgKdkw6WAzh5XS5b4OC9nuqjPN7sDhEYOK/QrIR
nGTWli5VDt+cbAUsdcI7nBnJr7i0/GRO7WhCya7wBbU114HLQZus3JV1S/dgUf54
zzKQ4IZ83MzfkllfIIiZktzPRdYcnIowgAb1jyramSLkRqs1JHas/mXP9t6iW9i1
czPMoW5qLHrZXoDAjkHQffR0aoVOZBSxOvFmHnxU5ULwJUVF0j3wpD59E0M4bO6B
2650S3R9BISSssAvql3v+e44Zd5SwELws8sXhTnzvHUtS4xLsQEM1QYNxiGuTB1N
1RMHKbdYiNDgsA9oeEMnOYFNdjN3lQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOa2
gH8TMLkK9Iq+TDNyNYqGY84gMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNzRCODg5MkJBMjcxMUVGQjBFMTM5NDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP3sMA0GCSqGSIb3DQEBCwUA
A4IBAQCcnvtrgaBhia92Ea7FxVaZz1uZtcIcchSn33G7zZW1lJpnpNax7rMPmn/U
jx+05lKq7/9P9zFV7vnMU7oti1TzHEkiDFxP5CRymzVPkR5974fNbrl4RlUddWcO
93uVaFTYJUPFG34bz6u3S56dN0R4THGPsMp/Mh0ObtwW1TnZb6yWDE4b/wOe/Uau
kpF4iuI/tuHUPidmYLderMixp28ftBEKSDeSgRKVnrBtl0qyBSV7JzLmvGPkB1Qw
6mx4QTgnQ51r+KklKQjREn2YzCtEoNukaJYStbsW4scS/sJFoVdpwosCl5VvjGbu
Z+sNNF0jlGIBlQLdk6CxqfGB9hbm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:18 2025 by rpki-client