Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4008DB40BA2711EFA65C424B762E951A.roa
File: 4008DB40BA2711EFA65C424B762E951A.roa (raw, json)
Hash identifier: j/rfzt2klPLbTfAZ3w5yYp+rH/MW2TLn3C5kbv8821c=
Subject key identifier: 2F:33:19:36:D3:74:F5:99:12:16:C7:14:53:E1:80:7B:B1:06:6A:0F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E3A4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4008DB40BA2711EFA65C424B762E951A.roa
Signing time: Sat 14 Dec 2024 14:25:21 +0000
ROA not before: Sat 14 Dec 2024 14:25:17 +0000
ROA not after: Mon 20 Jan 2025 14:25:17 +0000
asID: 7018
IP address blocks: 156.253.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58276 (0xe3a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 14 14:25:17 2024 GMT
Not After : Jan 20 14:25:17 2025 GMT
Subject: CN=675d9551-4a19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fe:82:80:9a:9c:40:61:cb:59:dd:c9:23:fb:
fc:e9:91:82:78:51:7b:11:b4:34:88:d5:0c:5c:30:
fd:af:32:bc:68:e0:05:fd:b5:c5:61:52:db:b7:6c:
57:46:06:71:bb:3a:6f:40:3b:d1:57:1c:da:85:32:
e1:ef:c3:db:03:51:39:af:30:aa:3f:ef:9c:e4:78:
4f:7f:c4:79:a5:7f:a0:80:3d:08:ce:1f:19:4b:f2:
34:bf:fd:4c:94:1a:c2:09:2e:49:0a:08:a1:4c:08:
ed:f9:cf:c2:4f:48:86:11:cf:6e:f4:e3:19:81:83:
ce:2f:c6:8f:9b:bc:17:39:0f:37:b7:98:1b:e7:3b:
aa:36:e1:51:ee:50:77:de:e9:a2:66:d1:25:f1:99:
24:eb:a0:51:56:01:dc:99:3f:be:e7:5b:22:8e:13:
95:4e:ad:86:1c:f1:9c:c6:54:f6:cd:b6:91:5f:9a:
45:e2:17:57:ca:ad:24:5b:96:d9:95:1b:a6:7f:21:
d3:9e:0f:d1:c7:0a:e7:9e:e0:55:56:be:94:01:6a:
03:22:4c:77:97:1f:44:34:9e:a6:d8:c7:2b:02:07:
e2:03:ff:12:f0:ae:27:18:7b:f8:d8:f0:6f:85:f6:
5f:b6:29:7d:08:63:42:99:11:52:cf:c6:b3:77:05:
cb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:33:19:36:D3:74:F5:99:12:16:C7:14:53:E1:80:7B:B1:06:6A:0F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4008DB40BA2711EFA65C424B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.226.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:7d:07:44:81:dd:46:0c:a2:5b:e8:be:70:ab:0f:a3:3d:50:
92:5d:2f:53:af:53:1a:e8:f0:f0:70:b3:0e:2f:b6:df:db:ac:
8f:07:03:4d:40:34:78:ad:63:5b:5b:f9:f7:cb:b5:27:11:f8:
bc:a1:7c:88:26:8d:6f:c3:69:a2:8a:f6:67:04:57:57:5c:c2:
cf:12:d8:f5:d5:4b:37:65:82:12:be:08:0f:06:84:36:07:ee:
8a:00:06:e4:3a:f1:be:d7:e2:f0:5b:27:4f:ed:77:6d:3d:5b:
b9:7a:41:e8:7f:d2:a0:f8:10:6b:ff:da:ce:67:8e:e2:38:de:
9f:07:b4:33:31:66:c9:9b:00:6f:52:76:e9:42:54:85:61:54:
40:e7:ff:db:6a:ed:64:1c:bf:f8:df:76:b1:81:a6:b1:2d:0b:
4b:dc:60:6c:19:6d:63:66:4f:a6:25:17:30:16:8b:0f:cc:c6:
c7:23:92:67:c8:e0:0e:5b:bc:94:ba:7e:f1:5e:67:ae:80:f6:
9b:0a:d9:80:92:b4:1e:c6:13:e0:d8:eb:a2:a3:42:3a:82:a1:
f7:8a:a1:cb:7b:f7:81:1f:4e:cd:c5:70:45:32:8b:93:71:4d:
76:86:64:05:5b:4d:c2:68:65:71:41:71:1b:1c:19:58:54:76:
8e:e9:0a:9d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOOkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE0MTQyNTE3WhcNMjUwMTIwMTQyNTE3WjAYMRYw
FAYDVQQDEw02NzVkOTU1MS00YTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtf6CgJqcQGHLWd3JI/v86ZGCeFF7EbQ0iNUMXDD9rzK8aOAF/bXFYVLb
t2xXRgZxuzpvQDvRVxzahTLh78PbA1E5rzCqP++c5HhPf8R5pX+ggD0Izh8ZS/I0
v/1MlBrCCS5JCgihTAjt+c/CT0iGEc9u9OMZgYPOL8aPm7wXOQ83t5gb5zuqNuFR
7lB33umiZtEl8Zkk66BRVgHcmT++51sijhOVTq2GHPGcxlT2zbaRX5pF4hdXyq0k
W5bZlRumfyHTng/RxwrnnuBVVr6UAWoDIkx3lx9ENJ6m2McrAgfiA/8S8K4nGHv4
2PBvhfZftil9CGNCmRFSz8azdwXLMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC8z
GTbTdPWZEhbHFFPhgHuxBmoPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MDA4REI0MEJBMjcxMUVGQTY1QzQyNEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP3iMA0GCSqGSIb3DQEBCwUA
A4IBAQC7fQdEgd1GDKJb6L5wqw+jPVCSXS9Tr1Ma6PDwcLMOL7bf26yPBwNNQDR4
rWNbW/n3y7UnEfi8oXyIJo1vw2miivZnBFdXXMLPEtj11Us3ZYISvggPBoQ2B+6K
AAbkOvG+1+LwWydP7XdtPVu5ekHof9Kg+BBr/9rOZ47iON6fB7QzMWbJmwBvUnbp
QlSFYVRA5//bau1kHL/433axgaaxLQtL3GBsGW1jZk+mJRcwFosPzMbHI5JnyOAO
W7yUun7xXmeugPabCtmAkrQexhPg2Ouio0I6gqH3iqHLe/eBH07NxXBFMouTcU12
hmQFW03CaGVxQXEbHBlYVHaO6Qqd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:51 2025 by rpki-client