Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/316C2BF4CE9B11EF8F8B3F70762E951A.roa
File: 316C2BF4CE9B11EF8F8B3F70762E951A.roa (raw, json)
Hash identifier: ysibAvHQ0uF1Fz7CbWXDH/0RKL+dAk0xVP6ZGIA3/ys=
Subject key identifier: E0:C7:2E:1A:C8:D7:5B:20:57:4B:64:E9:1D:F8:79:4F:63:80:91:F5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01041C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/316C2BF4CE9B11EF8F8B3F70762E951A.roa
Signing time: Thu 09 Jan 2025 15:05:42 +0000
ROA not before: Thu 09 Jan 2025 15:05:38 +0000
ROA not after: Fri 24 Jan 2025 15:05:38 +0000
asID: 7018
IP address blocks: 156.238.120.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66588 (0x1041c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 15:05:38 2025 GMT
Not After : Jan 24 15:05:38 2025 GMT
Subject: CN=677fe5c5-f1ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b1:ef:02:76:70:f5:39:64:47:2f:ff:3f:8e:
93:54:f4:d6:71:48:ce:d3:ae:9d:01:17:2b:26:1a:
8b:6d:c1:14:ba:a9:cf:bd:b2:03:f1:b5:09:5e:bf:
a1:df:ca:e4:c4:8f:0f:f9:a4:4d:8b:a1:60:99:7f:
35:05:1b:ea:d2:21:f2:8a:5a:a2:ab:e4:85:02:10:
b7:fc:28:72:9d:6d:1a:3a:3a:00:3a:12:93:60:30:
fd:10:c1:2a:88:ff:72:84:e3:65:62:cb:d2:17:ad:
d7:63:d5:a4:e2:6a:ea:f1:db:45:1d:76:89:59:22:
17:b3:4a:80:89:06:11:7d:2f:83:0e:13:e7:a1:40:
82:18:2a:b8:6a:64:83:5a:ad:45:ec:95:94:1b:60:
02:68:b7:68:08:6d:16:e5:c9:85:7a:22:83:40:37:
06:32:5b:44:ed:ec:5b:2a:c1:49:7d:a9:fe:21:0d:
87:c2:bf:99:17:9c:28:fd:53:d0:0e:3b:37:c1:9b:
6c:1f:31:95:7e:2a:2a:12:c0:5e:5b:d8:f2:bd:ba:
d2:5f:3c:04:6b:c4:96:66:65:f9:ec:f8:3b:13:6b:
35:52:86:41:c1:98:86:0a:17:8f:72:06:9d:e7:79:
af:92:8d:d4:fc:b7:6c:ab:4d:88:61:14:bc:3c:56:
21:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C7:2E:1A:C8:D7:5B:20:57:4B:64:E9:1D:F8:79:4F:63:80:91:F5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/316C2BF4CE9B11EF8F8B3F70762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.120.0/23
Signature Algorithm: sha256WithRSAEncryption
23:f0:30:2c:5b:2c:f0:d0:06:6d:f6:2b:b4:b5:1e:17:10:78:
48:b1:58:7b:5c:12:c1:bf:a5:1e:43:02:10:bc:94:84:97:5b:
bc:f1:51:ba:74:be:4c:bc:14:87:49:55:e3:17:5d:fc:7a:c1:
47:6d:84:a8:2d:95:0a:4b:97:3b:70:7b:cd:10:78:c2:7c:86:
ea:07:0d:a7:ed:ba:4c:60:9a:58:92:7e:dd:1b:b7:30:42:c8:
17:48:06:8d:71:ce:d1:f1:9a:cc:eb:35:aa:22:a4:c3:90:f5:
ca:e3:ee:e1:0b:7f:b3:fd:86:48:27:69:d6:54:84:74:81:3a:
63:26:5c:5f:26:07:19:30:3e:78:79:f6:57:65:0c:0c:54:d1:
76:4c:e5:0a:f9:a0:10:83:77:cd:51:8e:24:88:00:d6:35:06:
1b:c6:dc:80:e0:3a:2a:a4:b1:4e:5f:4a:96:c3:24:5a:83:e0:
cb:aa:e0:b1:0c:77:49:75:c9:f5:cc:d4:4b:5b:66:93:30:dc:
be:7a:e0:f7:77:fd:10:94:c6:39:38:93:97:90:70:83:69:f5:
0c:18:17:c6:d5:a4:ac:0c:e7:a9:22:df:12:32:73:fb:9d:db:
5c:0f:af:37:55:e8:4f:8a:4d:d3:05:00:3f:53:30:ca:b3:b5:
bf:1c:bb:d3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQQcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTUwNTM4WhcNMjUwMTI0MTUwNTM4WjAYMRYw
FAYDVQQDEw02NzdmZTVjNS1mMWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3rHvAnZw9TlkRy//P46TVPTWcUjO066dARcrJhqLbcEUuqnPvbID8bUJ
Xr+h38rkxI8P+aRNi6FgmX81BRvq0iHyilqiq+SFAhC3/ChynW0aOjoAOhKTYDD9
EMEqiP9yhONlYsvSF63XY9Wk4mrq8dtFHXaJWSIXs0qAiQYRfS+DDhPnoUCCGCq4
amSDWq1F7JWUG2ACaLdoCG0W5cmFeiKDQDcGMltE7exbKsFJfan+IQ2Hwr+ZF5wo
/VPQDjs3wZtsHzGVfioqEsBeW9jyvbrSXzwEa8SWZmX57Pg7E2s1UoZBwZiGCheP
cgad53mvko3U/Ldsq02IYRS8PFYhdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFODH
LhrI11sgV0tk6R34eU9jgJH1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMTZDMkJGNENFOUIxMUVGOEY4QjNGNzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO54MA0GCSqGSIb3DQEBCwUA
A4IBAQAj8DAsWyzw0AZt9iu0tR4XEHhIsVh7XBLBv6UeQwIQvJSEl1u88VG6dL5M
vBSHSVXjF138esFHbYSoLZUKS5c7cHvNEHjCfIbqBw2n7bpMYJpYkn7dG7cwQsgX
SAaNcc7R8ZrM6zWqIqTDkPXK4+7hC3+z/YZIJ2nWVIR0gTpjJlxfJgcZMD54efZX
ZQwMVNF2TOUK+aAQg3fNUY4kiADWNQYbxtyA4DoqpLFOX0qWwyRag+DLquCxDHdJ
dcn1zNRLW2aTMNy+euD3d/0QlMY5OJOXkHCDafUMGBfG1aSsDOepIt8SMnP7ndtc
D683VehPik3TBQA/UzDKs7W/HLvT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:38 2025 by rpki-client