Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/31B4CFF6CEFC11EF8AE7525C762E951A.roa
File: 31B4CFF6CEFC11EF8AE7525C762E951A.roa (raw, json)
Hash identifier: 4tUR2Idef9+9CIhWjGCU+i//ZAZX2chkq3q5O7SIHXg=
Subject key identifier: D1:6D:C2:AD:45:96:D8:09:8B:12:87:29:F1:65:B6:CD:11:B7:D5:6C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0104B1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/31B4CFF6CEFC11EF8AE7525C762E951A.roa
Signing time: Fri 10 Jan 2025 02:40:03 +0000
ROA not before: Fri 10 Jan 2025 02:40:00 +0000
ROA not after: Mon 27 Jan 2025 02:40:00 +0000
asID: 152092
IP address blocks: 156.245.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66737 (0x104b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 02:40:00 2025 GMT
Not After : Jan 27 02:40:00 2025 GMT
Subject: CN=67808883-5289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0d:d1:5d:ba:71:d0:26:85:58:e1:46:6d:11:
b0:ed:62:db:3a:ea:75:45:fa:e3:85:64:78:72:d6:
a7:50:8d:88:90:8c:fe:cd:b7:4a:eb:76:dc:71:f3:
ca:eb:38:c7:30:a2:86:4b:d1:04:fb:3c:4f:f1:7d:
24:3a:be:b1:2a:8d:b0:8a:3c:b0:c6:bc:01:53:e9:
1e:f1:12:c0:58:09:1e:e6:bc:62:2a:0b:a7:eb:45:
a5:48:2b:cd:90:cd:9d:47:12:af:4a:cb:87:6b:88:
7b:52:b9:6a:e7:52:c4:95:93:41:6e:db:e0:6c:ef:
93:37:12:01:a8:e2:25:18:45:5e:04:4e:07:ba:67:
42:d0:b0:98:32:d1:01:a0:30:60:dd:72:3b:cb:2d:
56:be:84:e4:f5:7b:4f:98:f7:34:4c:c1:e9:c1:9d:
41:56:81:d2:0b:77:58:49:1c:a6:68:f5:bd:6c:8a:
a8:88:19:dd:d7:dc:47:ca:7d:d2:bc:e4:d1:55:20:
ab:8b:e4:b9:49:2b:23:8d:03:c7:5e:61:ec:00:03:
81:7a:0b:0a:d5:4f:47:7b:bc:5e:7e:93:f7:69:45:
f4:93:cb:7e:38:f8:e5:55:1b:bb:0d:50:28:64:36:
cc:ff:d6:92:45:c3:ab:d6:4b:11:c7:7a:57:c2:80:
1e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:6D:C2:AD:45:96:D8:09:8B:12:87:29:F1:65:B6:CD:11:B7:D5:6C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/31B4CFF6CEFC11EF8AE7525C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.209.0/24
Signature Algorithm: sha256WithRSAEncryption
99:f5:7f:f9:2d:c7:78:d4:c2:4c:2c:16:1c:b4:98:3d:3f:b9:
0d:27:85:da:31:4f:6f:0c:53:c6:76:b1:f3:58:b7:53:5a:79:
d3:6c:2d:30:76:16:17:f2:72:be:ff:9f:de:e8:9c:a3:b6:b5:
bb:b2:69:45:4d:f9:37:0d:77:59:fc:de:0d:08:5c:8e:27:dc:
d0:cb:e3:53:e2:4b:f8:35:15:78:5e:40:34:9f:00:c0:f9:e1:
bc:5f:cf:20:41:44:0f:98:b7:57:47:d6:4c:14:6f:85:8a:ad:
0b:3c:59:57:ad:c7:13:1f:37:0b:b6:b4:3c:f7:01:f0:2d:b0:
7c:45:e4:7b:2d:bf:d3:1d:44:64:2d:53:a4:28:77:7a:60:2e:
b2:bd:45:4d:1c:81:6d:b0:38:91:31:52:50:ea:a3:76:25:c0:
a5:d3:f0:70:0a:59:c1:85:0c:93:d2:ce:85:d9:5d:28:a5:2c:
ff:31:9b:57:64:a1:c0:75:00:74:ef:10:91:1a:13:56:d1:0b:
a3:1e:b6:6a:8a:13:e4:e7:59:55:ba:f9:22:6a:1a:84:50:05:
61:5c:c5:3f:d6:de:06:2e:a5:da:19:11:ba:01:27:52:fe:9c:
a6:03:b0:b9:36:b8:27:7c:eb:1c:34:c9:10:f9:e7:c3:5e:73:
8a:77:b9:38
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQSxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDI0MDAwWhcNMjUwMTI3MDI0MDAwWjAYMRYw
FAYDVQQDEw02NzgwODg4My01Mjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1g3RXbpx0CaFWOFGbRGw7WLbOup1RfrjhWR4ctanUI2IkIz+zbdK63bc
cfPK6zjHMKKGS9EE+zxP8X0kOr6xKo2wijywxrwBU+ke8RLAWAke5rxiKgun60Wl
SCvNkM2dRxKvSsuHa4h7Urlq51LElZNBbtvgbO+TNxIBqOIlGEVeBE4HumdC0LCY
MtEBoDBg3XI7yy1WvoTk9XtPmPc0TMHpwZ1BVoHSC3dYSRymaPW9bIqoiBnd19xH
yn3SvOTRVSCri+S5SSsjjQPHXmHsAAOBegsK1U9He7xefpP3aUX0k8t+OPjlVRu7
DVAoZDbM/9aSRcOr1ksRx3pXwoAezQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNFt
wq1FltgJixKHKfFlts0Rt9VsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMUI0Q0ZGNkNFRkMxMUVGOEFFNzUyNUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPXRMA0GCSqGSIb3DQEBCwUA
A4IBAQCZ9X/5Lcd41MJMLBYctJg9P7kNJ4XaMU9vDFPGdrHzWLdTWnnTbC0wdhYX
8nK+/5/e6JyjtrW7smlFTfk3DXdZ/N4NCFyOJ9zQy+NT4kv4NRV4XkA0nwDA+eG8
X88gQUQPmLdXR9ZMFG+Fiq0LPFlXrccTHzcLtrQ89wHwLbB8ReR7Lb/THURkLVOk
KHd6YC6yvUVNHIFtsDiRMVJQ6qN2JcCl0/BwClnBhQyT0s6F2V0opSz/MZtXZKHA
dQB07xCRGhNW0QujHrZqihPk51lVuvkiahqEUAVhXMU/1t4GLqXaGRG6ASdS/pym
A7C5NrgnfOscNMkQ+efDXnOKd7k4
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:13 2025 by rpki-client