Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F6E79A6BB7611EFA2503D8B762E951A.roa
File: 3F6E79A6BB7611EFA2503D8B762E951A.roa (raw, json)
Hash identifier: otE9SgVH+SahHk5WwSp0/JVu4cZQpNhqRI1nR57/ku8=
Subject key identifier: FF:CC:C6:DC:0D:C8:20:F6:FD:C2:8E:99:C0:F1:3F:2B:75:67:7A:EE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E406
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F6E79A6BB7611EFA2503D8B762E951A.roa
Signing time: Mon 16 Dec 2024 06:23:22 +0000
ROA not before: Mon 16 Dec 2024 06:23:18 +0000
ROA not after: Mon 20 Jan 2025 06:23:18 +0000
asID: 137899
IP address blocks: 156.225.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58374 (0xe406)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 16 06:23:18 2024 GMT
Not After : Jan 20 06:23:18 2025 GMT
Subject: CN=675fc75a-5c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:bd:1e:b6:9b:7b:d0:9b:a2:d4:b6:41:2d:1e:
ae:e8:5d:44:93:79:e0:f4:b7:aa:2e:50:6e:03:da:
94:62:41:ac:20:54:07:ee:e0:40:69:27:cb:2d:83:
ba:2b:87:b1:0b:75:42:ae:d7:eb:a5:f7:16:f9:92:
eb:b1:42:c3:3a:43:00:40:17:f9:08:cf:45:15:6a:
44:46:15:0e:78:98:0b:3f:72:97:0a:c8:7e:84:75:
2b:c4:2c:a5:bc:27:59:28:90:1b:66:21:cf:de:cf:
d4:b3:83:18:55:27:81:cf:88:6b:10:8b:5e:f5:d7:
8a:6a:af:af:22:83:95:a4:09:24:dd:9c:39:6a:5b:
b4:64:df:50:72:20:71:ad:fa:66:0e:96:e8:57:db:
c6:42:a3:4a:b4:32:74:88:fc:c9:15:04:53:10:52:
ea:33:10:de:0d:cd:2f:97:f5:78:3e:f1:4b:12:91:
6e:7f:69:df:de:5e:b0:8c:94:07:83:fa:b0:19:ad:
70:5a:03:00:08:cf:db:8f:8b:b8:af:2a:7d:16:d0:
07:be:6f:80:78:7b:bd:88:57:d8:a2:c5:92:b3:13:
fd:a8:3b:b1:9b:50:72:14:2d:00:b0:cb:1b:a3:3a:
37:59:68:d1:31:4a:9a:a4:0f:ff:12:9c:25:76:58:
26:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CC:C6:DC:0D:C8:20:F6:FD:C2:8E:99:C0:F1:3F:2B:75:67:7A:EE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F6E79A6BB7611EFA2503D8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:7b:34:30:60:b0:b1:93:e7:80:24:a9:af:38:7a:3b:1d:af:
28:cc:16:ca:d6:0b:99:88:37:51:00:cc:9f:8c:1d:e2:e0:16:
b7:69:7b:93:4b:fe:ae:c2:c6:ed:d9:40:a3:d2:d8:04:b1:32:
de:38:60:26:f0:35:f7:a1:a4:f8:d5:d1:b4:21:ab:89:75:e8:
a4:87:6a:5d:c1:33:72:3d:44:6e:3c:dd:b4:dc:32:c6:7d:84:
79:e8:ec:51:c6:3c:cb:90:e4:f7:ea:e3:ef:a5:35:2e:f1:6b:
98:cd:37:1a:2d:51:20:03:01:ee:13:ac:70:32:dd:47:d6:c6:
9e:be:6a:15:e0:20:6c:bb:27:e5:77:8b:25:96:9f:b7:c0:d3:
95:a3:83:94:bc:af:ff:25:d2:48:e1:b4:a7:8d:43:45:f2:f0:
d4:90:a3:e7:15:af:b2:e8:57:c7:34:d0:0d:bf:4d:10:4f:98:
c6:5f:d4:e4:9e:81:70:70:0a:b8:2d:97:0c:ef:4f:eb:4c:33:
90:92:14:91:1a:a1:82:4a:d8:9c:65:ed:2d:12:0f:7a:e0:22:
07:f7:ec:c4:ce:41:19:b6:09:bb:44:04:9d:28:be:ca:e9:f5:
6e:d4:10:5b:60:9c:fe:b1:75:5e:c9:dd:80:cb:80:37:98:e5:
d8:98:09:53
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOQGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE2MDYyMzE4WhcNMjUwMTIwMDYyMzE4WjAYMRYw
FAYDVQQDEw02NzVmYzc1YS01Yzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA770etpt70Jui1LZBLR6u6F1Ek3ng9LeqLlBuA9qUYkGsIFQH7uBAaSfL
LYO6K4exC3VCrtfrpfcW+ZLrsULDOkMAQBf5CM9FFWpERhUOeJgLP3KXCsh+hHUr
xCylvCdZKJAbZiHP3s/Us4MYVSeBz4hrEIte9deKaq+vIoOVpAkk3Zw5alu0ZN9Q
ciBxrfpmDpboV9vGQqNKtDJ0iPzJFQRTEFLqMxDeDc0vl/V4PvFLEpFuf2nf3l6w
jJQHg/qwGa1wWgMACM/bj4u4ryp9FtAHvm+AeHu9iFfYosWSsxP9qDuxm1ByFC0A
sMsbozo3WWjRMUqapA//EpwldlgmRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP/M
xtwNyCD2/cKOmcDxPyt1Z3ruMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRjZFNzlBNkJCNzYxMUVGQTI1MDNEOEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQBOezQwYLCxk+eAJKmvOHo7Ha8ozBbK1guZiDdRAMyfjB3i4Ba3aXuTS/6u
wsbt2UCj0tgEsTLeOGAm8DX3oaT41dG0IauJdeikh2pdwTNyPURuPN203DLGfYR5
6OxRxjzLkOT36uPvpTUu8WuYzTcaLVEgAwHuE6xwMt1H1saevmoV4CBsuyfld4sl
lp+3wNOVo4OUvK//JdJI4bSnjUNF8vDUkKPnFa+y6FfHNNANv00QT5jGX9TknoFw
cAq4LZcM70/rTDOQkhSRGqGCSticZe0tEg964CIH9+zEzkEZtgm7RASdKL7K6fVu
1BBbYJz+sXVeyd2Ay4A3mOXYmAlT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:12 2025 by rpki-client