Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/400A71CACE7D11EF8D2D43B2762E951A.roa
File: 400A71CACE7D11EF8D2D43B2762E951A.roa (raw, json)
Hash identifier: x6RAgFEnQNrFOnF0KNg8t2X9R2vljvYpsWaDbID3jEM=
Subject key identifier: 81:5A:82:24:55:F1:A8:F0:2C:A2:FE:74:03:6F:BC:2F:E6:3D:27:7F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010368
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/400A71CACE7D11EF8D2D43B2762E951A.roa
Signing time: Thu 09 Jan 2025 11:31:21 +0000
ROA not before: Thu 09 Jan 2025 11:31:17 +0000
ROA not after: Sat 01 Feb 2025 11:31:17 +0000
asID: 17561
IP address blocks: 156.236.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66408 (0x10368)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 11:31:17 2025 GMT
Not After : Feb 1 11:31:17 2025 GMT
Subject: CN=677fb389-9740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0d:c9:7c:fe:8a:e9:91:47:2f:f4:e9:e5:82:
10:8f:9c:64:5f:a6:2f:c6:fb:20:43:49:5c:c8:1c:
80:91:2f:e9:4f:0f:87:0c:2a:ca:d7:07:5a:17:34:
34:41:7f:24:5a:98:b8:8e:72:a7:c2:59:b5:e0:1f:
fc:60:d4:90:72:01:54:64:af:84:b3:54:47:4a:66:
d2:71:b0:a7:5d:85:c6:80:af:35:ce:91:49:bd:22:
fb:6f:20:d2:84:0a:77:ca:f2:60:00:67:d6:13:6f:
a1:dd:87:14:f5:be:ef:1b:96:2e:9c:e7:2e:27:c1:
a1:97:44:da:7a:4d:cb:27:cb:fe:84:5a:f6:b5:f5:
fa:51:1c:23:51:63:14:94:5b:ab:1b:4d:80:45:81:
be:97:06:f4:db:67:9a:fe:fa:26:39:a6:6f:85:f0:
0b:60:44:bb:87:21:52:4a:45:75:3f:86:95:ee:f4:
e3:46:d7:d7:0e:53:f2:b7:a9:9f:66:67:85:d5:7e:
99:c1:c3:9c:c1:94:e7:f2:ed:ca:fe:47:a5:12:96:
47:33:6c:a7:0d:b9:cc:b0:16:4a:33:69:bd:28:6d:
67:ce:ef:7b:b8:36:a0:f4:84:f4:47:68:e4:c5:16:
e9:55:7f:3b:86:84:66:27:44:bd:11:be:6b:f7:a6:
9a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:5A:82:24:55:F1:A8:F0:2C:A2:FE:74:03:6F:BC:2F:E6:3D:27:7F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/400A71CACE7D11EF8D2D43B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.59.0/24
Signature Algorithm: sha256WithRSAEncryption
89:0b:cd:bd:75:c6:36:d2:13:95:5f:36:d0:2d:b1:93:06:0b:
d0:87:19:39:2a:c9:d4:9c:79:9a:c9:e6:7d:81:9c:8d:a6:4f:
d1:93:b6:33:7a:30:75:b4:fe:58:5d:69:66:2f:08:d4:b7:5f:
9a:9c:63:fb:3f:9c:4c:03:a8:1f:e0:4a:b9:6f:ec:39:ea:8d:
c9:bf:db:00:0f:30:2a:5a:c6:b8:7e:64:cb:0f:9e:80:39:ef:
79:0d:83:70:da:54:1f:5c:cd:d6:cb:96:86:47:25:34:f4:a4:
bd:bc:c9:cc:c6:e6:65:ef:f6:4d:c5:1e:12:d2:95:d1:b6:26:
d5:63:d0:ab:31:db:c1:0c:79:e1:85:d6:c0:be:ee:30:00:76:
41:8b:e9:a9:04:dc:bf:0f:e2:3d:e4:4c:bd:b1:7c:be:28:a7:
bc:e8:af:3e:ec:be:81:26:3c:dc:3c:e2:83:b0:9b:84:82:2a:
d0:97:cd:c9:57:72:a1:fb:f9:1c:8b:5f:80:a8:01:3d:3b:2d:
30:d3:3a:0b:cf:72:00:ae:a6:f5:07:31:a5:9c:40:8b:ad:cd:
54:05:0e:d2:8b:e9:fa:ce:29:ba:26:7d:1c:f7:06:c4:22:8f:
1a:47:65:21:27:14:ed:49:11:5c:34:5f:79:6d:ed:68:48:87:
7d:fb:18:c6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQNoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTEzMTE3WhcNMjUwMjAxMTEzMTE3WjAYMRYw
FAYDVQQDEw02NzdmYjM4OS05NzQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqg3JfP6K6ZFHL/Tp5YIQj5xkX6YvxvsgQ0lcyByAkS/pTw+HDCrK1wda
FzQ0QX8kWpi4jnKnwlm14B/8YNSQcgFUZK+Es1RHSmbScbCnXYXGgK81zpFJvSL7
byDShAp3yvJgAGfWE2+h3YcU9b7vG5YunOcuJ8Ghl0Taek3LJ8v+hFr2tfX6URwj
UWMUlFurG02ARYG+lwb022ea/vomOaZvhfALYES7hyFSSkV1P4aV7vTjRtfXDlPy
t6mfZmeF1X6ZwcOcwZTn8u3K/kelEpZHM2ynDbnMsBZKM2m9KG1nzu97uDag9IT0
R2jkxRbpVX87hoRmJ0S9Eb5r96aaEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIFa
giRV8ajwLKL+dANvvC/mPSd/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MDBBNzFDQUNFN0QxMUVGOEQyRDQzQjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOw7MA0GCSqGSIb3DQEBCwUA
A4IBAQCJC829dcY20hOVXzbQLbGTBgvQhxk5KsnUnHmayeZ9gZyNpk/Rk7YzejB1
tP5YXWlmLwjUt1+anGP7P5xMA6gf4Eq5b+w56o3Jv9sADzAqWsa4fmTLD56AOe95
DYNw2lQfXM3Wy5aGRyU09KS9vMnMxuZl7/ZNxR4S0pXRtibVY9CrMdvBDHnhhdbA
vu4wAHZBi+mpBNy/D+I95Ey9sXy+KKe86K8+7L6BJjzcPOKDsJuEgirQl83JV3Kh
+/kci1+AqAE9Oy0w0zoLz3IArqb1BzGlnECLrc1UBQ7Si+n6zim6Jn0c9wbEIo8a
R2UhJxTtSRFcNF95be1oSId9+xjG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:33 2025 by rpki-client