Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/314A4AE2D25211EFB58FA074762E951A.roa
File: 314A4AE2D25211EFB58FA074762E951A.roa (raw, json)
Hash identifier: ewFSDLdmuuK9H6LwswBMxpm+qLRUn+ZOMz50hlOGMUw=
Subject key identifier: 1E:7A:C7:13:D4:FB:57:8B:A0:7E:48:C8:2D:A5:1E:20:5B:C6:40:4A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010700
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/314A4AE2D25211EFB58FA074762E951A.roa
Signing time: Tue 14 Jan 2025 08:33:13 +0000
ROA not before: Tue 14 Jan 2025 08:33:09 +0000
ROA not after: Wed 22 Jan 2025 08:33:09 +0000
asID: 40065
IP address blocks: 156.229.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67328 (0x10700)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 08:33:09 2025 GMT
Not After : Jan 22 08:33:09 2025 GMT
Subject: CN=67862149-26a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:35:76:6d:db:b4:0e:fe:72:5d:3a:8b:d1:17:
c9:81:26:a9:01:d2:ed:10:ad:35:f4:e0:92:11:0a:
cf:7c:60:90:78:40:43:dc:8d:d3:3e:1d:7e:ed:d6:
e9:a1:b6:d1:91:4e:d5:18:1f:0a:88:d6:ba:f6:96:
e7:71:5f:73:fb:58:ba:03:bc:45:a0:0c:d6:85:25:
86:b1:28:4d:47:9f:49:45:83:11:49:64:1c:5e:c2:
68:55:59:f4:dd:60:cb:ff:6a:17:c9:ba:88:25:02:
1e:48:5a:0e:39:a0:f8:a0:d3:04:4d:c4:8f:e3:a8:
57:a3:69:36:34:48:00:df:75:50:40:5b:f0:31:c5:
42:fd:3b:0d:e1:71:b4:9b:3b:a3:1a:60:28:af:29:
f7:97:41:31:35:c9:33:c3:84:fa:2d:36:58:0e:93:
b9:c7:f6:8d:2f:84:e8:a6:0a:7b:2f:88:ab:d3:5c:
1c:a0:1c:23:c2:a1:5a:38:b3:60:8d:4f:cd:1a:c3:
a9:25:1a:9f:b2:95:e2:57:d7:48:8f:20:65:0c:d2:
64:9b:cb:e7:3c:b0:58:f8:a6:93:cc:81:a7:0c:4f:
b7:d8:58:c6:6d:fe:20:b7:95:19:40:cc:65:df:75:
dc:6c:19:0f:f7:da:ff:c2:ae:17:3a:cc:a6:80:5e:
ce:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:7A:C7:13:D4:FB:57:8B:A0:7E:48:C8:2D:A5:1E:20:5B:C6:40:4A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/314A4AE2D25211EFB58FA074762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.8.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:41:cb:3e:84:ec:b0:c6:41:7d:eb:1c:4c:d3:71:4d:34:85:
79:d8:a2:36:f9:22:80:39:bf:96:07:f5:ef:f5:9e:d0:cc:07:
88:6b:3a:ef:e8:24:f8:fb:5e:73:b0:f8:12:66:02:06:f0:4a:
f7:24:9a:02:31:a5:e6:e9:6e:7b:3c:46:dd:3b:81:ed:00:af:
e5:86:cd:13:ff:fb:62:62:d6:3e:36:66:24:23:58:23:58:77:
4e:f9:ad:ee:db:ec:bf:a0:74:c3:f2:f3:20:88:57:a4:62:24:
16:32:61:84:0a:88:81:6d:bd:8b:fe:d8:c2:ad:38:0e:9d:ca:
a3:95:d8:0a:64:d3:ac:9a:b1:44:e7:ba:b0:73:51:be:f9:49:
b9:18:08:f7:b5:97:3c:08:8e:c4:84:61:71:2c:c5:9f:30:71:
bf:a2:b5:c3:f9:73:3a:df:c0:54:30:f6:93:0a:68:ad:13:fb:
88:d0:23:f6:2f:79:2d:da:b2:a5:cc:1d:fc:23:2c:96:43:01:
e0:71:99:39:8e:ac:07:ca:04:f7:ef:74:f6:aa:75:80:85:21:
e1:61:f0:b6:f9:9c:86:1d:0e:63:bb:94:fe:a4:d3:dc:ca:db:
74:0c:58:46:cf:f6:02:13:79:df:a9:b7:bd:56:76:ba:d7:58:
9c:f4:76:af
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQcAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDgzMzA5WhcNMjUwMTIyMDgzMzA5WjAYMRYw
FAYDVQQDEw02Nzg2MjE0OS0yNmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuTV2bdu0Dv5yXTqL0RfJgSapAdLtEK019OCSEQrPfGCQeEBD3I3TPh1+
7dbpobbRkU7VGB8KiNa69pbncV9z+1i6A7xFoAzWhSWGsShNR59JRYMRSWQcXsJo
VVn03WDL/2oXybqIJQIeSFoOOaD4oNMETcSP46hXo2k2NEgA33VQQFvwMcVC/TsN
4XG0mzujGmAoryn3l0ExNckzw4T6LTZYDpO5x/aNL4Topgp7L4ir01wcoBwjwqFa
OLNgjU/NGsOpJRqfspXiV9dIjyBlDNJkm8vnPLBY+KaTzIGnDE+32FjGbf4gt5UZ
QMxl33XcbBkP99r/wq4XOsymgF7OvwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB56
xxPU+1eLoH5IyC2lHiBbxkBKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMTRBNEFFMkQyNTIxMUVGQjU4RkEwNzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOUIMA0GCSqGSIb3DQEBCwUA
A4IBAQBuQcs+hOywxkF96xxM03FNNIV52KI2+SKAOb+WB/Xv9Z7QzAeIazrv6CT4
+15zsPgSZgIG8Er3JJoCMaXm6W57PEbdO4HtAK/lhs0T//tiYtY+NmYkI1gjWHdO
+a3u2+y/oHTD8vMgiFekYiQWMmGECoiBbb2L/tjCrTgOncqjldgKZNOsmrFE57qw
c1G++Um5GAj3tZc8CI7EhGFxLMWfMHG/orXD+XM638BUMPaTCmitE/uI0CP2L3kt
2rKlzB38IyyWQwHgcZk5jqwHygT373T2qnWAhSHhYfC2+ZyGHQ5ju5T+pNPcytt0
DFhGz/YCE3nfqbe9Vna611ic9Hav
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:39 2025 by rpki-client