Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/30556C20CC2B11EF96EB745E762E951A.roa
File: 30556C20CC2B11EF96EB745E762E951A.roa (raw, json)
Hash identifier: R/fEecVpWciCZf5ZGjSgolvp94/z5kfVwDpLvyTkN+Y=
Subject key identifier: 87:AA:64:FA:13:5C:D1:AC:A4:2C:3E:19:44:74:B4:92:EA:D6:77:CF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F8EF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/30556C20CC2B11EF96EB745E762E951A.roa
Signing time: Mon 06 Jan 2025 12:38:54 +0000
ROA not before: Mon 06 Jan 2025 12:38:50 +0000
ROA not after: Sat 18 Jan 2025 12:38:50 +0000
asID: 212238
IP address blocks: 156.226.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63727 (0xf8ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 12:38:50 2025 GMT
Not After : Jan 18 12:38:50 2025 GMT
Subject: CN=677bcede-9a27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:16:e1:f6:4b:2a:9d:cf:14:aa:4a:39:ce:ce:
29:fc:8d:e6:b0:66:02:9c:b2:a1:6e:52:c9:17:ee:
03:9d:ce:30:c6:02:2b:5d:78:6f:5c:b1:38:ab:a3:
1a:43:13:7e:92:cd:39:dc:19:74:af:d9:c7:2e:e2:
7c:3b:f5:c1:b1:e2:c8:a7:cc:36:83:c5:8a:d1:9e:
95:72:03:74:e1:ba:87:73:05:06:f0:7f:c3:df:8f:
f0:1d:b4:02:8a:db:b7:06:83:0e:66:b8:82:77:1a:
f3:ef:cf:94:b5:6a:91:47:e4:53:d9:6f:a1:46:16:
9f:cb:db:20:f5:a3:99:53:c5:93:80:62:7b:bd:b2:
77:ab:7e:e1:59:7d:65:e4:ee:b9:3e:27:82:e4:06:
6b:67:d2:cd:95:dd:d8:df:ed:d6:bb:96:83:2f:1d:
1f:af:29:92:e7:55:5a:25:c0:92:12:c1:c7:5d:33:
b1:ec:b7:14:21:97:fe:bb:fe:9d:55:2c:d1:57:47:
8d:65:d7:b2:c7:cc:e5:b2:09:9b:fc:61:75:f4:eb:
70:a6:62:dd:97:e7:a1:3d:c7:fc:1f:2f:e4:20:8b:
d9:38:69:4c:eb:35:cc:b6:17:79:cf:90:72:f1:69:
38:8b:82:48:b6:7a:94:4c:11:49:db:6e:2a:19:3e:
c2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:AA:64:FA:13:5C:D1:AC:A4:2C:3E:19:44:74:B4:92:EA:D6:77:CF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/30556C20CC2B11EF96EB745E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.8.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:08:76:a6:f2:cc:1e:b1:9e:cd:ab:28:ce:e3:55:3d:e9:7e:
22:5b:63:3c:e7:62:f8:8b:0b:61:08:99:e1:90:64:a3:57:81:
f5:b1:79:a9:4f:95:ac:6d:db:2b:f4:37:d3:bd:54:1f:4a:6a:
a3:d9:03:a9:02:85:ac:53:fc:1d:b2:d5:30:36:80:2f:1b:01:
ee:ed:d2:7b:ab:6b:8e:c2:0a:fb:90:60:d1:75:9a:e7:ac:6e:
7e:7a:07:29:0d:9f:b7:84:b0:f2:ac:2b:09:f7:78:61:3d:00:
f1:24:83:17:54:86:a6:ed:d0:44:04:f1:ab:02:83:8f:11:65:
53:30:96:9b:2d:72:ba:3f:07:e3:4a:2c:4e:d1:e5:cf:ce:9a:
80:a7:66:1d:27:d4:16:1b:57:9b:93:71:36:9a:06:0e:c4:0d:
a7:26:15:cf:d8:2f:50:04:15:37:db:d1:65:72:89:98:5c:af:
17:b1:b6:db:cc:83:04:aa:b4:87:60:7c:67:9f:74:ec:7d:0b:
d1:ee:43:90:1e:bb:72:bd:63:8a:98:b5:12:4e:1b:63:32:19:
95:d5:02:f7:22:32:76:fe:0e:de:ae:76:40:8f:f3:04:1a:55:
55:fb:f6:c5:eb:61:fb:5d:04:28:bc:18:29:4c:6f:cf:cf:88:
32:21:96:f0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPjvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MTIzODUwWhcNMjUwMTE4MTIzODUwWjAYMRYw
FAYDVQQDEw02NzdiY2VkZS05YTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8xbh9ksqnc8Uqko5zs4p/I3msGYCnLKhblLJF+4Dnc4wxgIrXXhvXLE4
q6MaQxN+ks053Bl0r9nHLuJ8O/XBseLIp8w2g8WK0Z6VcgN04bqHcwUG8H/D34/w
HbQCitu3BoMOZriCdxrz78+UtWqRR+RT2W+hRhafy9sg9aOZU8WTgGJ7vbJ3q37h
WX1l5O65PieC5AZrZ9LNld3Y3+3Wu5aDLx0frymS51VaJcCSEsHHXTOx7LcUIZf+
u/6dVSzRV0eNZdeyx8zlsgmb/GF19OtwpmLdl+ehPcf8Hy/kIIvZOGlM6zXMthd5
z5By8Wk4i4JItnqUTBFJ224qGT7CMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIeq
ZPoTXNGspCw+GUR0tJLq1nfPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMDU1NkMyMENDMkIxMUVGOTZFQjc0NUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOIIMA0GCSqGSIb3DQEBCwUA
A4IBAQA+CHam8swesZ7NqyjO41U96X4iW2M852L4iwthCJnhkGSjV4H1sXmpT5Ws
bdsr9DfTvVQfSmqj2QOpAoWsU/wdstUwNoAvGwHu7dJ7q2uOwgr7kGDRdZrnrG5+
egcpDZ+3hLDyrCsJ93hhPQDxJIMXVIam7dBEBPGrAoOPEWVTMJabLXK6PwfjSixO
0eXPzpqAp2YdJ9QWG1ebk3E2mgYOxA2nJhXP2C9QBBU329FlcomYXK8XsbbbzIME
qrSHYHxnn3TsfQvR7kOQHrtyvWOKmLUSThtjMhmV1QL3IjJ2/g7ernZAj/MEGlVV
+/bF62H7XQQovBgpTG/Pz4gyIZbw
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:28 2025 by rpki-client