Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D93F1BACCF111EF9FED064D762E951A.roa
File: 3D93F1BACCF111EF9FED064D762E951A.roa (raw, json)
Hash identifier: 2SKDHEoCXI4T8J1/k4/Rs7zoCJZ/X/Ik/6mfnV5jEIs=
Subject key identifier: FC:35:A6:77:E0:8D:18:C2:5B:3B:62:79:F0:40:42:A8:52:F9:97:14
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC13
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D93F1BACCF111EF9FED064D762E951A.roa
Signing time: Tue 07 Jan 2025 12:16:36 +0000
ROA not before: Tue 07 Jan 2025 12:16:33 +0000
ROA not after: Sat 18 Jan 2025 12:16:33 +0000
asID: 11331
IP address blocks: 156.227.40.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64531 (0xfc13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 12:16:33 2025 GMT
Not After : Jan 18 12:16:33 2025 GMT
Subject: CN=677d1b24-20b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f4:06:de:d2:df:f1:f0:10:c6:7d:dd:9e:2e:
09:31:04:fa:ec:37:ab:14:37:2d:c6:43:fb:21:fa:
55:42:9f:7a:2d:9a:0b:d4:0c:21:50:0b:5c:bf:94:
f5:bd:df:8a:4f:6a:84:73:1f:2d:1a:16:54:e8:3c:
8e:4b:26:8d:b1:5e:95:07:00:6d:e4:83:bb:d9:6c:
d9:a2:f3:24:e0:e1:d3:50:21:34:52:37:0d:fd:c4:
17:ed:3b:83:9b:d4:20:36:cc:e4:ab:5c:6b:93:8f:
87:b2:12:b1:6d:1c:d7:6a:b9:19:eb:e6:86:c2:2e:
34:b7:c3:17:c6:41:c0:5a:c1:5d:e2:e8:72:dd:d6:
d2:00:e0:87:0a:cb:a1:b2:3c:de:ea:ff:26:02:d1:
e7:e0:3d:3f:d1:ac:d5:f7:36:de:73:fd:03:f4:ce:
34:61:46:69:04:0f:24:22:26:94:06:b9:ea:a1:81:
f4:2f:5d:88:5d:0c:ba:4b:6a:bf:d8:de:52:b4:60:
27:8f:54:d4:1c:c8:6e:be:d2:97:1a:8a:a8:48:9f:
df:58:80:fb:26:36:e4:67:aa:b9:0c:64:0b:b2:34:
1b:d5:c6:91:86:07:1e:cf:ab:0c:71:ee:83:fa:35:
6a:4c:5f:ef:70:3a:dc:c2:55:ce:45:35:08:f8:96:
73:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:35:A6:77:E0:8D:18:C2:5B:3B:62:79:F0:40:42:A8:52:F9:97:14
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D93F1BACCF111EF9FED064D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.40.0/21
Signature Algorithm: sha256WithRSAEncryption
7b:2f:b6:37:1f:40:d4:c3:a5:70:70:dd:6e:40:1d:e0:9d:a5:
90:5a:6e:d1:4f:30:31:c4:f2:7f:56:cf:e0:36:86:92:bd:f2:
87:71:a4:a3:e9:0c:31:1a:dd:0c:00:4a:2f:a3:61:a6:b1:bd:
30:f8:ea:da:1d:69:15:9e:b0:23:96:a1:20:1e:cc:25:5d:2b:
ae:25:0a:77:c4:c2:e2:e0:e1:d0:4d:7a:11:93:cb:a6:0c:28:
97:28:49:a8:1c:bb:51:2c:4a:34:ed:d4:ed:a3:d1:98:54:27:
09:8c:4d:bc:c4:5c:16:9f:28:53:50:41:ec:a9:65:3b:c9:70:
e5:0d:5c:5f:e0:bf:74:a0:0d:d8:95:c0:27:41:56:f4:51:00:
95:f2:58:35:49:22:87:67:bb:04:5c:60:61:66:ec:05:88:33:
77:35:e2:32:b4:b0:4c:2a:72:ca:b3:29:54:89:a7:25:98:43:
30:6e:61:bf:65:9b:6b:37:ec:d2:a7:47:3b:84:7a:ec:1f:35:
e8:12:d4:82:38:c4:04:93:cd:9f:e2:92:26:b5:14:05:95:5c:
fc:e4:42:b5:68:b4:6e:c2:47:82:94:cc:a6:33:13:ce:cf:87:
34:7c:21:88:86:90:52:b4:f2:39:74:52:58:b9:8b:df:c2:65:
f6:6d:85:90
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPwTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTIxNjMzWhcNMjUwMTE4MTIxNjMzWjAYMRYw
FAYDVQQDEw02NzdkMWIyNC0yMGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoPQG3tLf8fAQxn3dni4JMQT67DerFDctxkP7IfpVQp96LZoL1AwhUAtc
v5T1vd+KT2qEcx8tGhZU6DyOSyaNsV6VBwBt5IO72WzZovMk4OHTUCE0UjcN/cQX
7TuDm9QgNszkq1xrk4+HshKxbRzXarkZ6+aGwi40t8MXxkHAWsFd4uhy3dbSAOCH
Csuhsjze6v8mAtHn4D0/0azV9zbec/0D9M40YUZpBA8kIiaUBrnqoYH0L12IXQy6
S2q/2N5StGAnj1TUHMhuvtKXGoqoSJ/fWID7JjbkZ6q5DGQLsjQb1caRhgcez6sM
ce6D+jVqTF/vcDrcwlXORTUI+JZzLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPw1
pnfgjRjCWztiefBAQqhS+ZcUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRDkzRjFCQUNDRjExMUVGOUZFRDA2NEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOMoMA0GCSqGSIb3DQEBCwUA
A4IBAQB7L7Y3H0DUw6VwcN1uQB3gnaWQWm7RTzAxxPJ/Vs/gNoaSvfKHcaSj6Qwx
Gt0MAEovo2Gmsb0w+OraHWkVnrAjlqEgHswlXSuuJQp3xMLi4OHQTXoRk8umDCiX
KEmoHLtRLEo07dTto9GYVCcJjE28xFwWnyhTUEHsqWU7yXDlDVxf4L90oA3YlcAn
QVb0UQCV8lg1SSKHZ7sEXGBhZuwFiDN3NeIytLBMKnLKsylUiaclmEMwbmG/ZZtr
N+zSp0c7hHrsHzXoEtSCOMQEk82f4pImtRQFlVz85EK1aLRuwkeClMymMxPOz4c0
fCGIhpBStPI5dFJYuYvfwmX2bYWQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:12 2025 by rpki-client