Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/329B3FC0C99F11EF961244BE762E951A.roa
File: 329B3FC0C99F11EF961244BE762E951A.roa (raw, json)
Hash identifier: Dm4xCh46fAQSze6yYW0Y8Ixu/prqSAUn5ug8Q+tfGfI=
Subject key identifier: D9:C4:9E:BC:34:E8:BA:55:8F:2E:99:FC:ED:7A:41:D0:38:20:F4:FB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F65F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/329B3FC0C99F11EF961244BE762E951A.roa
Signing time: Fri 03 Jan 2025 06:51:46 +0000
ROA not before: Fri 03 Jan 2025 06:51:42 +0000
ROA not after: Sat 18 Jan 2025 06:51:42 +0000
asID: 54801
IP address blocks: 156.240.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63071 (0xf65f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 06:51:42 2025 GMT
Not After : Jan 18 06:51:42 2025 GMT
Subject: CN=67778902-e96e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:52:fb:12:34:b8:61:c5:2c:21:31:58:64:1b:
4a:d7:93:99:62:d5:ab:22:66:a0:03:91:33:e6:81:
a3:b7:09:67:98:99:2f:03:d6:b0:70:1c:11:22:10:
ee:77:1d:b5:93:a3:21:a8:3e:8b:d8:d3:0d:36:fe:
a9:0a:27:34:8e:fe:68:e7:4b:49:76:76:b2:35:8d:
f5:f2:e3:85:7a:76:2b:e6:76:73:f7:2a:4c:d4:45:
04:0d:cc:dc:e7:e7:c7:f7:0c:86:0a:24:61:86:01:
1c:b3:b2:53:88:6a:8c:9f:76:e6:29:25:58:a8:db:
95:94:e2:e4:d0:20:f6:c0:9c:b8:9f:c8:e5:d3:d8:
9c:ad:90:9a:7f:75:61:3d:ee:11:be:df:9a:ee:5f:
99:dc:c4:9a:58:e7:fa:0a:d6:cd:4d:d1:d5:2c:b3:
6f:b7:85:b9:84:f2:90:60:6c:92:9a:3f:fe:e9:28:
0c:42:22:63:4d:13:fe:f8:75:dd:49:c6:ba:cf:79:
d4:64:cd:0a:31:a2:87:b9:8b:d2:5d:c3:b6:33:7b:
6b:8c:fe:68:52:71:cb:95:c7:32:83:f2:48:e6:50:
7b:aa:09:42:17:2e:a2:ae:49:25:5b:67:cd:71:a9:
70:69:3e:ca:59:93:21:a1:41:ab:90:92:b8:43:19:
d8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C4:9E:BC:34:E8:BA:55:8F:2E:99:FC:ED:7A:41:D0:38:20:F4:FB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/329B3FC0C99F11EF961244BE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.48.0/21
Signature Algorithm: sha256WithRSAEncryption
16:5e:f0:5f:4f:b2:af:97:f0:b6:ef:05:b9:98:11:55:cf:51:
96:80:e4:95:72:5d:3b:57:6c:3e:e5:fb:f5:5d:78:d3:9c:10:
23:3b:ea:2e:0a:b5:6c:ae:da:6f:42:44:31:1e:64:ca:5d:e0:
20:f6:31:ff:9e:b6:9a:8a:2e:c3:20:64:29:49:41:e9:ed:60:
33:3f:54:4c:45:d1:59:36:62:8d:89:7a:b0:a0:31:26:9a:31:
22:83:b0:d7:16:8d:f8:d6:48:7c:8f:c6:dd:07:4a:d9:5b:0a:
15:48:fb:5e:7c:bb:9c:ac:3f:1d:2d:7b:d2:c6:e4:b1:55:09:
ce:ea:35:5d:07:4e:07:ec:03:be:b7:be:d6:bb:82:b9:5d:58:
1f:5d:f2:8d:1e:e0:00:18:ad:20:46:0a:69:38:6d:02:14:12:
00:2b:2c:14:c5:d2:25:0f:75:46:64:ba:cd:6a:b2:9c:35:5d:
27:92:4b:a3:d5:83:b7:ad:bb:4f:d4:23:94:34:fb:ed:d2:84:
a6:46:9e:c8:14:a7:53:b0:3b:73:75:4c:70:e4:09:1e:dd:31:
20:f4:fa:f5:3f:80:6d:20:76:8b:57:1a:cc:d7:6d:7a:fc:1c:
67:82:b3:4f:31:6d:25:00:b4:20:67:82:2e:cf:48:7a:44:8f:
2b:e0:c4:0a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPZfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDY1MTQyWhcNMjUwMTE4MDY1MTQyWjAYMRYw
FAYDVQQDEw02Nzc3ODkwMi1lOTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwFL7EjS4YcUsITFYZBtK15OZYtWrImagA5Ez5oGjtwlnmJkvA9awcBwR
IhDudx21k6MhqD6L2NMNNv6pCic0jv5o50tJdnayNY318uOFenYr5nZz9ypM1EUE
Dczc5+fH9wyGCiRhhgEcs7JTiGqMn3bmKSVYqNuVlOLk0CD2wJy4n8jl09icrZCa
f3VhPe4Rvt+a7l+Z3MSaWOf6CtbNTdHVLLNvt4W5hPKQYGySmj/+6SgMQiJjTRP+
+HXdSca6z3nUZM0KMaKHuYvSXcO2M3trjP5oUnHLlccyg/JI5lB7qglCFy6irkkl
W2fNcalwaT7KWZMhoUGrkJK4QxnY0QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNnE
nrw06LpVjy6Z/O16QdA4IPT7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMjlCM0ZDMEM5OUYxMUVGOTYxMjQ0QkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPAwMA0GCSqGSIb3DQEBCwUA
A4IBAQAWXvBfT7Kvl/C27wW5mBFVz1GWgOSVcl07V2w+5fv1XXjTnBAjO+ouCrVs
rtpvQkQxHmTKXeAg9jH/nraaii7DIGQpSUHp7WAzP1RMRdFZNmKNiXqwoDEmmjEi
g7DXFo341kh8j8bdB0rZWwoVSPtefLucrD8dLXvSxuSxVQnO6jVdB04H7AO+t77W
u4K5XVgfXfKNHuAAGK0gRgppOG0CFBIAKywUxdIlD3VGZLrNarKcNV0nkkuj1YO3
rbtP1COUNPvt0oSmRp7IFKdTsDtzdUxw5Ake3TEg9Pr1P4BtIHaLVxrM1216/Bxn
grNPMW0lALQgZ4Iuz0h6RI8r4MQK
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:31 2025 by rpki-client