Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E756768B92911EF9D5D2A93762E951A.roa
File: 1E756768B92911EF9D5D2A93762E951A.roa (raw, json)
Hash identifier: gqtYKwWzBPXW/XHyLhf4FZDc/wsSvLbvnnW3/ylopH8=
Subject key identifier: 3F:60:4A:37:DB:36:A7:5A:F9:B0:9B:B1:FD:04:D6:5D:D9:C5:85:87
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E32D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E756768B92911EF9D5D2A93762E951A.roa
Signing time: Fri 13 Dec 2024 08:06:13 +0000
ROA not before: Fri 13 Dec 2024 08:06:09 +0000
ROA not after: Sat 25 Jan 2025 08:06:09 +0000
asID: 202656
IP address blocks: 156.246.162.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58157 (0xe32d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 13 08:06:09 2024 GMT
Not After : Jan 25 08:06:09 2025 GMT
Subject: CN=675beaf5-a89d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fc:a6:fd:95:8f:c3:84:0c:53:f9:62:fe:a9:
9b:69:0d:64:77:d9:53:dd:53:e5:12:ac:46:3b:5e:
a3:80:70:d4:04:9f:15:30:d3:bd:22:d5:53:99:82:
55:9a:f3:6f:f3:b5:d4:4e:47:51:31:5c:2b:7e:91:
e0:e7:bd:55:ee:c8:48:0f:9e:8e:ab:fb:b6:e9:53:
65:7a:af:96:4c:b1:ce:3e:90:c1:58:42:2e:9f:8a:
a3:b1:04:c3:8c:d8:34:ef:8e:73:92:ff:74:cd:64:
5b:4b:ee:13:9a:2d:ee:52:62:6e:0f:33:aa:3f:86:
8c:23:d8:2f:7e:5e:d0:aa:8d:95:29:00:55:a7:b2:
75:b1:5d:93:5e:8c:43:0d:fb:3b:34:36:10:64:52:
5d:ec:79:bf:20:d3:97:9a:9f:77:a9:2b:ba:38:66:
ef:ed:d8:f5:3d:c6:f8:c7:c8:39:6f:da:5c:6e:14:
2e:6a:44:49:09:d8:12:5e:8e:c6:c7:10:6b:c7:0e:
3d:b3:5f:8d:fe:d8:c5:56:40:c3:5e:a3:06:ca:73:
7f:7d:c3:7b:48:fc:77:70:13:b1:e2:a6:f8:5b:7d:
49:9a:c9:9d:e3:2c:c7:f0:72:7d:a5:ff:e6:97:f7:
a6:77:fd:4c:13:c2:1e:73:89:65:4b:13:26:19:e4:
bf:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:60:4A:37:DB:36:A7:5A:F9:B0:9B:B1:FD:04:D6:5D:D9:C5:85:87
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E756768B92911EF9D5D2A93762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.162.0/23
Signature Algorithm: sha256WithRSAEncryption
47:9e:c6:82:bb:03:81:f5:85:6b:7b:c0:28:c7:5d:63:eb:c8:
23:e8:86:a5:27:68:47:f1:70:e6:55:30:3d:aa:92:85:65:7b:
8b:c2:4e:17:87:69:00:04:1f:8c:77:05:9d:4d:19:83:4d:90:
61:31:f0:e4:5e:01:32:12:b8:13:69:8b:c6:a8:c0:2d:4d:6e:
4d:d0:f1:92:d9:f2:ea:c0:c7:9a:8f:0e:3c:af:25:a4:eb:3d:
56:5e:28:95:c2:64:db:14:bb:b7:2c:92:0b:4c:e8:bb:1a:72:
b6:c1:96:aa:4f:cb:5b:02:49:48:a6:bf:05:5e:fc:6f:88:f1:
fe:68:c4:5b:f9:af:50:77:b2:40:80:1d:f8:2e:43:1f:31:99:
df:f1:27:86:44:eb:1a:6b:c0:e0:b7:98:a1:ec:10:5b:6c:1d:
a0:a8:b9:5c:80:63:5b:c2:6b:e9:f9:f4:14:6f:b5:ab:38:db:
96:73:be:00:39:21:d7:41:7b:87:8e:90:ac:e3:b3:e6:56:ae:
49:d8:ee:60:57:05:37:37:75:86:43:e2:68:09:d5:ad:f1:8f:
8e:ac:24:19:e7:bc:0b:fb:10:65:ac:c8:9e:5c:1a:74:ae:07:
6f:80:cd:06:6c:b8:be:80:fe:e3:81:75:a9:eb:99:e4:1c:ba:
a6:74:20:4d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOMtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjEzMDgwNjA5WhcNMjUwMTI1MDgwNjA5WjAYMRYw
FAYDVQQDEw02NzViZWFmNS1hODlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArfym/ZWPw4QMU/li/qmbaQ1kd9lT3VPlEqxGO16jgHDUBJ8VMNO9ItVT
mYJVmvNv87XUTkdRMVwrfpHg571V7shID56Oq/u26VNleq+WTLHOPpDBWEIun4qj
sQTDjNg0745zkv90zWRbS+4Tmi3uUmJuDzOqP4aMI9gvfl7Qqo2VKQBVp7J1sV2T
XoxDDfs7NDYQZFJd7Hm/INOXmp93qSu6OGbv7dj1Pcb4x8g5b9pcbhQuakRJCdgS
Xo7GxxBrxw49s1+N/tjFVkDDXqMGynN/fcN7SPx3cBOx4qb4W31Jmsmd4yzH8HJ9
pf/ml/emd/1ME8Iec4llSxMmGeS/zwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD9g
SjfbNqda+bCbsf0E1l3ZxYWHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRTc1Njc2OEI5MjkxMUVGOUQ1RDJBOTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPaiMA0GCSqGSIb3DQEBCwUA
A4IBAQBHnsaCuwOB9YVre8Aox11j68gj6IalJ2hH8XDmVTA9qpKFZXuLwk4Xh2kA
BB+MdwWdTRmDTZBhMfDkXgEyErgTaYvGqMAtTW5N0PGS2fLqwMeajw48ryWk6z1W
XiiVwmTbFLu3LJILTOi7GnK2wZaqT8tbAklIpr8FXvxviPH+aMRb+a9Qd7JAgB34
LkMfMZnf8SeGROsaa8Dgt5ih7BBbbB2gqLlcgGNbwmvp+fQUb7WrONuWc74AOSHX
QXuHjpCs47PmVq5J2O5gVwU3N3WGQ+JoCdWt8Y+OrCQZ57wL+xBlrMieXBp0rgdv
gM0GbLi+gP7jgXWp65nkHLqmdCBN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:28 2025 by rpki-client