Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32E7245ACE7A11EF9C0FA79E762E951A.roa
File: 32E7245ACE7A11EF9C0FA79E762E951A.roa (raw, json)
Hash identifier: aofl0ysrpw/CDqn0uqKzFB743eBDF0GByk4cKqZ6+M8=
Subject key identifier: BB:BB:F2:BE:E7:8F:14:84:1C:7C:F4:EF:19:32:ED:2F:1E:16:AE:58
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01033E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32E7245ACE7A11EF9C0FA79E762E951A.roa
Signing time: Thu 09 Jan 2025 11:09:31 +0000
ROA not before: Thu 09 Jan 2025 11:09:27 +0000
ROA not after: Wed 22 Jan 2025 11:09:27 +0000
asID: 7018
IP address blocks: 156.238.0.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66366 (0x1033e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 11:09:27 2025 GMT
Not After : Jan 22 11:09:27 2025 GMT
Subject: CN=677fae6b-4f77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:25:75:af:74:8c:29:98:0a:aa:1b:55:0e:4d:
48:49:1d:96:a6:a4:10:f6:bb:4e:ea:22:d4:c9:1c:
ff:97:a5:53:fe:bf:ce:40:30:46:3c:f5:b4:2e:4d:
a9:0f:a3:aa:0c:a4:33:68:22:cf:9b:d5:20:b3:bc:
dc:4f:12:d8:38:fc:cd:26:27:11:7e:47:93:28:30:
df:71:7c:24:ec:85:1b:b3:ba:a3:1a:d3:fc:77:0c:
b9:fd:f9:b6:d5:76:7b:7e:15:d9:8e:72:ee:5b:eb:
f5:6d:8c:58:a5:8b:df:66:3c:18:92:e2:81:55:ff:
74:ca:35:1a:60:86:26:03:e4:bf:4d:0b:fc:7d:75:
cb:07:e3:8e:aa:db:ad:98:c0:9b:a2:b1:8f:3e:e5:
f3:1c:eb:9c:74:df:75:fd:c4:38:53:55:af:38:dd:
2e:2c:26:50:43:2d:98:bf:bb:93:e6:83:f2:44:0b:
b9:8d:2d:41:7a:97:2e:f3:f3:ab:27:d0:3e:f8:eb:
58:f0:0b:30:61:9f:92:15:f2:38:3e:02:91:d7:2c:
e8:e2:53:44:d1:c7:55:1f:e3:05:a6:25:7c:e4:75:
25:07:fe:20:c3:2c:22:f2:ab:6c:27:c2:c8:f7:39:
77:9d:23:b6:3d:d4:d9:da:e8:60:19:25:6c:8d:d4:
06:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:BB:F2:BE:E7:8F:14:84:1C:7C:F4:EF:19:32:ED:2F:1E:16:AE:58
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32E7245ACE7A11EF9C0FA79E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.0.0/23
Signature Algorithm: sha256WithRSAEncryption
29:b3:52:54:df:55:52:62:b7:93:e7:bb:8c:a9:cd:f5:78:e4:
9d:ea:01:d2:a0:78:4a:59:d2:99:ae:32:01:fb:02:51:5a:07:
03:fb:9b:8f:5a:f1:55:37:f5:31:33:f1:db:f1:15:ee:82:df:
f1:5e:f9:31:ec:be:a6:51:f1:47:c9:12:f9:99:c9:4d:c0:a7:
c2:bb:18:65:d1:e8:a2:43:01:a4:4d:95:8f:3f:ef:80:16:83:
5d:2a:a6:35:91:26:f4:94:e4:8a:3c:12:cb:48:3f:f7:70:5c:
32:69:45:7e:34:60:36:20:45:8c:e3:ed:76:da:fa:b4:77:07:
40:18:36:0c:4f:e8:d4:7d:7c:ca:42:b0:00:4d:d2:28:9b:a5:
b4:13:37:5e:43:6a:9f:66:99:35:c2:ec:a0:58:66:69:9c:1c:
6e:58:55:45:ff:67:16:ff:7f:c9:c7:a0:a5:f0:b4:86:dc:73:
c0:21:cb:bb:5f:b0:6d:5a:b9:5b:60:c5:10:b2:33:0e:b4:fc:
20:6a:53:e2:85:6a:5d:06:a8:e9:35:2a:2b:f4:2c:33:2e:3d:
f6:b6:66:f7:f0:4a:ae:cf:59:69:05:88:69:1a:2b:f9:6f:5f:
a4:7e:43:0b:e9:71:5a:18:ea:1f:e8:b0:bd:f7:9c:15:57:39:
8f:0a:82:d9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQM+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTEwOTI3WhcNMjUwMTIyMTEwOTI3WjAYMRYw
FAYDVQQDEw02NzdmYWU2Yi00Zjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlyV1r3SMKZgKqhtVDk1ISR2WpqQQ9rtO6iLUyRz/l6VT/r/OQDBGPPW0
Lk2pD6OqDKQzaCLPm9Ugs7zcTxLYOPzNJicRfkeTKDDfcXwk7IUbs7qjGtP8dwy5
/fm21XZ7fhXZjnLuW+v1bYxYpYvfZjwYkuKBVf90yjUaYIYmA+S/TQv8fXXLB+OO
qtutmMCborGPPuXzHOucdN91/cQ4U1WvON0uLCZQQy2Yv7uT5oPyRAu5jS1Bepcu
8/OrJ9A++OtY8AswYZ+SFfI4PgKR1yzo4lNE0cdVH+MFpiV85HUlB/4gwywi8qts
J8LI9zl3nSO2PdTZ2uhgGSVsjdQGaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLu7
8r7njxSEHHz07xky7S8eFq5YMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMkU3MjQ1QUNFN0ExMUVGOUMwRkE3OUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO4AMA0GCSqGSIb3DQEBCwUA
A4IBAQAps1JU31VSYreT57uMqc31eOSd6gHSoHhKWdKZrjIB+wJRWgcD+5uPWvFV
N/UxM/Hb8RXugt/xXvkx7L6mUfFHyRL5mclNwKfCuxhl0eiiQwGkTZWPP++AFoNd
KqY1kSb0lOSKPBLLSD/3cFwyaUV+NGA2IEWM4+122vq0dwdAGDYMT+jUfXzKQrAA
TdIom6W0EzdeQ2qfZpk1wuygWGZpnBxuWFVF/2cW/3/Jx6Cl8LSG3HPAIcu7X7Bt
WrlbYMUQsjMOtPwgalPihWpdBqjpNSor9CwzLj32tmb38Equz1lpBYhpGiv5b1+k
fkML6XFaGOof6LC995wVVzmPCoLZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:07 2025 by rpki-client