Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/413585F6F5DF11EF888FF175762E951A.roa
File: 413585F6F5DF11EF888FF175762E951A.roa (raw, json)
Hash identifier: L604/lOAeqsUi8BTf7oft4EsO9OzT13tcwK9fX2LDEo=
Subject key identifier: C6:E0:72:E9:3E:4D:AD:A7:BC:D6:6A:BE:9D:5B:F4:3F:03:DE:67:4D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013E3C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/413585F6F5DF11EF888FF175762E951A.roa
Signing time: Fri 28 Feb 2025 14:21:09 +0000
ROA not before: Fri 28 Feb 2025 14:21:05 +0000
ROA not after: Fri 04 Apr 2025 14:21:05 +0000
asID: 213636
IP address blocks: 156.229.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81468 (0x13e3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 14:21:05 2025 GMT
Not After : Apr 4 14:21:05 2025 GMT
Subject: CN=67c1c655-b714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7e:07:d3:44:1e:7e:bd:b2:09:eb:89:3b:fe:
09:e9:ca:9e:05:cd:95:d3:b3:98:28:9d:6c:03:d3:
de:4c:4e:de:a2:0c:c5:18:5a:1f:d5:46:b6:dd:b2:
a7:62:21:7b:01:e0:05:ed:a7:7d:39:bb:59:e3:48:
cd:3e:3a:92:7a:0e:31:88:6d:3c:f5:23:9c:a0:e4:
2d:10:e0:1c:ae:08:72:fe:7f:cc:4f:bc:21:8f:6d:
91:5a:7b:97:9c:50:fa:e5:c3:d4:9e:d7:0f:d4:26:
10:52:16:85:30:86:62:55:ad:f7:1a:eb:6c:8e:a0:
60:c2:e7:62:8a:8e:e9:5f:44:41:c2:3b:94:30:22:
92:4a:a5:f6:f7:f8:e4:22:38:83:c7:39:6e:20:3f:
6d:a2:97:f4:59:75:40:2a:f8:2b:39:23:03:af:3f:
88:cf:64:2a:19:81:44:c6:4a:f5:4f:3b:e7:08:78:
8d:bf:87:7c:aa:64:92:bc:d0:50:5c:21:2d:40:46:
89:ea:54:08:33:f5:cc:87:c3:8f:a7:b5:4f:b4:60:
77:2f:05:9a:25:6d:0f:2c:08:19:af:07:c8:d3:c0:
16:78:1a:9c:5a:89:ca:de:99:2e:3e:3e:0a:ad:fb:
cc:39:2f:cd:d2:19:47:87:d2:dc:0c:f2:b7:48:20:
e8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E0:72:E9:3E:4D:AD:A7:BC:D6:6A:BE:9D:5B:F4:3F:03:DE:67:4D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/413585F6F5DF11EF888FF175762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.236.0/24
Signature Algorithm: sha256WithRSAEncryption
26:ae:7e:6c:d5:c9:13:5d:b1:d7:54:ca:85:6a:4f:84:8f:22:
07:bd:0c:b6:b8:b7:b5:72:2c:aa:d0:98:43:51:d8:2b:40:f4:
36:d7:32:f6:c1:3a:9e:27:ea:57:79:e3:f5:68:67:59:8e:0d:
a1:6a:a2:d8:36:d0:ab:fa:6a:0b:ff:63:25:1e:9f:6d:97:a9:
30:b0:55:b4:4d:02:b2:c1:a2:a4:99:58:a8:0f:82:bf:21:5b:
fa:85:1b:30:f6:9c:2a:a4:a2:e1:54:f7:4d:61:d0:b5:3b:d8:
46:33:51:72:5d:85:e2:df:34:9a:37:86:08:1d:b3:d6:e9:8b:
7c:38:76:fe:55:a1:5f:66:89:1d:e5:a6:d8:6a:26:79:53:96:
4e:21:79:72:b9:91:31:c3:9e:e4:c6:49:14:f2:a9:19:80:34:
0e:c5:f4:71:10:d6:cc:b0:88:d6:23:15:90:bb:d7:ba:d6:66:
6b:16:08:7e:7f:07:ee:41:43:ad:6f:80:af:4f:16:4f:02:ad:
d7:c5:62:22:70:4a:65:d3:a8:f2:ca:23:d4:7e:5d:02:07:0f:
a8:95:41:3a:21:7c:a3:1e:f3:d1:02:d3:14:d0:46:0b:20:26:
33:18:b6:b0:47:54:46:dc:55:84:2b:38:05:e6:d6:af:aa:85:
5a:cc:4b:ed
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT48MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTQyMTA1WhcNMjUwNDA0MTQyMTA1WjAYMRYw
FAYDVQQDEw02N2MxYzY1NS1iNzE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw34H00Qefr2yCeuJO/4J6cqeBc2V07OYKJ1sA9PeTE7eogzFGFof1Ua2
3bKnYiF7AeAF7ad9ObtZ40jNPjqSeg4xiG089SOcoOQtEOAcrghy/n/MT7whj22R
WnuXnFD65cPUntcP1CYQUhaFMIZiVa33GutsjqBgwudiio7pX0RBwjuUMCKSSqX2
9/jkIjiDxzluID9topf0WXVAKvgrOSMDrz+Iz2QqGYFExkr1TzvnCHiNv4d8qmSS
vNBQXCEtQEaJ6lQIM/XMh8OPp7VPtGB3LwWaJW0PLAgZrwfI08AWeBqcWonK3pku
Pj4KrfvMOS/N0hlHh9LcDPK3SCDoVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMbg
cuk+Ta2nvNZqvp1b9D8D3mdNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MTM1ODVGNkY1REYxMUVGODg4RkYxNzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOXsMA0GCSqGSIb3DQEBCwUA
A4IBAQAmrn5s1ckTXbHXVMqFak+EjyIHvQy2uLe1ciyq0JhDUdgrQPQ21zL2wTqe
J+pXeeP1aGdZjg2haqLYNtCr+moL/2MlHp9tl6kwsFW0TQKywaKkmVioD4K/IVv6
hRsw9pwqpKLhVPdNYdC1O9hGM1FyXYXi3zSaN4YIHbPW6Yt8OHb+VaFfZokd5abY
aiZ5U5ZOIXlyuZExw57kxkkU8qkZgDQOxfRxENbMsIjWIxWQu9e61mZrFgh+fwfu
QUOtb4CvTxZPAq3XxWIicEpl06jyyiPUfl0CBw+olUE6IXyjHvPRAtMU0EYLICYz
GLawR1RG3FWEKzgF5tavqoVazEvt
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:30:45 2025 by rpki-client