Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E7A1F68D30F11EFA29463A9762E951A.roa
File: 3E7A1F68D30F11EFA29463A9762E951A.roa (raw, json)
Hash identifier: wkRmqX01nt4zB1+kC4I7SY1ID6KWhyY7V3A1FBWDqXA=
Subject key identifier: B6:93:5A:E3:F1:3D:1F:C0:85:AD:70:89:FC:A3:EC:69:B2:D6:83:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010841
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E7A1F68D30F11EFA29463A9762E951A.roa
Signing time: Wed 15 Jan 2025 07:06:30 +0000
ROA not before: Wed 15 Jan 2025 07:06:26 +0000
ROA not after: Mon 27 Jan 2025 07:06:26 +0000
asID: 8796
IP address blocks: 156.225.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67649 (0x10841)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 07:06:26 2025 GMT
Not After : Jan 27 07:06:26 2025 GMT
Subject: CN=67875e76-51b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a0:54:07:f9:73:6e:25:08:65:58:cc:3b:3c:
70:f2:a3:9e:53:fa:00:40:dd:8c:ff:38:93:69:63:
0c:16:3d:35:ec:63:99:d7:2c:1d:be:d0:a0:6b:90:
fd:d4:c9:bc:85:57:9c:14:11:8e:2b:55:6a:20:45:
3b:c7:64:2f:fa:15:b4:3a:c9:69:68:56:15:2f:48:
d4:5a:ef:e1:c7:f9:a9:b9:da:57:b8:8d:6b:14:6b:
55:cb:a1:60:9f:1c:28:ad:32:0c:bc:b0:e4:a0:7f:
0b:3f:21:68:8f:15:d0:78:79:b9:30:44:50:06:fc:
2d:22:db:62:a7:7a:97:f5:68:48:e1:52:7a:05:be:
e8:f6:83:17:d4:56:c2:cf:d8:4f:eb:04:7e:c1:10:
3c:e1:21:2a:6c:35:e4:31:10:3e:1b:83:24:46:a2:
8d:9e:b0:4a:0a:ef:87:01:97:4a:7b:da:a5:2a:af:
d8:44:ec:fa:7b:71:b7:3e:e9:94:6f:d3:3d:28:f5:
72:7f:f1:7b:bb:43:15:64:38:19:c3:35:a8:4d:fd:
f2:01:39:70:76:91:7d:57:53:09:20:9b:b7:39:f6:
b0:50:7c:4a:f6:33:44:9e:7c:6e:f6:2f:d8:f8:f2:
a0:ac:83:7a:ef:6a:80:d2:39:2b:d3:a6:ed:06:29:
11:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:93:5A:E3:F1:3D:1F:C0:85:AD:70:89:FC:A3:EC:69:B2:D6:83:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E7A1F68D30F11EFA29463A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
a7:2b:eb:87:dd:0e:4f:4e:20:5f:35:59:6f:ac:bf:37:0a:93:
f1:8b:b6:70:1a:c8:30:15:95:d8:64:04:20:2b:3c:fd:32:dc:
8c:e4:44:9e:96:3e:8b:12:33:f3:cf:81:60:8a:2f:e6:55:62:
9a:48:9a:b5:11:c2:a7:02:a7:60:29:04:bd:13:b0:be:fb:a9:
5a:0d:51:f5:79:58:81:65:b3:8f:c0:c9:0c:f3:bb:29:a9:ed:
d9:46:2e:97:7b:74:a5:ee:1c:36:e2:91:19:14:a0:e2:6f:59:
70:87:e2:1e:f7:ec:59:55:d7:8c:ae:64:84:89:a6:47:31:bb:
fa:17:02:45:a7:2a:87:d2:45:dc:6a:b5:fc:21:c7:15:d5:c9:
6e:98:cd:ee:f1:4c:1d:c9:b8:ad:82:b4:57:c5:18:8e:b5:dd:
9d:0b:9f:0e:48:b0:c4:d7:79:93:89:17:3c:54:12:3d:c9:37:
6c:84:92:d8:e7:da:50:37:ce:2b:61:08:f6:0b:d7:b2:cc:31:
98:6a:18:22:96:d0:29:94:f0:ab:e7:9f:58:36:6f:94:06:af:
0e:3e:71:1c:6f:ca:fd:fa:3e:71:dc:d3:ab:3f:d3:68:8e:4f:
c8:b8:2c:18:86:49:44:b6:d6:ca:cf:59:88:33:f1:cb:1d:0d:
51:04:ed:6f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQhBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDcwNjI2WhcNMjUwMTI3MDcwNjI2WjAYMRYw
FAYDVQQDEw02Nzg3NWU3Ni01MWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlqBUB/lzbiUIZVjMOzxw8qOeU/oAQN2M/ziTaWMMFj017GOZ1ywdvtCg
a5D91Mm8hVecFBGOK1VqIEU7x2Qv+hW0OslpaFYVL0jUWu/hx/mpudpXuI1rFGtV
y6FgnxworTIMvLDkoH8LPyFojxXQeHm5MERQBvwtIttip3qX9WhI4VJ6Bb7o9oMX
1FbCz9hP6wR+wRA84SEqbDXkMRA+G4MkRqKNnrBKCu+HAZdKe9qlKq/YROz6e3G3
PumUb9M9KPVyf/F7u0MVZDgZwzWoTf3yATlwdpF9V1MJIJu3OfawUHxK9jNEnnxu
9i/Y+PKgrIN672qA0jkr06btBikRRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLaT
WuPxPR/Aha1wifyj7Gmy1oO8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRTdBMUY2OEQzMEYxMUVGQTI5NDYzQTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQCnK+uH3Q5PTiBfNVlvrL83CpPxi7ZwGsgwFZXYZAQgKzz9MtyM5ESelj6L
EjPzz4Fgii/mVWKaSJq1EcKnAqdgKQS9E7C++6laDVH1eViBZbOPwMkM87spqe3Z
Ri6Xe3Sl7hw24pEZFKDib1lwh+Ie9+xZVdeMrmSEiaZHMbv6FwJFpyqH0kXcarX8
IccV1clumM3u8UwdybitgrRXxRiOtd2dC58OSLDE13mTiRc8VBI9yTdshJLY59pQ
N84rYQj2C9eyzDGYahgiltAplPCr559YNm+UBq8OPnEcb8r9+j5x3NOrP9Nojk/I
uCwYhklEttbKz1mIM/HLHQ1RBO1v
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:55 2025 by rpki-client