Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C97A324C9B511EF9C19F249762E951A.roa
File: 1C97A324C9B511EF9C19F249762E951A.roa (raw, json)
Hash identifier: 5mt0E8NDmFrAot5MvTh/Za0ijsyl9wXFwMB1OjNFin0=
Subject key identifier: AE:FA:59:47:B0:F3:CD:6A:AD:2F:0D:32:7B:78:66:8A:74:3D:60:57
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6CF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C97A324C9B511EF9C19F249762E951A.roa
Signing time: Fri 03 Jan 2025 09:28:38 +0000
ROA not before: Fri 03 Jan 2025 09:28:34 +0000
ROA not after: Sat 18 Jan 2025 09:28:34 +0000
asID: 141883
IP address blocks: 156.240.0.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63183 (0xf6cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 09:28:34 2025 GMT
Not After : Jan 18 09:28:34 2025 GMT
Subject: CN=6777adc6-7357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:86:a0:a4:99:07:3c:58:c8:4b:38:7d:5e:ad:
e8:78:37:e5:40:73:c6:8f:b9:67:55:fe:50:37:1c:
1e:48:ce:8c:54:1c:f3:b5:56:f8:2a:1f:42:ca:32:
36:bf:c2:3d:84:d0:2a:a2:39:63:ba:04:44:b6:2d:
42:4d:b1:be:6f:d9:cd:16:34:c2:3d:59:71:8b:a1:
c3:11:f4:47:39:3e:e2:14:60:a9:a4:02:85:63:e7:
86:80:04:ab:e6:39:1e:8f:27:c1:9a:d7:ee:23:ec:
2c:b8:bb:be:6d:4b:ca:02:69:2c:55:ef:b9:f2:39:
b9:01:c7:76:af:d7:87:c9:80:f7:5e:c1:b8:6d:ea:
21:6f:19:b2:af:7e:c7:ce:4e:a0:53:dd:69:72:89:
01:a1:cf:b6:2a:d9:9e:6e:f0:14:43:1e:15:36:34:
64:07:2b:76:b6:57:1e:37:41:df:dc:5d:29:0d:42:
59:41:38:35:9a:8e:6b:70:49:a8:7c:62:64:24:06:
04:b7:d0:40:75:b5:9e:05:46:76:05:e2:2b:52:f4:
66:25:5b:d2:6c:f2:f1:a4:a4:a1:d5:84:a2:f7:17:
81:89:be:5f:5e:a9:4b:17:4a:15:6b:91:cb:a7:bb:
4c:21:62:19:3b:50:fd:23:b8:f1:43:3f:e9:d7:e3:
75:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:FA:59:47:B0:F3:CD:6A:AD:2F:0D:32:7B:78:66:8A:74:3D:60:57
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C97A324C9B511EF9C19F249762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.0.0/19
Signature Algorithm: sha256WithRSAEncryption
37:45:ac:d0:86:15:e0:5b:44:a6:00:19:a6:f8:4f:11:cb:89:
73:68:3d:d0:29:aa:6c:a1:0c:15:14:12:b5:45:aa:ae:72:82:
d5:1f:8b:4e:29:79:68:26:4d:ac:da:70:f6:21:aa:cc:f7:43:
03:df:38:90:be:63:ae:71:e8:d9:63:92:9d:58:e1:5e:bb:17:
70:dc:4e:35:b5:18:45:07:95:a4:c7:09:3d:35:b0:b1:d6:37:
2b:04:6c:85:67:d7:d9:a0:8c:2c:78:da:26:2f:eb:87:d8:c6:
70:cf:ce:21:bc:83:98:e0:c9:56:bf:09:81:d8:70:4e:0c:9a:
9f:5d:e7:38:26:21:73:11:06:cf:b7:a7:d2:dd:17:70:6e:9d:
4e:b5:ca:dc:7f:93:99:b8:64:37:af:8f:48:1f:8d:3a:1e:f9:
3e:b3:f7:10:00:b2:d0:1a:b1:3c:4d:ce:17:fa:2f:99:cc:28:
a0:56:e9:b8:1b:f5:88:34:8c:c1:35:f9:21:8d:3d:d1:78:de:
97:9a:cb:cb:3a:d9:67:8d:3c:27:39:10:e8:ba:f0:6e:6e:dd:
0f:6b:c4:de:51:86:f0:24:e4:cb:9e:f0:43:be:fb:a9:8b:75:
15:43:b7:21:69:28:73:af:af:82:88:7d:d6:bc:f5:ef:4e:18:
d5:a9:b4:0f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPbPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDkyODM0WhcNMjUwMTE4MDkyODM0WjAYMRYw
FAYDVQQDEw02Nzc3YWRjNi03MzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8YagpJkHPFjISzh9Xq3oeDflQHPGj7lnVf5QNxweSM6MVBzztVb4Kh9C
yjI2v8I9hNAqojljugREti1CTbG+b9nNFjTCPVlxi6HDEfRHOT7iFGCppAKFY+eG
gASr5jkejyfBmtfuI+wsuLu+bUvKAmksVe+58jm5Acd2r9eHyYD3XsG4beohbxmy
r37Hzk6gU91pcokBoc+2KtmebvAUQx4VNjRkByt2tlceN0Hf3F0pDUJZQTg1mo5r
cEmofGJkJAYEt9BAdbWeBUZ2BeIrUvRmJVvSbPLxpKSh1YSi9xeBib5fXqlLF0oV
a5HLp7tMIWIZO1D9I7jxQz/p1+N1UQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK76
WUew881qrS8NMnt4Zop0PWBXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQzk3QTMyNEM5QjUxMUVGOUMxOUYyNDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnPAAMA0GCSqGSIb3DQEBCwUA
A4IBAQA3RazQhhXgW0SmABmm+E8Ry4lzaD3QKapsoQwVFBK1RaqucoLVH4tOKXlo
Jk2s2nD2IarM90MD3ziQvmOucejZY5KdWOFeuxdw3E41tRhFB5Wkxwk9NbCx1jcr
BGyFZ9fZoIwseNomL+uH2MZwz84hvIOY4MlWvwmB2HBODJqfXec4JiFzEQbPt6fS
3Rdwbp1Otcrcf5OZuGQ3r49IH406Hvk+s/cQALLQGrE8Tc4X+i+ZzCigVum4G/WI
NIzBNfkhjT3ReN6XmsvLOtlnjTwnORDouvBubt0Pa8TeUYbwJOTLnvBDvvupi3UV
Q7chaShzr6+CiH3WvPXvThjVqbQP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:33 2025 by rpki-client