Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CE39D40CC2111EFB1856AA0762E951A.roa
File: 3CE39D40CC2111EFB1856AA0762E951A.roa (raw, json)
Hash identifier: B0DyFPS7HHXuuV0MiOvRZwgJs1MwkgdUqAl7y6iW08w=
Subject key identifier: A2:D3:69:36:A2:95:76:F0:C9:BA:88:14:F3:51:D5:97:1C:01:2F:2C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F8AB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CE39D40CC2111EFB1856AA0762E951A.roa
Signing time: Mon 06 Jan 2025 11:27:40 +0000
ROA not before: Mon 06 Jan 2025 11:27:36 +0000
ROA not after: Wed 15 Jan 2025 11:27:36 +0000
asID: 40065
IP address blocks: 156.235.2.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63659 (0xf8ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 11:27:36 2025 GMT
Not After : Jan 15 11:27:36 2025 GMT
Subject: CN=677bbe2c-d734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bf:00:8c:50:50:34:56:26:16:16:94:32:89:
19:33:2e:df:84:c5:dc:aa:1e:98:b4:81:60:28:f5:
61:bf:db:6b:d6:20:ba:08:db:d3:d9:75:5d:9f:b1:
f6:47:a7:bf:07:3c:72:5e:23:e6:e6:bf:39:83:07:
7f:ed:42:8e:f0:db:a6:24:f1:ca:73:d3:d9:9a:92:
9b:fc:30:35:fe:2d:9f:73:bd:5e:e0:05:72:3c:2b:
51:d9:ca:4e:22:0f:3e:0d:78:81:68:23:5c:36:26:
be:98:e2:fd:59:7b:31:26:54:dc:84:b1:ec:af:71:
29:b1:b6:a5:5c:60:68:b1:d7:53:cf:59:70:79:8e:
0b:1c:00:f4:32:b2:83:0a:6e:8e:3c:42:df:f2:94:
96:ed:69:52:62:05:65:e9:ce:36:d1:2f:ce:b5:dd:
0c:24:22:16:8b:7d:ec:c8:9f:8e:48:f5:f1:c8:85:
f5:b3:fe:0d:b8:ab:70:83:68:4c:fc:18:11:ce:db:
d8:df:c0:5e:81:3b:e3:76:fb:2e:f0:99:8b:d2:c7:
71:09:a6:4e:ba:0a:03:87:e5:91:28:38:27:d6:6d:
32:d5:ff:7c:ae:43:59:59:a7:3b:02:1a:d0:35:fb:
37:b4:e6:2d:5f:67:40:b6:cb:12:f4:41:24:09:f0:
3c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D3:69:36:A2:95:76:F0:C9:BA:88:14:F3:51:D5:97:1C:01:2F:2C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CE39D40CC2111EFB1856AA0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.2.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:c7:73:fb:c6:45:e4:fa:35:0b:58:c4:22:d5:4b:c0:b9:ef:
bb:58:59:fc:83:88:a9:38:45:f4:ef:e5:1d:fd:88:5e:57:f8:
d4:8d:90:5f:5b:70:ea:fd:a8:41:76:0c:e2:9e:a7:0b:57:3b:
89:a5:96:bb:5c:a1:c4:4e:ea:5e:42:97:9c:c6:eb:ab:6b:ab:
e6:03:48:23:e4:a2:bf:55:43:ad:d2:15:95:45:a9:03:7f:24:
08:48:a2:26:19:e8:b8:c9:a8:dc:7a:04:28:f5:46:03:83:83:
01:fe:e3:97:54:ad:d6:d5:81:d0:37:23:22:ae:73:a1:85:29:
14:09:8e:21:3f:9a:90:44:44:7f:f9:28:c9:55:01:d5:82:2b:
19:48:5a:5c:d8:85:bc:09:58:3a:96:cf:c8:01:90:ec:38:62:
66:7b:7c:9d:df:96:38:0f:c0:5e:e0:f8:2f:3b:00:53:68:bf:
bc:f2:92:75:36:c8:aa:c8:1a:41:58:e7:ea:1a:0d:03:b1:0b:
56:72:5c:90:6a:f7:41:25:91:24:03:70:e7:75:d5:b0:11:1f:
ff:38:72:7a:b4:74:cd:06:c1:96:a0:6b:fd:ad:c7:1a:5c:0c:
83:4e:d8:12:40:13:99:67:17:03:76:0c:c7:93:81:94:5e:35:
59:3a:fd:46
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPirMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MTEyNzM2WhcNMjUwMTE1MTEyNzM2WjAYMRYw
FAYDVQQDEw02NzdiYmUyYy1kNzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwL8AjFBQNFYmFhaUMokZMy7fhMXcqh6YtIFgKPVhv9tr1iC6CNvT2XVd
n7H2R6e/BzxyXiPm5r85gwd/7UKO8NumJPHKc9PZmpKb/DA1/i2fc71e4AVyPCtR
2cpOIg8+DXiBaCNcNia+mOL9WXsxJlTchLHsr3EpsbalXGBosddTz1lweY4LHAD0
MrKDCm6OPELf8pSW7WlSYgVl6c420S/Otd0MJCIWi33syJ+OSPXxyIX1s/4NuKtw
g2hM/BgRztvY38BegTvjdvsu8JmL0sdxCaZOugoDh+WRKDgn1m0y1f98rkNZWac7
AhrQNfs3tOYtX2dAtssS9EEkCfA8EwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKLT
aTailXbwybqIFPNR1ZccAS8sMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQ0UzOUQ0MENDMjExMUVGQjE4NTZBQTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOsCMA0GCSqGSIb3DQEBCwUA
A4IBAQAPx3P7xkXk+jULWMQi1UvAue+7WFn8g4ipOEX07+Ud/YheV/jUjZBfW3Dq
/ahBdgzinqcLVzuJpZa7XKHETupeQpecxuura6vmA0gj5KK/VUOt0hWVRakDfyQI
SKImGei4yajcegQo9UYDg4MB/uOXVK3W1YHQNyMirnOhhSkUCY4hP5qQRER/+SjJ
VQHVgisZSFpc2IW8CVg6ls/IAZDsOGJme3yd35Y4D8Be4PgvOwBTaL+88pJ1Nsiq
yBpBWOfqGg0DsQtWclyQavdBJZEkA3DnddWwER//OHJ6tHTNBsGWoGv9rccaXAyD
TtgSQBOZZxcDdgzHk4GUXjVZOv1G
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:13 2025 by rpki-client