Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2237FA3ECBDD11EF8DA2E473762E951A.roa
File: 2237FA3ECBDD11EF8DA2E473762E951A.roa (raw, json)
Hash identifier: RbW5Y7xCbwsJKWBESXaX5n2TODGafn6/G4SJ4gXLhhw=
Subject key identifier: 3D:01:33:02:7A:11:91:CC:AE:89:7A:AD:FE:43:DA:DE:35:21:87:D1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7F4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2237FA3ECBDD11EF8DA2E473762E951A.roa
Signing time: Mon 06 Jan 2025 03:20:09 +0000
ROA not before: Mon 06 Jan 2025 03:20:06 +0000
ROA not after: Tue 04 Feb 2025 03:20:06 +0000
asID: 269070
IP address blocks: 156.249.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63476 (0xf7f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 03:20:06 2025 GMT
Not After : Feb 4 03:20:06 2025 GMT
Subject: CN=677b4be9-5769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:37:54:aa:52:a7:59:b0:54:19:47:5d:84:0b:
1c:c5:b9:21:a9:ef:38:24:c7:18:f7:e9:d2:cf:a1:
5d:41:c2:b6:71:6a:10:9a:0a:0a:66:1d:ff:a0:e4:
9a:ec:cf:59:c8:aa:a4:94:8c:34:75:b1:19:bb:bf:
e5:80:1c:8c:cf:d6:31:58:35:32:a1:00:1a:03:da:
c7:58:da:59:4a:44:db:f6:e5:30:92:d5:34:52:a2:
01:e8:db:ec:54:9f:08:22:c3:8d:26:6c:6d:98:e0:
dc:36:92:c8:a6:8d:fa:cf:8b:6f:36:a0:7c:bc:fd:
c4:e3:20:be:20:97:a3:17:d2:c8:d3:55:39:92:6f:
c5:95:e0:fe:5e:5c:33:84:34:db:dc:05:3a:79:21:
23:b3:8a:d6:39:17:47:5c:92:92:8f:7f:ae:7a:10:
13:0b:ca:65:ee:fb:08:ae:32:96:dc:97:3f:07:72:
17:e3:da:c1:eb:23:bb:62:4c:aa:ea:c1:67:c3:68:
75:ae:29:ec:58:ef:c5:c8:6a:bc:f2:d9:1d:42:23:
d8:39:83:4e:f5:8e:13:5f:b0:7e:ef:95:b2:1d:8a:
57:7d:58:25:90:ea:b2:6f:4c:6f:3a:29:7a:bd:5a:
be:3e:8b:bd:b5:32:2e:11:64:b5:24:f4:c4:33:f7:
14:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:01:33:02:7A:11:91:CC:AE:89:7A:AD:FE:43:DA:DE:35:21:87:D1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2237FA3ECBDD11EF8DA2E473762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.67.0/24
Signature Algorithm: sha256WithRSAEncryption
15:92:26:05:67:9e:33:8a:60:c6:d4:78:40:a2:55:13:3c:da:
43:ce:59:df:52:db:fc:35:49:02:56:69:03:72:c9:35:5d:45:
eb:30:8e:8d:f2:a7:89:51:90:59:a6:43:1f:43:da:94:ac:7b:
df:2e:5c:8f:7b:4e:3c:4f:6d:2c:9c:6d:ff:cd:f5:a6:8c:a6:
61:a2:1c:6b:40:4d:49:4d:a0:3e:97:8c:a0:da:0d:a8:c7:29:
73:3d:2f:3e:25:5d:54:f8:d2:e3:c3:70:62:27:21:8d:3c:76:
06:55:7b:66:60:7f:50:32:5c:b3:4d:c8:e1:ff:27:9b:a7:4e:
dc:db:c2:93:2d:d7:37:66:59:8c:17:7f:a4:8e:79:33:e0:bb:
b1:36:a5:70:11:f5:b5:ad:e5:d5:88:3b:79:6a:16:80:55:01:
ca:05:4d:97:20:73:2d:84:fa:a9:28:ac:28:69:6e:a6:65:fb:
f1:a6:da:b5:0a:c9:81:6e:36:bd:ff:31:52:a1:99:6d:84:ba:
eb:c6:21:42:bf:9d:07:65:e3:ec:fe:b9:36:7e:68:c9:2f:37:
88:7d:cf:60:d9:67:fc:0f:1b:e6:f2:8f:3b:df:c5:64:55:71:
aa:bd:26:e6:c5:31:f6:d2:ff:b4:34:21:60:6d:97:45:14:1d:
fc:71:e8:55
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPf0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDMyMDA2WhcNMjUwMjA0MDMyMDA2WjAYMRYw
FAYDVQQDEw02NzdiNGJlOS01NzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxzdUqlKnWbBUGUddhAscxbkhqe84JMcY9+nSz6FdQcK2cWoQmgoKZh3/
oOSa7M9ZyKqklIw0dbEZu7/lgByMz9YxWDUyoQAaA9rHWNpZSkTb9uUwktU0UqIB
6NvsVJ8IIsONJmxtmODcNpLIpo36z4tvNqB8vP3E4yC+IJejF9LI01U5km/FleD+
XlwzhDTb3AU6eSEjs4rWORdHXJKSj3+uehATC8pl7vsIrjKW3Jc/B3IX49rB6yO7
Ykyq6sFnw2h1rinsWO/FyGq88tkdQiPYOYNO9Y4TX7B+75WyHYpXfVglkOqyb0xv
Oil6vVq+Pou9tTIuEWS1JPTEM/cUdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD0B
MwJ6EZHMrol6rf5D2t41IYfRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMjM3RkEzRUNCREQxMUVGOERBMkU0NzM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlDMA0GCSqGSIb3DQEBCwUA
A4IBAQAVkiYFZ54zimDG1HhAolUTPNpDzlnfUtv8NUkCVmkDcsk1XUXrMI6N8qeJ
UZBZpkMfQ9qUrHvfLlyPe048T20snG3/zfWmjKZhohxrQE1JTaA+l4yg2g2oxylz
PS8+JV1U+NLjw3BiJyGNPHYGVXtmYH9QMlyzTcjh/yebp07c28KTLdc3ZlmMF3+k
jnkz4LuxNqVwEfW1reXViDt5ahaAVQHKBU2XIHMthPqpKKwoaW6mZfvxptq1CsmB
bja9/zFSoZlthLrrxiFCv50HZePs/rk2fmjJLzeIfc9g2Wf8Dxvm8o8738VkVXGq
vSbmxTH20v+0NCFgbZdFFB38cehV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:05 2025 by rpki-client