Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C02C626BA2611EF96F6A442762E951A.roa
File: 1C02C626BA2611EF96F6A442762E951A.roa (raw, json)
Hash identifier: XyD0OulMBQpZ6UenqpYoYoizLxaBHCxS1b+l/jsIdt0=
Subject key identifier: 1B:E2:2C:71:CE:A4:D7:5D:63:24:D5:92:68:9F:41:06:CD:67:01:F5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E396
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C02C626BA2611EF96F6A442762E951A.roa
Signing time: Sat 14 Dec 2024 14:17:11 +0000
ROA not before: Sat 14 Dec 2024 14:17:07 +0000
ROA not after: Mon 20 Jan 2025 14:17:07 +0000
asID: 49791
IP address blocks: 156.253.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58262 (0xe396)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 14 14:17:07 2024 GMT
Not After : Jan 20 14:17:07 2025 GMT
Subject: CN=675d9367-c702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:49:21:7e:a5:2c:b2:ed:48:ab:e0:ba:11:f9:
7e:8f:de:cf:a3:06:f0:fd:aa:0d:94:98:fa:29:6b:
85:6f:af:23:fa:47:7d:ec:37:34:9b:5c:d1:53:98:
7a:c3:ab:ae:c6:99:8c:49:67:e4:cd:4a:0c:e3:93:
1d:39:02:a0:43:97:87:76:31:25:2e:32:9c:0b:fa:
ea:9d:d7:76:3b:eb:69:d3:f4:5c:53:60:b6:b7:1b:
c7:93:a3:83:a7:d1:72:2a:5c:64:8c:d9:dd:fe:66:
a2:4e:cb:2d:4e:fb:d7:59:85:0c:c4:b5:2b:d6:fd:
fc:13:0a:f6:0f:02:d1:bf:e7:ad:52:5a:8e:5c:7e:
ea:79:11:d1:51:1d:4e:d2:57:cf:89:e1:f8:95:d2:
b1:d5:ae:ba:94:43:e8:24:2b:f1:f5:e5:7b:e4:75:
8e:86:f6:83:fd:89:25:b0:c5:02:b6:07:cc:e7:ba:
56:44:3c:cf:79:46:9d:25:d9:d4:f0:8e:f0:68:92:
10:c9:5d:29:1e:b2:62:f7:58:7f:50:aa:e4:d3:9b:
01:dc:87:1a:ae:e6:40:8a:dd:6d:de:d8:2f:98:bf:
4e:91:45:3a:91:17:12:c0:1e:51:ea:d0:ed:0b:68:
00:02:30:b3:52:72:f0:9f:11:af:79:53:38:c8:e6:
55:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E2:2C:71:CE:A4:D7:5D:63:24:D5:92:68:9F:41:06:CD:67:01:F5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C02C626BA2611EF96F6A442762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.249.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:11:8c:4e:36:09:70:f9:16:3f:ac:a2:d7:ab:a1:b0:d7:bc:
a0:90:40:66:b3:ab:a6:58:37:d6:4d:52:a1:3a:84:ca:e4:97:
17:c0:86:02:0d:ca:a1:92:06:8d:06:b6:a5:9f:db:e2:4d:14:
6a:44:c2:7f:c6:37:e8:28:f0:1b:31:06:4f:1e:6c:77:e9:ef:
cd:be:f4:77:0d:ba:18:b9:76:98:ad:12:a6:93:05:80:7c:62:
9e:d4:3f:71:5a:9d:b7:53:62:26:0e:12:32:9c:dc:e2:3e:ad:
d1:c5:b8:dd:f9:5a:52:40:c2:aa:f4:88:bb:b7:8d:3e:df:d8:
71:5a:03:8e:5a:58:7e:02:70:c4:44:b7:e9:56:3c:89:61:ac:
b2:07:ac:43:7b:5a:9e:d4:18:84:46:df:a4:ac:d7:68:ab:6a:
71:6d:1a:23:7a:45:f8:87:9e:28:c7:4a:05:d7:56:7e:c1:89:
31:b9:b2:f9:b3:6d:92:1a:8c:9c:cf:31:e3:52:df:47:02:c0:
b8:bc:cc:ac:1c:86:71:a6:b8:97:45:49:cc:92:b1:76:d0:88:
64:ea:80:d9:4a:46:75:38:47:67:90:b0:18:c6:a6:cc:8d:1b:
ec:6f:6e:1a:84:be:c2:5f:df:27:59:36:1b:c4:c4:b3:6f:3f:
97:fa:d5:ac
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOOWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE0MTQxNzA3WhcNMjUwMTIwMTQxNzA3WjAYMRYw
FAYDVQQDEw02NzVkOTM2Ny1jNzAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA20khfqUssu1Iq+C6Efl+j97Powbw/aoNlJj6KWuFb68j+kd97Dc0m1zR
U5h6w6uuxpmMSWfkzUoM45MdOQKgQ5eHdjElLjKcC/rqndd2O+tp0/RcU2C2txvH
k6ODp9FyKlxkjNnd/maiTsstTvvXWYUMxLUr1v38Ewr2DwLRv+etUlqOXH7qeRHR
UR1O0lfPieH4ldKx1a66lEPoJCvx9eV75HWOhvaD/YklsMUCtgfM57pWRDzPeUad
JdnU8I7waJIQyV0pHrJi91h/UKrk05sB3IcaruZAit1t3tgvmL9OkUU6kRcSwB5R
6tDtC2gAAjCzUnLwnxGveVM4yOZVMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBvi
LHHOpNddYyTVkmifQQbNZwH1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQzAyQzYyNkJBMjYxMUVGOTZGNkE0NDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP35MA0GCSqGSIb3DQEBCwUA
A4IBAQArEYxONglw+RY/rKLXq6Gw17ygkEBms6umWDfWTVKhOoTK5JcXwIYCDcqh
kgaNBraln9viTRRqRMJ/xjfoKPAbMQZPHmx36e/NvvR3DboYuXaYrRKmkwWAfGKe
1D9xWp23U2ImDhIynNziPq3Rxbjd+VpSQMKq9Ii7t40+39hxWgOOWlh+AnDERLfp
VjyJYayyB6xDe1qe1BiERt+krNdoq2pxbRojekX4h54ox0oF11Z+wYkxubL5s22S
GoyczzHjUt9HAsC4vMysHIZxpriXRUnMkrF20Ihk6oDZSkZ1OEdnkLAYxqbMjRvs
b24ahL7CX98nWTYbxMSzbz+X+tWs
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:38 2025 by rpki-client