Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25500AEECAD011EFB4D608BE762E951A.roa
File: 25500AEECAD011EFB4D608BE762E951A.roa (raw, json)
Hash identifier: t57HCZJibq3vd5MdPa2zcW4M8WPeS9QO8nV5Xo0mt90=
Subject key identifier: 31:48:BF:55:F9:11:AE:7C:C5:4F:A4:8A:94:F4:6B:C2:4E:79:9C:04
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F77A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25500AEECAD011EFB4D608BE762E951A.roa
Signing time: Sat 04 Jan 2025 19:14:40 +0000
ROA not before: Sun 05 Jan 2025 19:14:36 +0000
ROA not after: Sat 18 Jan 2025 19:14:36 +0000
asID: 142286
IP address blocks: 156.250.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63354 (0xf77a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 19:14:36 2025 GMT
Not After : Jan 18 19:14:36 2025 GMT
Subject: CN=677988a0-821b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4a:69:00:34:a3:26:f8:bf:38:75:1b:7b:cb:
f5:e1:b5:2d:2c:80:7f:c7:89:3f:a9:03:5d:bd:67:
ff:2b:fb:c4:1b:ef:1b:94:20:e2:d1:ef:01:5a:5f:
37:5c:c4:ba:67:21:81:fd:ea:df:b4:b1:b4:01:1b:
27:0d:3b:b0:a0:dd:c8:f1:63:d7:79:e9:0d:d6:c6:
d9:55:61:04:c6:27:d9:4e:bc:18:69:74:57:35:ac:
8b:e3:0f:2d:91:09:0b:85:49:99:a9:ac:c8:b8:2c:
ae:23:9a:8c:78:66:43:a0:fa:88:a8:12:1a:95:a5:
d8:c5:61:4f:25:80:1c:06:83:9c:f8:14:f1:e4:c5:
46:6e:b1:db:91:7c:07:d7:e3:b0:78:fb:11:d1:40:
fb:bc:46:d5:2c:9c:db:6d:7b:a2:b5:1c:45:44:73:
52:c1:a6:1f:1d:75:e6:15:28:5d:2c:97:57:1e:7a:
50:ed:1e:8d:c5:c8:88:14:3d:70:0b:4b:91:31:8a:
81:6b:d8:20:68:d1:12:e1:8d:d4:6c:b0:19:40:33:
54:a5:72:d3:27:98:a8:c0:3b:ff:69:11:4e:d0:10:
43:45:1b:26:9a:b2:87:55:9b:fe:b7:0a:33:c2:ea:
7b:53:9c:42:3d:30:f5:53:35:de:05:50:a3:14:2f:
ec:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:48:BF:55:F9:11:AE:7C:C5:4F:A4:8A:94:F4:6B:C2:4E:79:9C:04
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25500AEECAD011EFB4D608BE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.4.0/22
Signature Algorithm: sha256WithRSAEncryption
89:d4:6e:0f:09:5f:7d:3d:8a:f0:0d:c4:48:6f:33:72:0c:cd:
c1:cd:ca:43:06:80:ca:37:cf:c0:7b:00:e6:ce:4c:7b:20:20:
95:81:03:e7:3b:4d:04:81:15:c9:16:23:0e:79:fc:e1:23:be:
b2:58:52:4a:00:2c:9c:81:4d:a0:5a:95:74:4b:c2:5f:b4:07:
7d:92:22:40:cb:c8:1a:37:7b:6b:bd:f6:c9:a3:5c:5b:ac:56:
0d:f1:05:64:f3:eb:7e:92:8a:65:5a:aa:be:6d:82:c0:9a:fc:
38:35:7d:02:b1:ef:bc:7e:d9:3a:37:c6:ae:9f:88:45:b9:d7:
b4:a6:e6:17:d7:cc:bc:f1:aa:38:89:26:00:dc:9a:85:b4:bb:
d1:f4:8c:79:d4:11:62:72:a4:1f:34:95:85:2d:81:25:e0:2b:
ed:da:6a:cd:94:c5:00:68:f1:bd:e8:33:97:01:07:e9:bb:d8:
e9:06:1c:bc:a5:d7:d6:60:da:b4:16:cc:ef:82:58:a0:99:30:
44:55:ee:86:10:f8:4f:e9:96:13:25:aa:1d:88:f2:9c:5b:c8:
cf:22:bb:35:ad:38:62:cd:7b:6c:87:89:ec:65:e1:75:e3:2c:
b7:25:23:d8:55:fb:b9:35:11:29:87:0f:32:96:f4:e2:8d:51:
fb:a9:f8:59
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPd6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTkxNDM2WhcNMjUwMTE4MTkxNDM2WjAYMRYw
FAYDVQQDEw02Nzc5ODhhMC04MjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn0ppADSjJvi/OHUbe8v14bUtLIB/x4k/qQNdvWf/K/vEG+8blCDi0e8B
Wl83XMS6ZyGB/erftLG0ARsnDTuwoN3I8WPXeekN1sbZVWEExifZTrwYaXRXNayL
4w8tkQkLhUmZqazIuCyuI5qMeGZDoPqIqBIalaXYxWFPJYAcBoOc+BTx5MVGbrHb
kXwH1+OwePsR0UD7vEbVLJzbbXuitRxFRHNSwaYfHXXmFShdLJdXHnpQ7R6NxciI
FD1wC0uRMYqBa9ggaNES4Y3UbLAZQDNUpXLTJ5iowDv/aRFO0BBDRRsmmrKHVZv+
twozwup7U5xCPTD1UzXeBVCjFC/sqwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDFI
v1X5Ea58xU+kipT0a8JOeZwEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNTUwMEFFRUNBRDAxMUVGQjRENjA4QkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPoEMA0GCSqGSIb3DQEBCwUA
A4IBAQCJ1G4PCV99PYrwDcRIbzNyDM3BzcpDBoDKN8/AewDmzkx7ICCVgQPnO00E
gRXJFiMOefzhI76yWFJKACycgU2gWpV0S8JftAd9kiJAy8gaN3trvfbJo1xbrFYN
8QVk8+t+koplWqq+bYLAmvw4NX0Cse+8ftk6N8aun4hFude0puYX18y88ao4iSYA
3JqFtLvR9Ix51BFicqQfNJWFLYEl4Cvt2mrNlMUAaPG96DOXAQfpu9jpBhy8pdfW
YNq0FszvgligmTBEVe6GEPhP6ZYTJaodiPKcW8jPIrs1rThizXtsh4nsZeF14yy3
JSPYVfu5NREphw8ylvTijVH7qfhZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:11 2025 by rpki-client