Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40C0A67CD00B11EFAC90F895762E951A.roa
File: 40C0A67CD00B11EFAC90F895762E951A.roa (raw, json)
Hash identifier: UHD9e3dbD3u19Q66DWVEH8NStA4ih51z9tjCrtvu2RM=
Subject key identifier: 59:43:FD:CA:BF:67:48:85:BC:CF:FF:23:4D:26:3B:B7:9B:E9:52:CA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0105C2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40C0A67CD00B11EFAC90F895762E951A.roa
Signing time: Sat 11 Jan 2025 11:00:22 +0000
ROA not before: Sat 11 Jan 2025 11:00:18 +0000
ROA not after: Sat 25 Jan 2025 11:00:18 +0000
asID: 54801
IP address blocks: 156.242.10.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67010 (0x105c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 11:00:18 2025 GMT
Not After : Jan 25 11:00:18 2025 GMT
Subject: CN=67824f46-b8c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:40:97:d4:ca:ec:3b:90:3a:61:b3:79:2e:91:
ba:28:c0:09:f8:61:76:db:22:22:5d:49:2b:66:44:
a2:ec:99:6b:36:2d:e1:dd:16:60:bb:06:69:77:44:
56:b9:cc:a8:74:b3:ed:3a:f8:00:56:de:63:e5:48:
2a:95:8e:f0:62:30:21:26:60:02:67:cd:cb:7c:2a:
e0:03:50:23:fa:07:41:64:72:1f:0a:ae:c4:61:43:
2c:0e:3b:fd:f6:31:1b:8b:d7:f1:39:02:b0:6a:d1:
d9:1d:dd:58:2f:63:23:1b:f0:04:35:ac:8f:af:6d:
f9:da:a1:b2:52:ab:6d:0a:c3:79:2b:14:eb:0b:4e:
b4:b7:f7:2c:26:51:c3:91:d3:48:b4:93:e3:f4:f3:
9e:78:fe:3c:d0:8c:b9:07:84:24:32:ef:df:e2:c0:
0e:0b:d5:9f:c3:0d:78:35:e6:c5:09:a5:fe:41:1a:
42:59:e3:85:bf:2c:b4:f5:9f:94:7f:15:fe:33:e7:
b8:b1:20:5b:b8:ae:f3:ae:1a:6f:c5:f3:61:4b:28:
7e:bd:a6:b4:dc:46:06:79:43:a2:73:30:92:b5:aa:
26:f8:37:a3:89:f5:a8:9b:e6:c1:dd:2e:2a:1c:5d:
d3:e4:11:29:75:9f:47:63:56:f5:83:be:6a:94:c5:
f7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:43:FD:CA:BF:67:48:85:BC:CF:FF:23:4D:26:3B:B7:9B:E9:52:CA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40C0A67CD00B11EFAC90F895762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.10.0/23
Signature Algorithm: sha256WithRSAEncryption
46:08:2a:aa:df:ed:d8:58:1e:6c:3c:c1:79:ac:88:e0:d3:c4:
ed:cf:2c:14:7d:38:4e:ce:96:c2:07:00:a3:64:d3:35:bc:55:
c1:82:a1:a4:9d:a9:14:fd:3f:ca:29:f5:98:ed:77:e2:cc:41:
d5:fc:d9:11:d2:e9:87:94:16:e0:97:9f:e7:df:73:6f:67:a5:
87:45:22:2a:98:75:6d:22:91:d8:2c:79:cb:25:21:22:d5:4b:
9d:2e:bd:ff:41:9d:e5:4b:50:5b:6c:64:e4:be:03:6a:75:0a:
2f:c6:3e:b0:e7:14:7d:64:01:41:65:33:24:7b:ea:b2:48:3c:
dd:71:8a:2c:0e:58:62:e6:24:03:43:02:01:0c:51:44:54:16:
c1:0e:01:0d:79:b4:11:34:91:23:dd:2b:d4:4b:e7:0b:d7:59:
ae:b1:5b:b8:94:72:11:9f:f6:ef:7c:8c:d3:58:c5:5f:7b:e5:
12:bd:6e:51:d8:35:a2:7f:11:ae:2b:9f:51:d5:65:21:ef:9d:
d5:b9:2e:a6:8a:7f:19:2c:fd:26:34:c0:85:c9:10:0e:4b:7e:
53:15:3c:fe:49:99:93:6a:3f:1d:7d:19:a3:ce:93:7c:ce:65:
d4:87:92:d5:14:3a:e4:ec:31:97:5a:52:49:a7:16:b9:36:c3:
f0:90:b2:37
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQXCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTEwMDE4WhcNMjUwMTI1MTEwMDE4WjAYMRYw
FAYDVQQDEw02NzgyNGY0Ni1iOGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6kCX1MrsO5A6YbN5LpG6KMAJ+GF22yIiXUkrZkSi7JlrNi3h3RZguwZp
d0RWucyodLPtOvgAVt5j5UgqlY7wYjAhJmACZ83LfCrgA1Aj+gdBZHIfCq7EYUMs
Djv99jEbi9fxOQKwatHZHd1YL2MjG/AENayPr2352qGyUqttCsN5KxTrC060t/cs
JlHDkdNItJPj9POeeP480Iy5B4QkMu/f4sAOC9Wfww14NebFCaX+QRpCWeOFvyy0
9Z+UfxX+M+e4sSBbuK7zrhpvxfNhSyh+vaa03EYGeUOiczCStaom+DejifWom+bB
3S4qHF3T5BEpdZ9HY1b1g75qlMX3dQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFlD
/cq/Z0iFvM//I00mO7eb6VLKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MEMwQTY3Q0QwMEIxMUVGQUM5MEY4OTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPIKMA0GCSqGSIb3DQEBCwUA
A4IBAQBGCCqq3+3YWB5sPMF5rIjg08TtzywUfThOzpbCBwCjZNM1vFXBgqGknakU
/T/KKfWY7XfizEHV/NkR0umHlBbgl5/n33NvZ6WHRSIqmHVtIpHYLHnLJSEi1Uud
Lr3/QZ3lS1BbbGTkvgNqdQovxj6w5xR9ZAFBZTMke+qySDzdcYosDlhi5iQDQwIB
DFFEVBbBDgENebQRNJEj3SvUS+cL11musVu4lHIRn/bvfIzTWMVfe+USvW5R2DWi
fxGuK59R1WUh753VuS6min8ZLP0mNMCFyRAOS35TFTz+SZmTaj8dfRmjzpN8zmXU
h5LVFDrk7DGXWlJJpxa5NsPwkLI3
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:39 2025 by rpki-client