Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37D349D2D01711EFB0FE6D60762E951A.roa
File: 37D349D2D01711EFB0FE6D60762E951A.roa (raw, json)
Hash identifier: AbXRWdnL2fccrmFZuqSmlIlMZD2iBydTrjgE4tarTrE=
Subject key identifier: 31:BD:7A:BC:76:BA:B8:BE:B1:80:04:0F:D9:88:BE:BB:65:17:20:E4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0105E4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37D349D2D01711EFB0FE6D60762E951A.roa
Signing time: Sat 11 Jan 2025 12:26:01 +0000
ROA not before: Sat 11 Jan 2025 12:25:57 +0000
ROA not after: Sat 25 Jan 2025 12:25:57 +0000
asID: 139646
IP address blocks: 156.240.32.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67044 (0x105e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 12:25:57 2025 GMT
Not After : Jan 25 12:25:57 2025 GMT
Subject: CN=67826359-ac64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e6:59:13:e9:a8:c1:36:e1:25:87:93:c5:e6:
c8:12:01:f7:91:0a:e5:66:ca:b3:f2:ed:40:fe:87:
ba:cd:aa:8b:53:52:40:a8:3d:0a:34:2c:d5:5f:60:
af:b8:23:d8:ec:be:b5:0f:32:1a:cc:e2:aa:66:3d:
d1:f6:04:1e:ff:73:6d:d0:c4:af:ad:1d:7e:83:f0:
6b:bb:fe:8c:17:c5:4e:dc:33:ca:f1:6b:e8:84:8a:
95:96:78:6d:5e:40:10:46:3a:1c:c1:ee:a1:4d:60:
96:ed:b1:a6:3f:3c:a5:8a:5f:b7:86:59:a3:bd:a7:
05:fb:80:12:82:ef:fc:63:0b:38:06:65:66:81:88:
6d:9f:78:e8:d3:f3:db:ef:65:ea:f2:a5:a7:90:3d:
ad:da:e7:0d:af:87:89:2d:9d:a5:86:81:5d:93:7e:
32:e8:92:a3:9e:23:77:e7:78:4f:39:b7:e6:26:c1:
0f:8b:e9:81:67:95:46:1d:5d:50:5c:f6:f1:5f:09:
3e:44:a5:e8:5f:4a:94:ff:13:f5:5d:3f:45:d7:eb:
a2:ec:93:fa:2c:20:44:3c:74:db:b9:ad:92:f2:5b:
f6:cf:d7:23:7d:d1:35:11:c6:72:df:4d:31:fc:be:
e0:07:5b:2f:66:b8:a8:86:d0:28:09:d9:b4:45:1e:
0c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:BD:7A:BC:76:BA:B8:BE:B1:80:04:0F:D9:88:BE:BB:65:17:20:E4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37D349D2D01711EFB0FE6D60762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.32.0/20
Signature Algorithm: sha256WithRSAEncryption
b3:4c:2c:83:51:2c:f7:bf:e6:ec:ae:41:0f:b4:85:6c:43:1c:
51:ba:48:7c:a0:11:23:00:23:fb:e5:ce:e3:ab:da:e8:c8:d6:
56:06:1d:a9:c1:2c:80:2a:9b:5d:26:9c:06:c2:f2:5e:13:bf:
d2:1d:9b:80:a7:81:18:c2:80:e3:28:42:1c:ec:d7:58:35:a6:
b2:db:02:5e:02:0c:bf:5d:e9:9f:17:8e:ad:59:8a:42:55:c8:
5c:af:ed:8b:60:f6:99:cd:54:ac:70:9c:19:aa:a5:7b:63:ce:
68:2a:ae:31:ab:57:53:bb:26:f6:c5:34:f5:8f:dc:4e:8a:c7:
e8:a4:11:62:87:b1:82:76:b8:3c:ce:19:9f:cb:97:b3:97:c2:
dd:86:29:5f:40:0e:3c:1a:2c:48:aa:42:8f:9c:c5:0f:3c:b1:
cb:1f:07:c4:62:b6:97:4d:f4:60:3a:d2:52:eb:38:ee:b2:87:
68:c1:bc:5a:f5:79:67:32:45:e3:95:66:0d:83:5e:09:4a:cb:
11:01:1e:f5:63:41:16:28:6a:a9:02:70:4c:82:02:57:45:f0:
8d:b7:4c:7a:8c:8f:46:fe:ab:cf:89:fa:e5:b7:3c:85:60:34:
0b:8d:e2:ca:b4:f4:72:3f:3a:a6:9a:b2:20:92:9a:a0:3f:71:
ae:07:aa:20
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQXkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTIyNTU3WhcNMjUwMTI1MTIyNTU3WjAYMRYw
FAYDVQQDEw02NzgyNjM1OS1hYzY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0eZZE+mowTbhJYeTxebIEgH3kQrlZsqz8u1A/oe6zaqLU1JAqD0KNCzV
X2CvuCPY7L61DzIazOKqZj3R9gQe/3Nt0MSvrR1+g/Bru/6MF8VO3DPK8WvohIqV
lnhtXkAQRjocwe6hTWCW7bGmPzylil+3hlmjvacF+4ASgu/8Yws4BmVmgYhtn3jo
0/Pb72Xq8qWnkD2t2ucNr4eJLZ2lhoFdk34y6JKjniN353hPObfmJsEPi+mBZ5VG
HV1QXPbxXwk+RKXoX0qU/xP1XT9F1+ui7JP6LCBEPHTbua2S8lv2z9cjfdE1EcZy
300x/L7gB1svZriohtAoCdm0RR4MfwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDG9
erx2uri+sYAED9mIvrtlFyDkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zN0QzNDlEMkQwMTcxMUVGQjBGRTZENjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPAgMA0GCSqGSIb3DQEBCwUA
A4IBAQCzTCyDUSz3v+bsrkEPtIVsQxxRukh8oBEjACP75c7jq9royNZWBh2pwSyA
KptdJpwGwvJeE7/SHZuAp4EYwoDjKEIc7NdYNaay2wJeAgy/XemfF46tWYpCVchc
r+2LYPaZzVSscJwZqqV7Y85oKq4xq1dTuyb2xTT1j9xOisfopBFih7GCdrg8zhmf
y5ezl8LdhilfQA48GixIqkKPnMUPPLHLHwfEYraXTfRgOtJS6zjusodowbxa9Xln
MkXjlWYNg14JSssRAR71Y0EWKGqpAnBMggJXRfCNt0x6jI9G/qvPifrltzyFYDQL
jeLKtPRyPzqmmrIgkpqgP3GuB6og
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:19 2025 by rpki-client