Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20D0DB9AC74411EFB505FEB5762E951A.roa
File: 20D0DB9AC74411EFB505FEB5762E951A.roa (raw, json)
Hash identifier: fFwQDDpU5PjhiA/6utA8ib+ZYZVI1+a+wTkZICVxr14=
Subject key identifier: 5B:F5:AA:FB:11:D6:E9:DA:8C:86:0F:1B:5C:E5:18:EB:3B:43:CA:EE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F298
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20D0DB9AC74411EFB505FEB5762E951A.roa
Signing time: Tue 31 Dec 2024 06:54:49 +0000
ROA not before: Tue 31 Dec 2024 06:54:46 +0000
ROA not after: Tue 04 Feb 2025 06:54:46 +0000
asID: 18013
IP address blocks: 156.234.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62104 (0xf298)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 31 06:54:46 2024 GMT
Not After : Feb 4 06:54:46 2025 GMT
Subject: CN=67739539-cc46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:72:4c:6c:25:09:90:46:fb:2c:69:bb:36:2e:
b1:5a:b9:f5:3c:c2:d0:85:40:ab:22:eb:98:a7:78:
55:ef:af:a1:ba:70:f5:b9:22:cf:b4:81:20:68:ef:
ac:9d:2b:07:21:26:2a:3e:7d:d9:60:75:16:15:32:
e1:ad:6c:36:c4:64:c8:a6:b8:42:9b:84:67:a1:cc:
37:3f:a2:30:67:af:6b:21:17:7d:f6:78:82:57:6a:
1e:7c:55:54:3e:ae:a1:ad:49:ad:31:93:29:84:87:
a9:b7:53:8e:82:7b:d7:19:3f:19:50:aa:b2:e3:d7:
77:b5:6a:50:a7:c7:f7:2a:28:bd:07:4d:23:ee:aa:
34:88:83:96:41:a3:4d:7d:3d:07:c7:76:e3:87:f3:
60:11:b0:1c:3d:3a:ae:1e:66:3e:a9:4f:34:6b:f6:
83:fd:fb:84:9b:fc:fb:bd:5e:5f:1e:22:20:4f:fe:
6a:55:a2:15:0b:18:68:d5:23:0c:70:45:02:e6:2b:
57:92:49:80:5a:5d:44:87:61:ea:4c:a2:ae:61:ae:
d0:17:e7:48:f4:db:a4:18:e9:ae:de:1a:f0:87:38:
70:d2:c2:34:80:77:9e:ff:de:92:e3:f0:66:bf:ec:
60:78:34:ba:63:7c:e2:79:c9:b6:d3:80:61:0b:39:
31:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F5:AA:FB:11:D6:E9:DA:8C:86:0F:1B:5C:E5:18:EB:3B:43:CA:EE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20D0DB9AC74411EFB505FEB5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/24
Signature Algorithm: sha256WithRSAEncryption
06:c2:1d:59:f0:a5:73:7b:57:29:84:3e:c8:fb:6e:bc:99:4b:
4c:4d:cf:36:9b:b2:33:72:36:9d:fa:9b:be:a1:cc:c7:0f:03:
b5:67:5e:eb:c4:d9:89:aa:19:a0:9e:18:84:04:6f:67:6c:ff:
9b:7e:85:79:fe:9d:72:83:67:7c:2f:22:02:d6:c8:2d:c5:a0:
5c:e8:0a:0c:f9:3f:f9:3e:32:17:61:2e:23:1e:1f:64:20:c2:
03:4c:11:8e:aa:b5:ac:0d:a0:6f:f1:06:3f:9e:f0:4d:12:89:
49:60:2c:b1:cc:6c:fa:6d:9d:4d:2e:d9:cc:b4:bc:1d:f1:a8:
c5:fc:9f:8c:c1:c3:bd:76:6b:51:c4:7c:83:b2:58:d8:80:90:
27:42:9b:49:df:a9:1a:ea:79:e2:0f:1e:2e:8d:ea:72:a6:ad:
9b:ef:b1:37:3b:a3:98:73:e2:bf:0b:cc:55:7a:d2:06:c1:f8:
37:a7:13:77:3a:61:4d:2b:41:87:56:34:79:b0:1c:7a:d1:3c:
6a:96:3f:80:7c:3c:1a:c4:60:5e:31:d4:b9:9a:b6:cf:ad:1f:
5d:4a:13:24:20:82:8b:39:12:c6:7f:4c:6a:bc:7c:da:74:52:
19:85:61:52:fc:4f:0b:15:65:47:96:78:21:2c:ac:cb:c4:be:
e8:84:c5:b1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPKYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjMxMDY1NDQ2WhcNMjUwMjA0MDY1NDQ2WjAYMRYw
FAYDVQQDEw02NzczOTUzOS1jYzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxXJMbCUJkEb7LGm7Ni6xWrn1PMLQhUCrIuuYp3hV76+hunD1uSLPtIEg
aO+snSsHISYqPn3ZYHUWFTLhrWw2xGTIprhCm4Rnocw3P6IwZ69rIRd99niCV2oe
fFVUPq6hrUmtMZMphIept1OOgnvXGT8ZUKqy49d3tWpQp8f3Kii9B00j7qo0iIOW
QaNNfT0Hx3bjh/NgEbAcPTquHmY+qU80a/aD/fuEm/z7vV5fHiIgT/5qVaIVCxho
1SMMcEUC5itXkkmAWl1Eh2HqTKKuYa7QF+dI9NukGOmu3hrwhzhw0sI0gHee/96S
4/Bmv+xgeDS6Y3ziecm204BhCzkxZwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFv1
qvsR1unajIYPG1zlGOs7Q8ruMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMEQwREI5QUM3NDQxMUVGQjUwNUZFQjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOoAMA0GCSqGSIb3DQEBCwUA
A4IBAQAGwh1Z8KVze1cphD7I+268mUtMTc82m7Izcjad+pu+oczHDwO1Z17rxNmJ
qhmgnhiEBG9nbP+bfoV5/p1yg2d8LyIC1sgtxaBc6AoM+T/5PjIXYS4jHh9kIMID
TBGOqrWsDaBv8QY/nvBNEolJYCyxzGz6bZ1NLtnMtLwd8ajF/J+MwcO9dmtRxHyD
sljYgJAnQptJ36ka6nniDx4ujepypq2b77E3O6OYc+K/C8xVetIGwfg3pxN3OmFN
K0GHVjR5sBx60Txqlj+AfDwaxGBeMdS5mrbPrR9dShMkIIKLORLGf0xqvHzadFIZ
hWFS/E8LFWVHlnghLKzLxL7ohMWx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:41 2025 by rpki-client