Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D2B9858B21911EF94ACFCA3762E951A.roa
File: 1D2B9858B21911EF94ACFCA3762E951A.roa (raw, json)
Hash identifier: VzahoVBv/ptIVrBRiNA4KhkNVcPuBOA5SMpa4rdQs+U=
Subject key identifier: AB:4E:8B:30:65:D3:D0:B7:04:20:24:12:BA:8A:81:A2:88:C1:6F:1D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DF6E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D2B9858B21911EF94ACFCA3762E951A.roa
Signing time: Wed 04 Dec 2024 08:24:01 +0000
ROA not before: Wed 04 Dec 2024 08:23:57 +0000
ROA not after: Thu 23 Jan 2025 08:23:57 +0000
asID: 63139
IP address blocks: 156.229.30.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57198 (0xdf6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 4 08:23:57 2024 GMT
Not After : Jan 23 08:23:57 2025 GMT
Subject: CN=675011a0-93bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c6:5d:6e:d4:05:af:ef:d1:5b:0a:8e:b2:70:
ca:b8:44:16:93:c0:21:3f:f2:aa:20:65:25:24:7c:
7d:36:08:af:cd:fb:8b:c6:c8:45:fc:6d:84:6a:69:
5d:fb:e5:9a:68:cf:18:d1:64:5b:f3:b3:83:06:12:
7f:f7:86:0c:f8:e8:4d:72:d2:4f:d0:9e:e9:80:70:
c0:9d:0c:f9:ea:08:8a:c4:03:18:5a:2a:96:50:67:
b5:52:ee:1e:00:46:31:49:d2:3b:29:12:cc:52:b5:
3e:80:4d:3f:8f:15:59:e8:c6:4c:4d:89:b7:44:ad:
82:88:1f:38:4f:42:49:c5:06:46:a4:43:9f:08:af:
d0:dc:73:18:6f:76:34:e5:20:38:e1:01:fe:10:0f:
9c:6f:66:d7:61:03:bf:9b:c1:79:fc:78:8e:70:6f:
d3:c6:05:7b:18:06:4f:b2:27:87:2a:91:2c:73:f4:
b7:4e:7e:8c:51:9e:11:0d:79:3f:a0:d8:c0:cb:41:
1f:e7:bc:40:af:a1:e6:e6:22:ab:23:63:85:c0:6d:
b1:7b:82:8a:1c:89:28:60:cc:6d:27:d3:db:e1:6b:
4f:d6:e4:e3:e2:90:f1:ee:f8:d0:62:17:95:58:b6:
b8:8e:92:35:77:cc:f1:3a:32:be:7b:77:b7:04:e8:
5e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:4E:8B:30:65:D3:D0:B7:04:20:24:12:BA:8A:81:A2:88:C1:6F:1D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D2B9858B21911EF94ACFCA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.30.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:69:9f:41:4d:b0:26:9d:d6:ae:9f:fd:49:6e:20:6f:96:8b:
af:4d:02:4d:dc:14:3d:2e:a0:9e:3c:f9:7d:87:a2:a3:9b:61:
7e:ad:80:26:65:9d:a3:a7:fe:f8:c9:57:92:33:bd:f0:6a:c7:
a6:25:e7:04:41:90:14:69:9c:31:30:93:ad:15:aa:50:72:5e:
33:a7:89:b2:23:08:c5:fa:88:89:3d:3f:ca:59:53:10:56:30:
62:96:cb:2b:f4:de:5e:9c:ab:8a:64:95:c4:c3:3d:7a:e3:4f:
2b:b9:08:fc:10:83:d9:e3:e9:ec:07:66:2b:9b:c3:5b:83:e4:
06:31:2f:db:db:ab:a0:4b:d2:a7:2c:75:c5:06:a1:c1:30:02:
0b:d8:a6:4d:a5:81:5e:68:57:30:1b:f0:db:36:30:98:90:c5:
d0:16:36:b6:eb:e6:1e:47:0e:83:c8:34:cd:d7:69:be:3b:8c:
49:85:0c:aa:89:9d:02:d9:f0:e9:55:a1:68:72:5f:65:1e:90:
17:c0:31:37:01:bf:04:fc:8f:11:ea:ec:db:f3:0f:d5:ea:42:
d1:1a:d6:61:09:92:70:c0:03:a8:db:49:e4:bf:c7:7e:04:65:
fe:33:21:b6:fe:cb:c7:dc:d7:d2:fa:e4:75:bc:fb:6a:8a:fd:
b3:d0:3f:78
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAN9uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA0MDgyMzU3WhcNMjUwMTIzMDgyMzU3WjAYMRYw
FAYDVQQDEw02NzUwMTFhMC05M2JmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl8ZdbtQFr+/RWwqOsnDKuEQWk8AhP/KqIGUlJHx9NgivzfuLxshF/G2E
amld++WaaM8Y0WRb87ODBhJ/94YM+OhNctJP0J7pgHDAnQz56giKxAMYWiqWUGe1
Uu4eAEYxSdI7KRLMUrU+gE0/jxVZ6MZMTYm3RK2CiB84T0JJxQZGpEOfCK/Q3HMY
b3Y05SA44QH+EA+cb2bXYQO/m8F5/HiOcG/TxgV7GAZPsieHKpEsc/S3Tn6MUZ4R
DXk/oNjAy0Ef57xAr6Hm5iKrI2OFwG2xe4KKHIkoYMxtJ9Pb4WtP1uTj4pDx7vjQ
YheVWLa4jpI1d8zxOjK+e3e3BOheLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKtO
izBl09C3BCAkErqKgaKIwW8dMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRDJCOTg1OEIyMTkxMUVGOTRBQ0ZDQTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOUeMA0GCSqGSIb3DQEBCwUA
A4IBAQC3aZ9BTbAmndaun/1JbiBvlouvTQJN3BQ9LqCePPl9h6Kjm2F+rYAmZZ2j
p/74yVeSM73wasemJecEQZAUaZwxMJOtFapQcl4zp4myIwjF+oiJPT/KWVMQVjBi
lssr9N5enKuKZJXEwz16408ruQj8EIPZ4+nsB2Yrm8Nbg+QGMS/b26ugS9KnLHXF
BqHBMAIL2KZNpYFeaFcwG/DbNjCYkMXQFja26+YeRw6DyDTN12m+O4xJhQyqiZ0C
2fDpVaFocl9lHpAXwDE3Ab8E/I8R6uzb8w/V6kLRGtZhCZJwwAOo20nkv8d+BGX+
MyG2/svH3NfS+uR1vPtqiv2z0D94
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:49 2025 by rpki-client