Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2195E740CC0911EFA5C99788762E951A.roa
File: 2195E740CC0911EFA5C99788762E951A.roa (raw, json)
Hash identifier: debtbldep8xyAX9Rr5O1NjIt9KJUfLTPHDWxHhtSQQk=
Subject key identifier: 18:24:AE:73:14:64:E2:D2:08:65:B6:D5:0A:1E:5C:83:A6:00:6B:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F853
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2195E740CC0911EFA5C99788762E951A.roa
Signing time: Mon 06 Jan 2025 08:35:06 +0000
ROA not before: Mon 06 Jan 2025 08:35:02 +0000
ROA not after: Tue 21 Jan 2025 08:35:02 +0000
asID: 39600
IP address blocks: 156.237.124.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63571 (0xf853)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 08:35:02 2025 GMT
Not After : Jan 21 08:35:02 2025 GMT
Subject: CN=677b95ba-6459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:99:d0:93:f8:e3:55:b1:e1:af:ee:72:f7:f2:
28:92:fa:04:eb:c6:50:b6:c1:f0:5a:cb:80:11:61:
fc:48:7f:a7:5c:b0:c7:a9:c8:e1:94:24:73:d5:98:
ea:e1:ac:1f:46:3d:2b:1d:ad:00:38:bc:53:0a:f0:
77:a4:22:f3:ef:c2:e4:b7:34:54:3c:da:a6:7a:8e:
73:92:1d:d8:f5:9e:7a:0e:d8:e0:e0:06:72:1e:c4:
c4:74:ac:d4:bb:17:c1:79:06:77:04:86:6d:cf:39:
7c:1d:df:9a:5d:2a:8a:94:fb:a0:6c:e9:65:2e:34:
77:23:87:ef:bf:d4:fc:fa:17:27:b5:d5:94:49:cb:
60:02:5d:61:2f:0c:1a:4a:b9:20:52:50:40:45:b1:
67:b5:e2:e6:3f:99:a3:6e:90:92:87:30:29:8a:ae:
eb:89:46:8a:8d:66:23:48:33:b9:c3:c9:40:43:cc:
87:40:38:63:f6:e9:c9:0d:ca:02:5d:f6:21:d7:e2:
34:88:44:ca:0c:50:df:d8:72:0d:e0:e5:f9:c8:16:
14:90:0f:fe:1c:93:29:ae:72:b9:0a:61:d2:b2:0d:
ce:b8:8a:2e:ee:eb:83:59:8e:20:f0:69:6f:6f:65:
53:96:d8:f5:a0:b3:53:4a:d9:00:b4:3d:f1:b1:cc:
38:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:24:AE:73:14:64:E2:D2:08:65:B6:D5:0A:1E:5C:83:A6:00:6B:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2195E740CC0911EFA5C99788762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.124.0/23
Signature Algorithm: sha256WithRSAEncryption
26:b8:20:53:27:2d:ef:df:d1:2f:2b:a4:28:32:bf:44:a0:f0:
3c:9d:41:6a:58:e1:fc:73:1a:30:b7:18:c6:3e:b9:6c:b2:3e:
50:d4:98:c0:3f:30:cd:47:57:dc:2e:ed:f1:35:28:19:0b:22:
89:de:03:b3:95:91:ed:f7:ad:32:e8:a9:e8:0a:fe:4e:63:3b:
64:93:8d:f3:bc:c0:9c:54:e5:c3:67:2e:ac:4e:ef:37:72:1f:
87:87:1d:e9:23:02:c6:66:40:28:bc:63:81:b8:2d:76:03:06:
47:d1:22:12:47:59:42:b2:23:46:54:6d:d3:27:8f:b8:05:45:
83:0f:b1:d6:5a:d2:ad:67:f4:01:ab:bd:6c:49:01:17:99:c9:
ae:2c:d4:4c:54:a7:c6:f1:f6:1e:7d:bd:f0:9d:64:69:39:48:
a4:65:45:c4:7f:42:38:f2:37:43:a1:75:c8:11:a8:e3:99:33:
4d:6c:3a:6b:96:30:e6:84:a8:00:eb:4f:51:7e:5d:0e:2e:eb:
36:e3:f3:76:91:92:a6:d8:48:a0:ac:32:a0:94:a6:ef:61:dd:
f5:63:e1:10:1a:4e:b0:31:c4:2b:5e:5d:93:87:3b:e3:e8:f7:
bd:dc:9b:e8:e4:33:dc:42:94:9c:83:b6:99:d5:c6:6c:32:90:
d8:14:81:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPhTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDgzNTAyWhcNMjUwMTIxMDgzNTAyWjAYMRYw
FAYDVQQDEw02NzdiOTViYS02NDU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAupnQk/jjVbHhr+5y9/IokvoE68ZQtsHwWsuAEWH8SH+nXLDHqcjhlCRz
1Zjq4awfRj0rHa0AOLxTCvB3pCLz78LktzRUPNqmeo5zkh3Y9Z56Dtjg4AZyHsTE
dKzUuxfBeQZ3BIZtzzl8Hd+aXSqKlPugbOllLjR3I4fvv9T8+hcntdWUSctgAl1h
LwwaSrkgUlBARbFnteLmP5mjbpCShzApiq7riUaKjWYjSDO5w8lAQ8yHQDhj9unJ
DcoCXfYh1+I0iETKDFDf2HIN4OX5yBYUkA/+HJMprnK5CmHSsg3OuIou7uuDWY4g
8Glvb2VTltj1oLNTStkAtD3xscw4iQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBgk
rnMUZOLSCGW21QoeXIOmAGsGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMTk1RTc0MENDMDkxMUVGQTVDOTk3ODg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO18MA0GCSqGSIb3DQEBCwUA
A4IBAQAmuCBTJy3v39EvK6QoMr9EoPA8nUFqWOH8cxowtxjGPrlssj5Q1JjAPzDN
R1fcLu3xNSgZCyKJ3gOzlZHt960y6KnoCv5OYztkk43zvMCcVOXDZy6sTu83ch+H
hx3pIwLGZkAovGOBuC12AwZH0SISR1lCsiNGVG3TJ4+4BUWDD7HWWtKtZ/QBq71s
SQEXmcmuLNRMVKfG8fYefb3wnWRpOUikZUXEf0I48jdDoXXIEajjmTNNbDprljDm
hKgA609Rfl0OLus24/N2kZKm2EigrDKglKbvYd31Y+EQGk6wMcQrXl2Thzvj6Pe9
3Jvo5DPcQpScg7aZ1cZsMpDYFIEb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:19 2025 by rpki-client