Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1797D83CEFAB11EFB34B1470762E951A.roa
File: 1797D83CEFAB11EFB34B1470762E951A.roa (raw, json)
Hash identifier: jduHXA0q2l5YqSqQWRCaqH4OH8pCORjzI5V/djC+J3E=
Subject key identifier: D4:84:B8:15:FD:BE:14:AB:C9:1A:A1:BC:CC:9A:FC:AE:12:EE:92:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0126BB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1797D83CEFAB11EFB34B1470762E951A.roa
Signing time: Thu 20 Feb 2025 16:52:39 +0000
ROA not before: Thu 20 Feb 2025 16:52:35 +0000
ROA not after: Mon 31 Mar 2025 16:52:35 +0000
asID: 264750
IP address blocks: 156.248.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75451 (0x126bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 20 16:52:35 2025 GMT
Not After : Mar 31 16:52:35 2025 GMT
Subject: CN=67b75dd6-f268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:bc:d7:16:70:71:7f:41:cc:9c:7e:db:b2:c3:
ea:3e:30:b6:b1:cb:c9:39:e8:0c:56:56:ce:7b:17:
43:3b:3b:f2:31:aa:d8:de:d3:af:ef:97:a6:48:5c:
a7:b0:72:87:0a:2d:1f:b8:fb:2b:3f:40:5d:38:69:
89:d4:d9:8d:1b:fc:c2:be:1e:9c:6a:a0:0d:b8:d5:
f0:ac:3e:fd:71:11:8f:7a:e8:4f:5a:6d:24:c6:74:
85:84:18:ee:69:34:7d:86:57:9d:51:03:c3:97:b6:
06:28:43:5a:0b:56:6e:8f:32:fa:24:a1:a9:9f:ad:
dd:b1:2d:32:4a:23:c2:c8:5b:dc:2d:78:b6:67:6f:
e9:de:d2:c3:41:4a:88:0c:12:34:c4:89:7c:9b:91:
1e:0b:52:ef:4b:25:8f:93:b7:9f:ba:31:26:9e:fb:
c7:8c:a2:9f:e9:21:ad:f0:5c:1e:50:16:9b:d6:fe:
3e:28:e8:f7:c1:01:0b:26:b9:9c:0d:ad:9b:32:7e:
a2:7a:94:e5:3d:9e:f4:ef:0e:2d:21:cd:00:5f:a4:
c2:35:e7:52:84:fc:e4:38:2d:75:d7:15:af:ac:9b:
1b:dd:60:42:40:f5:08:0a:49:3b:fc:69:52:c6:48:
af:e0:05:90:67:03:4f:20:a8:35:88:c2:43:46:ab:
c6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:84:B8:15:FD:BE:14:AB:C9:1A:A1:BC:CC:9A:FC:AE:12:EE:92:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1797D83CEFAB11EFB34B1470762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.192.0/18
Signature Algorithm: sha256WithRSAEncryption
08:65:11:03:95:86:93:b3:b1:7e:18:ea:eb:46:74:04:4b:2d:
cf:bc:82:73:0d:90:62:6d:45:32:1e:4b:01:df:08:d0:10:59:
bb:95:2d:db:cf:52:ad:62:8b:be:4d:5d:ae:5f:52:12:d1:af:
2f:be:8f:6b:b5:0d:5a:68:4e:04:c8:c4:39:b2:73:5a:12:8a:
c3:c0:d4:69:74:62:87:db:e0:f9:84:4b:01:c2:1f:c5:54:8c:
f3:d1:55:64:7d:c7:78:07:74:9a:b6:14:7c:9f:79:08:df:96:
23:82:b6:82:0d:c1:c4:47:c5:e1:e4:44:a1:ae:27:43:fc:fa:
83:4a:58:f5:d7:56:94:fe:d0:e2:05:13:df:00:40:77:af:eb:
e9:b7:78:f2:73:e8:57:93:6f:c6:fa:f6:02:7d:41:82:a3:53:
c0:1b:4d:7f:22:c4:dd:ef:c4:e3:12:e5:e3:0f:e3:43:be:6b:
a9:8b:8e:86:c7:bb:b6:61:8a:40:8b:c3:d3:5a:17:87:0b:90:
db:b7:72:a9:70:be:24:d4:50:04:b4:ec:be:89:92:f1:9b:19:
ce:ce:f1:e1:2b:3d:9c:1e:96:84:4d:61:6b:55:83:4c:9b:be:
bb:cf:6d:26:76:1f:74:d8:b7:48:85:57:2b:fc:a1:26:ba:a4:
6d:43:bd:2c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASa7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjIwMTY1MjM1WhcNMjUwMzMxMTY1MjM1WjAYMRYw
FAYDVQQDEw02N2I3NWRkNi1mMjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA47zXFnBxf0HMnH7bssPqPjC2scvJOegMVlbOexdDOzvyMarY3tOv75em
SFynsHKHCi0fuPsrP0BdOGmJ1NmNG/zCvh6caqANuNXwrD79cRGPeuhPWm0kxnSF
hBjuaTR9hledUQPDl7YGKENaC1ZujzL6JKGpn63dsS0ySiPCyFvcLXi2Z2/p3tLD
QUqIDBI0xIl8m5EeC1LvSyWPk7efujEmnvvHjKKf6SGt8FweUBab1v4+KOj3wQEL
JrmcDa2bMn6iepTlPZ707w4tIc0AX6TCNedShPzkOC111xWvrJsb3WBCQPUICkk7
/GlSxkiv4AWQZwNPIKg1iMJDRqvGZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNSE
uBX9vhSryRqhvMya/K4S7pK+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNzk3RDgzQ0VGQUIxMUVGQjM0QjE0NzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnPjAMA0GCSqGSIb3DQEBCwUA
A4IBAQAIZREDlYaTs7F+GOrrRnQESy3PvIJzDZBibUUyHksB3wjQEFm7lS3bz1Kt
You+TV2uX1IS0a8vvo9rtQ1aaE4EyMQ5snNaEorDwNRpdGKH2+D5hEsBwh/FVIzz
0VVkfcd4B3SathR8n3kI35YjgraCDcHER8Xh5EShridD/PqDSlj111aU/tDiBRPf
AEB3r+vpt3jyc+hXk2/G+vYCfUGCo1PAG01/IsTd78TjEuXjD+NDvmupi46Gx7u2
YYpAi8PTWheHC5Dbt3KpcL4k1FAEtOy+iZLxmxnOzvHhKz2cHpaETWFrVYNMm767
z20mdh902LdIhVcr/KEmuqRtQ70s
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:01:22 2025 by rpki-client