Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C3C3C46CCDD11EFA3C6954F762E951A.roa
File: 3C3C3C46CCDD11EFA3C6954F762E951A.roa (raw, json)
Hash identifier: SJzMqUXyE+rwSvJk3cLzsOvKBpfg1b6mmjDqZJscXu8=
Subject key identifier: 09:76:F1:54:F2:B1:97:CE:69:90:40:9F:53:13:A5:C1:6C:08:21:1F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB7B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C3C3C46CCDD11EFA3C6954F762E951A.roa
Signing time: Tue 07 Jan 2025 09:53:24 +0000
ROA not before: Tue 07 Jan 2025 09:53:21 +0000
ROA not after: Sat 18 Jan 2025 09:53:21 +0000
asID: 152092
IP address blocks: 156.245.200.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64379 (0xfb7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:53:21 2025 GMT
Not After : Jan 18 09:53:21 2025 GMT
Subject: CN=677cf994-106c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c4:e8:69:dd:81:02:3d:c6:d2:c5:eb:cf:49:
7f:64:7b:be:ed:b9:0c:fb:c5:14:2d:d6:64:04:12:
67:41:3b:6c:e0:9f:19:ed:79:a5:c1:30:32:e0:f8:
4e:a5:55:6c:4d:c4:d3:3c:7f:8d:ef:b7:0f:7b:42:
f5:19:cb:0b:5e:62:e7:31:03:a4:c4:28:18:e6:d3:
a2:2d:51:bb:e3:bc:4f:e5:81:03:c9:c6:62:72:98:
7c:a8:97:82:0e:5b:dc:04:4d:b4:3a:bc:6e:75:d4:
17:00:ac:f8:44:fd:2d:fe:11:fd:2f:ad:55:af:34:
58:96:e4:37:74:7f:d5:24:c8:45:f7:cc:c5:5b:de:
ee:9a:1f:8e:29:a3:64:1b:cc:dd:9f:f6:c7:f3:0f:
9d:d7:36:8a:dc:93:f4:3d:50:6b:47:2d:23:2d:5a:
96:96:b9:0f:a3:24:9c:5d:0c:dd:68:9d:27:db:58:
4c:c2:53:f1:44:81:49:04:c1:be:f4:53:c5:bc:15:
a0:d3:16:b6:86:22:56:3e:1b:5c:61:7a:08:0e:38:
ef:e1:6c:34:08:56:97:68:2f:05:7b:5e:cd:4c:cc:
13:d8:98:5e:86:65:13:73:11:7d:28:5b:3f:26:1e:
f1:bd:b1:16:19:a6:bc:b5:f3:04:5c:a7:f3:01:1d:
74:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:76:F1:54:F2:B1:97:CE:69:90:40:9F:53:13:A5:C1:6C:08:21:1F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C3C3C46CCDD11EFA3C6954F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.200.0/22
Signature Algorithm: sha256WithRSAEncryption
09:5e:f2:39:29:12:7e:e3:e5:69:39:57:2a:63:24:0d:f3:dd:
5a:cb:2c:dd:02:57:39:4f:33:08:47:82:ef:3a:2d:3a:0e:3f:
1d:38:e3:fe:f9:7f:e1:f0:6c:9f:e8:04:ad:de:34:73:cb:8c:
5d:24:25:90:54:42:18:f0:16:18:19:c7:6f:9c:92:f7:1a:ef:
2e:2b:11:30:9f:cc:41:89:dd:71:bf:a0:04:e7:53:88:ce:d7:
e3:f9:43:11:08:88:fa:0b:a2:68:91:5e:10:75:0d:e9:20:d3:
99:1f:af:64:47:08:6b:b3:88:66:57:f0:6a:fd:07:3a:63:e1:
1d:e4:2e:4a:b2:1b:ed:0d:c3:bb:e3:d3:ee:29:46:e9:d3:c1:
9a:a6:f5:b0:f2:e4:bb:e2:84:a9:05:da:7c:77:45:3b:22:ef:
ab:cf:f4:4f:02:46:98:14:45:8e:26:9c:7c:0f:76:f9:9b:e0:
e6:31:c0:67:a5:1d:6d:f9:cd:7c:f9:44:96:82:2f:91:61:5b:
a0:e5:e9:a1:da:91:d2:4f:6d:d0:87:c4:f8:f1:ea:4a:1e:62:
e9:68:02:d4:cf:22:93:4a:c1:33:24:0d:7c:05:37:48:e9:9c:
14:98:11:39:dc:f8:9b:85:e5:c7:5f:eb:be:3a:d8:0c:c9:f7:
2f:33:61:46
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPt7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDk1MzIxWhcNMjUwMTE4MDk1MzIxWjAYMRYw
FAYDVQQDEw02NzdjZjk5NC0xMDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAksToad2BAj3G0sXrz0l/ZHu+7bkM+8UULdZkBBJnQTts4J8Z7XmlwTAy
4PhOpVVsTcTTPH+N77cPe0L1GcsLXmLnMQOkxCgY5tOiLVG747xP5YEDycZicph8
qJeCDlvcBE20OrxuddQXAKz4RP0t/hH9L61VrzRYluQ3dH/VJMhF98zFW97umh+O
KaNkG8zdn/bH8w+d1zaK3JP0PVBrRy0jLVqWlrkPoyScXQzdaJ0n21hMwlPxRIFJ
BMG+9FPFvBWg0xa2hiJWPhtcYXoIDjjv4Ww0CFaXaC8Fe17NTMwT2JhehmUTcxF9
KFs/Jh7xvbEWGaa8tfMEXKfzAR10+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAl2
8VTysZfOaZBAn1MTpcFsCCEfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQzNDM0M0NkNDREQxMUVGQTNDNjk1NEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPXIMA0GCSqGSIb3DQEBCwUA
A4IBAQAJXvI5KRJ+4+VpOVcqYyQN891ayyzdAlc5TzMIR4LvOi06Dj8dOOP++X/h
8Gyf6ASt3jRzy4xdJCWQVEIY8BYYGcdvnJL3Gu8uKxEwn8xBid1xv6AE51OIztfj
+UMRCIj6C6JokV4QdQ3pINOZH69kRwhrs4hmV/Bq/Qc6Y+Ed5C5KshvtDcO749Pu
KUbp08GapvWw8uS74oSpBdp8d0U7Iu+rz/RPAkaYFEWOJpx8D3b5m+DmMcBnpR1t
+c18+USWgi+RYVug5emh2pHST23Qh8T48epKHmLpaALUzyKTSsEzJA18BTdI6ZwU
mBE53PibheXHX+u+OtgMyfcvM2FG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:03 2025 by rpki-client