Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F1F7CF6D01D11EFAAF4EA84762E951A.roa
File: 2F1F7CF6D01D11EFAAF4EA84762E951A.roa (raw, json)
Hash identifier: WfE6GfXKHiWIFg3gUrBWOTHBZeJRuGOzxkkUxWftZUY=
Subject key identifier: 9A:B2:37:3C:C8:B5:C9:D3:D0:06:C1:DD:53:F3:30:E1:E0:06:43:EE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010600
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F1F7CF6D01D11EFAAF4EA84762E951A.roa
Signing time: Sat 11 Jan 2025 13:08:43 +0000
ROA not before: Sat 11 Jan 2025 13:08:40 +0000
ROA not after: Sat 25 Jan 2025 13:08:40 +0000
asID: 141883
IP address blocks: 156.242.10.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67072 (0x10600)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 13:08:40 2025 GMT
Not After : Jan 25 13:08:40 2025 GMT
Subject: CN=67826d5b-0c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:df:d6:21:fa:c1:11:c0:7b:d6:25:ec:95:ee:
e3:86:5b:09:1c:53:72:79:c3:cb:eb:ba:7a:b5:4d:
4d:ac:46:03:4b:9c:41:a0:50:58:6e:f6:1f:4d:3b:
ae:b4:21:e7:b9:23:94:66:f7:b5:ba:8e:d4:9a:27:
57:f2:e4:25:65:4d:db:73:15:2c:36:6a:da:a6:33:
32:2e:95:89:9b:77:77:44:23:d8:3c:a8:b3:8c:3e:
bc:15:b3:17:5a:6e:73:db:a8:cf:96:0c:cd:fb:b0:
e5:e7:67:78:58:c0:5e:c0:5e:78:7a:26:3f:25:62:
f9:ed:cf:8b:ae:ed:5e:72:a1:68:5c:3e:a0:6c:b0:
c4:41:68:89:0c:17:80:ac:c1:5f:38:97:d2:5c:9a:
f8:e8:17:ab:90:3d:bb:b1:41:11:01:33:ca:dc:63:
37:0d:07:69:04:44:9d:ad:72:e5:5a:3e:31:17:b3:
40:a3:83:38:e2:27:58:78:89:5b:ef:7e:b8:18:d4:
36:db:5d:ba:68:a4:66:5f:07:38:4b:cc:dd:df:2b:
cc:68:92:a4:7e:f9:c9:96:58:41:cd:8a:f5:b7:ee:
e2:90:7f:29:1f:1b:98:41:73:3b:54:8a:48:b1:fe:
f9:f8:10:c2:0f:42:b7:4c:c3:80:8a:03:3f:2d:43:
54:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B2:37:3C:C8:B5:C9:D3:D0:06:C1:DD:53:F3:30:E1:E0:06:43:EE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F1F7CF6D01D11EFAAF4EA84762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.10.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:0a:46:b6:67:e0:13:14:39:38:0d:f0:98:7d:85:fd:a1:8b:
44:52:36:ae:96:bb:49:50:44:27:75:94:2e:be:76:74:31:44:
0e:55:b5:92:27:84:a6:c1:17:cf:d7:4f:f0:ac:21:59:d0:90:
18:04:23:61:a9:08:f3:29:f1:35:65:c9:a9:52:c9:7a:4b:2d:
1d:04:ea:d3:5a:d7:22:38:34:f4:5c:ac:a9:fe:57:eb:bf:68:
39:15:00:03:ca:66:9d:c4:6c:24:59:dc:1b:fa:37:70:d6:89:
4a:2d:bf:3e:55:6c:62:c5:4c:5e:cb:ca:3c:74:f4:a2:08:4d:
a5:93:75:84:80:43:e0:a2:94:60:f7:73:dc:88:ba:b3:9b:50:
f2:f5:28:13:12:52:89:26:2b:61:f6:fe:29:75:cd:63:d8:c0:
c1:50:f4:50:39:b1:b7:e4:b9:0a:2e:ad:0b:c7:9e:19:c3:ec:
57:ab:1a:35:81:36:ec:aa:27:de:e4:49:69:8b:41:0f:ed:e1:
5c:b3:5b:f3:e2:37:64:74:40:a9:b4:12:a3:f8:9c:4f:28:9b:
c5:02:83:b0:a6:bd:41:e9:15:ba:03:14:2c:78:58:0f:f7:0b:
dd:2c:86:8e:1e:d7:d3:ec:f3:6e:ff:88:bc:2d:66:d9:ad:d7:
bd:c6:5f:5e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQYAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTMwODQwWhcNMjUwMTI1MTMwODQwWjAYMRYw
FAYDVQQDEw02NzgyNmQ1Yi0wYzY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsd/WIfrBEcB71iXsle7jhlsJHFNyecPL67p6tU1NrEYDS5xBoFBYbvYf
TTuutCHnuSOUZve1uo7UmidX8uQlZU3bcxUsNmrapjMyLpWJm3d3RCPYPKizjD68
FbMXWm5z26jPlgzN+7Dl52d4WMBewF54eiY/JWL57c+Lru1ecqFoXD6gbLDEQWiJ
DBeArMFfOJfSXJr46BerkD27sUERATPK3GM3DQdpBESdrXLlWj4xF7NAo4M44idY
eIlb7364GNQ22126aKRmXwc4S8zd3yvMaJKkfvnJllhBzYr1t+7ikH8pHxuYQXM7
VIpIsf75+BDCD0K3TMOAigM/LUNU6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJqy
NzzItcnT0AbB3VPzMOHgBkPuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRjFGN0NGNkQwMUQxMUVGQUFGNEVBODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPIKMA0GCSqGSIb3DQEBCwUA
A4IBAQBaCka2Z+ATFDk4DfCYfYX9oYtEUjaulrtJUEQndZQuvnZ0MUQOVbWSJ4Sm
wRfP10/wrCFZ0JAYBCNhqQjzKfE1ZcmpUsl6Sy0dBOrTWtciODT0XKyp/lfrv2g5
FQADymadxGwkWdwb+jdw1olKLb8+VWxixUxey8o8dPSiCE2lk3WEgEPgopRg93Pc
iLqzm1Dy9SgTElKJJith9v4pdc1j2MDBUPRQObG35LkKLq0Lx54Zw+xXqxo1gTbs
qife5Elpi0EP7eFcs1vz4jdkdECptBKj+JxPKJvFAoOwpr1B6RW6AxQseFgP9wvd
LIaOHtfT7PNu/4i8LWbZrde9xl9e
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:29 2025 by rpki-client