Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D472F4AD00911EF8CD11B88762E951A.roa
File: 3D472F4AD00911EF8CD11B88762E951A.roa (raw, json)
Hash identifier: GOOtug1ZUJwv6teoMyCWHLnxxqnECK/gQ6TbWvK0rMg=
Subject key identifier: 32:B2:7F:BA:B0:9A:AF:62:17:37:CA:23:3A:C8:2D:B4:96:FC:63:B6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0105B8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D472F4AD00911EF8CD11B88762E951A.roa
Signing time: Sat 11 Jan 2025 10:45:57 +0000
ROA not before: Sat 11 Jan 2025 10:45:54 +0000
ROA not after: Sat 25 Jan 2025 10:45:54 +0000
asID: 139646
IP address blocks: 156.242.12.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67000 (0x105b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 10:45:54 2025 GMT
Not After : Jan 25 10:45:54 2025 GMT
Subject: CN=67824be5-2675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:46:63:ca:23:c1:b5:66:35:4c:6d:fa:4b:6f:
a8:fa:44:6c:9a:2e:b8:c5:88:08:ab:61:33:6e:16:
dd:3c:aa:c6:b8:a8:f3:9d:15:4a:e4:7d:17:e0:04:
4a:33:a0:24:3c:27:ca:22:36:c2:36:b4:0d:d7:20:
22:ef:f6:14:ff:26:2d:1b:6e:8d:b1:85:ff:d9:0d:
8d:11:18:64:d5:7a:95:10:ac:79:d5:6c:4d:20:91:
54:46:a7:c4:93:bd:8b:7e:3c:b0:c1:ff:27:bb:21:
4c:c5:e7:96:31:88:51:f0:68:e1:9e:f7:42:35:44:
49:3c:e7:4b:1e:2a:da:7d:b5:f2:e2:76:73:79:6d:
25:82:64:3c:ed:18:40:b8:bf:a1:e7:83:92:12:dc:
ad:45:5f:d5:13:07:8a:39:0e:7e:a6:32:72:06:c1:
c1:59:f1:ae:4f:9b:c2:b7:09:26:b6:db:37:a8:ab:
ee:eb:92:fb:bb:6a:6d:3e:10:69:0c:bd:2f:b6:c6:
99:dc:f1:f0:89:50:b1:01:f9:bf:7a:c4:b7:12:a3:
25:db:5d:0f:e9:73:71:ca:11:d6:a5:78:95:bc:1d:
61:f1:a8:29:2f:4f:ff:5d:9c:7c:3b:82:ed:8a:2b:
48:f3:88:db:f4:61:b0:ff:03:d5:31:2f:a7:27:d7:
44:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B2:7F:BA:B0:9A:AF:62:17:37:CA:23:3A:C8:2D:B4:96:FC:63:B6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D472F4AD00911EF8CD11B88762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.12.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:0a:ea:8d:86:63:d2:09:2a:16:c6:a7:64:a6:d6:f6:f5:ef:
f9:ce:95:12:c8:62:2f:27:69:61:c1:45:12:8f:4e:62:ca:c6:
12:4f:59:15:0d:0a:4f:9b:64:6e:50:4b:c7:67:68:12:1b:67:
67:ba:27:03:f9:bc:17:b4:4c:71:cd:c0:43:30:77:fc:6d:25:
df:7d:7a:7b:0d:95:b1:d5:1c:8d:3d:12:9d:ca:80:5f:88:39:
37:8f:8d:79:0a:6f:5e:4d:25:a4:93:e3:74:f7:f8:67:54:35:
22:44:18:45:0f:8d:2f:62:6f:74:29:e4:4c:7b:c2:94:6e:58:
57:20:ce:5b:7a:4e:2a:1d:40:c6:bf:f0:ca:f3:de:bd:88:73:
7c:65:60:18:cb:ac:86:fd:5e:b9:3b:d3:9b:81:b5:59:6c:67:
db:26:7e:30:3a:9c:01:2b:d5:62:b7:33:f6:51:f9:b3:af:61:
9a:79:c4:f9:ca:c4:2f:79:a5:a6:30:b0:18:45:3a:36:b5:2b:
8f:19:0f:57:d2:53:84:b4:e2:0b:e8:de:b2:af:6a:6f:e4:8d:
c6:c8:c5:d4:81:9f:1f:04:27:61:3d:d3:c4:92:f9:18:91:6a:
95:32:8f:ee:6c:f1:35:56:f5:72:a2:fd:d0:49:6d:15:f6:d3:
bc:2e:ae:2c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQW4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTA0NTU0WhcNMjUwMTI1MTA0NTU0WjAYMRYw
FAYDVQQDEw02NzgyNGJlNS0yNjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwEZjyiPBtWY1TG36S2+o+kRsmi64xYgIq2EzbhbdPKrGuKjznRVK5H0X
4ARKM6AkPCfKIjbCNrQN1yAi7/YU/yYtG26NsYX/2Q2NERhk1XqVEKx51WxNIJFU
RqfEk72Lfjywwf8nuyFMxeeWMYhR8GjhnvdCNURJPOdLHirafbXy4nZzeW0lgmQ8
7RhAuL+h54OSEtytRV/VEweKOQ5+pjJyBsHBWfGuT5vCtwkmtts3qKvu65L7u2pt
PhBpDL0vtsaZ3PHwiVCxAfm/esS3EqMl210P6XNxyhHWpXiVvB1h8agpL0//XZx8
O4LtiitI84jb9GGw/wPVMS+nJ9dEmwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDKy
f7qwmq9iFzfKIzrILbSW/GO2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRDQ3MkY0QUQwMDkxMUVGOENEMTFCODg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPIMMA0GCSqGSIb3DQEBCwUA
A4IBAQCMCuqNhmPSCSoWxqdkptb29e/5zpUSyGIvJ2lhwUUSj05iysYST1kVDQpP
m2RuUEvHZ2gSG2dnuicD+bwXtExxzcBDMHf8bSXffXp7DZWx1RyNPRKdyoBfiDk3
j415Cm9eTSWkk+N09/hnVDUiRBhFD40vYm90KeRMe8KUblhXIM5bek4qHUDGv/DK
8969iHN8ZWAYy6yG/V65O9ObgbVZbGfbJn4wOpwBK9VitzP2Ufmzr2GaecT5ysQv
eaWmMLAYRTo2tSuPGQ9X0lOEtOIL6N6yr2pv5I3GyMXUgZ8fBCdhPdPEkvkYkWqV
Mo/ubPE1VvVyov3QSW0V9tO8Lq4s
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:05 2025 by rpki-client