Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CF8D7EAD01011EF83EEF7B3762E951A.roa
File: 2CF8D7EAD01011EF83EEF7B3762E951A.roa (raw, json)
Hash identifier: itkogvJT0KGRc5YvH3q+nd8Zx/F6rKBgSEDUSw23tUk=
Subject key identifier: E1:DA:DE:B8:5F:07:30:71:58:29:F8:70:D6:B1:66:F9:E1:82:37:F7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0105DE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CF8D7EAD01011EF83EEF7B3762E951A.roa
Signing time: Sat 11 Jan 2025 11:35:37 +0000
ROA not before: Sat 11 Jan 2025 11:35:20 +0000
ROA not after: Sat 25 Jan 2025 11:35:20 +0000
asID: 141883
IP address blocks: 156.255.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67038 (0x105de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 11:35:20 2025 GMT
Not After : Jan 25 11:35:20 2025 GMT
Subject: CN=67825789-118a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:ea:ba:f8:43:e4:a5:66:01:b2:32:38:06:10:
a2:9d:45:16:d7:ce:95:5c:24:4e:66:5b:68:31:cb:
aa:9b:e6:03:9b:87:99:0e:6f:65:d0:c4:86:58:59:
e1:e4:1e:95:fb:70:bb:bd:90:55:35:e6:37:30:5e:
03:06:1a:32:49:ef:5d:26:a8:46:51:92:b8:b2:77:
fa:98:23:65:fd:f2:8c:26:45:f1:cf:0f:02:f2:cf:
52:58:2c:62:f3:ac:74:6c:96:55:1d:68:28:26:bc:
95:37:af:88:db:5f:a4:7b:06:8d:60:02:4f:dd:da:
d2:c0:e2:56:2d:1a:cf:8c:8f:04:e5:cc:b7:8d:88:
c3:34:02:d9:13:50:8e:fd:f3:79:29:d9:b8:91:8a:
78:57:53:99:e0:54:78:43:0d:7c:f6:68:76:7e:b0:
4f:f8:9c:41:fa:72:47:46:93:2f:36:1c:51:0d:c6:
c3:ac:72:1a:52:28:24:1c:44:50:55:56:61:57:dd:
8a:65:9e:85:9c:52:d3:a2:7c:82:f2:97:37:fb:97:
83:77:8b:09:c3:c0:03:a9:ea:8e:e8:b8:c4:e1:e1:
4a:00:56:ba:b1:45:d1:c0:0d:fe:90:6e:31:63:ee:
6a:dd:d3:35:d3:0b:e3:83:c0:b1:34:38:3c:0c:ae:
53:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:DA:DE:B8:5F:07:30:71:58:29:F8:70:D6:B1:66:F9:E1:82:37:F7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2CF8D7EAD01011EF83EEF7B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.0.0/24
Signature Algorithm: sha256WithRSAEncryption
83:bb:a0:62:ad:75:a5:09:a2:01:3b:be:7f:64:1b:88:6a:b4:
ac:bb:63:14:58:1b:af:9b:41:b1:62:36:c7:eb:d8:21:9a:b7:
54:6d:fc:54:9a:28:50:0f:5b:f5:ed:8e:2f:0f:c6:aa:cf:5e:
d4:f6:8a:cf:b9:54:64:3a:e8:09:ed:2a:61:be:d3:9d:fa:c3:
4a:a1:c3:7d:59:48:07:f2:bd:02:6f:47:1f:8d:7f:5a:35:03:
0f:d5:cf:53:c9:45:4c:3b:a2:22:d7:36:f5:f7:67:91:61:ca:
e6:3b:22:09:23:63:42:48:15:7b:a9:23:89:e8:e0:b0:ab:3d:
2a:70:ad:81:e0:89:0b:58:13:80:bb:24:86:46:74:7d:9e:c7:
6e:5a:5c:bd:71:78:0c:5e:03:a1:f0:e1:ad:66:8e:85:a1:48:
b6:46:7f:9a:20:23:8f:4d:96:9e:2b:84:ca:09:4e:ab:a2:28:
8d:5f:80:b8:b5:e2:4b:d7:a8:fd:90:0b:9c:ae:6e:db:14:57:
13:17:10:41:44:40:5c:54:b5:7c:0f:98:b5:b0:cf:4c:2f:fc:
8e:6b:53:a1:b8:6e:94:f9:a6:d7:4e:0f:d8:87:c0:70:67:49:
f4:e9:21:88:f7:ac:60:26:51:d7:20:39:9c:48:0e:63:ff:fc:
24:23:f7:98
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQXeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTEzNTIwWhcNMjUwMTI1MTEzNTIwWjAYMRYw
FAYDVQQDEw02NzgyNTc4OS0xMThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7+q6+EPkpWYBsjI4BhCinUUW186VXCROZltoMcuqm+YDm4eZDm9l0MSG
WFnh5B6V+3C7vZBVNeY3MF4DBhoySe9dJqhGUZK4snf6mCNl/fKMJkXxzw8C8s9S
WCxi86x0bJZVHWgoJryVN6+I21+kewaNYAJP3drSwOJWLRrPjI8E5cy3jYjDNALZ
E1CO/fN5Kdm4kYp4V1OZ4FR4Qw189mh2frBP+JxB+nJHRpMvNhxRDcbDrHIaUigk
HERQVVZhV92KZZ6FnFLTonyC8pc3+5eDd4sJw8ADqeqO6LjE4eFKAFa6sUXRwA3+
kG4xY+5q3dM10wvjg8CxNDg8DK5TGQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOHa
3rhfBzBxWCn4cNaxZvnhgjf3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQ0Y4RDdFQUQwMTAxMUVGODNFRUY3QjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8AMA0GCSqGSIb3DQEBCwUA
A4IBAQCDu6BirXWlCaIBO75/ZBuIarSsu2MUWBuvm0GxYjbH69ghmrdUbfxUmihQ
D1v17Y4vD8aqz17U9orPuVRkOugJ7SphvtOd+sNKocN9WUgH8r0Cb0cfjX9aNQMP
1c9TyUVMO6Ii1zb192eRYcrmOyIJI2NCSBV7qSOJ6OCwqz0qcK2B4IkLWBOAuySG
RnR9nsduWly9cXgMXgOh8OGtZo6FoUi2Rn+aICOPTZaeK4TKCU6roiiNX4C4teJL
16j9kAucrm7bFFcTFxBBREBcVLV8D5i1sM9ML/yOa1OhuG6U+abXTg/Yh8BwZ0n0
6SGI96xgJlHXIDmcSA5j//wkI/eY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:05 2025 by rpki-client