Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42213288CC2411EF81A4A4B1762E951A.roa
File: 42213288CC2411EF81A4A4B1762E951A.roa (raw, json)
Hash identifier: u9WdMXxBX+qU4zHq92g0FxgP6YYA9iQRVYhGFbP0tSE=
Subject key identifier: 77:F1:45:14:7F:F4:CC:61:C8:71:1C:BF:55:81:14:C8:C4:8B:45:92
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F8C3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42213288CC2411EF81A4A4B1762E951A.roa
Signing time: Mon 06 Jan 2025 11:49:17 +0000
ROA not before: Mon 06 Jan 2025 11:49:07 +0000
ROA not after: Sat 18 Jan 2025 11:49:07 +0000
asID: 151206
IP address blocks: 156.240.72.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63683 (0xf8c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 11:49:07 2025 GMT
Not After : Jan 18 11:49:07 2025 GMT
Subject: CN=677bc33d-e27a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c3:14:62:f3:5c:8d:27:49:31:e5:33:d9:61:
a3:02:97:8c:f8:69:e3:21:f3:04:7d:98:af:02:a7:
49:02:91:61:c0:96:b4:f8:b6:f0:83:c9:65:97:81:
b7:3e:b1:51:57:08:67:14:ea:bd:15:37:dc:bc:c1:
7b:53:09:a9:fa:d1:eb:52:dd:14:68:a8:d2:c4:62:
33:19:bf:16:6b:7a:ed:93:f5:18:a3:f8:bd:05:2b:
05:59:43:83:7c:87:08:71:f3:07:5f:3c:51:97:59:
ac:7f:21:9f:cc:75:1e:43:d2:63:d1:e2:16:6d:12:
30:bd:8c:e9:7c:28:f7:8a:84:09:5e:8e:f3:61:08:
f4:4b:08:c8:63:bb:db:88:b8:b4:b8:1e:c6:c2:c5:
f0:11:c2:3c:6a:03:78:5f:e2:28:3c:32:da:42:40:
d6:81:e9:9a:0e:20:ed:e4:5f:e8:94:a9:33:07:65:
82:e1:ce:bc:87:8a:fb:3b:57:20:77:c9:e8:e4:28:
33:6a:c8:b1:02:59:5d:b4:ef:64:1e:34:63:f5:d4:
f4:33:51:1d:5e:19:2d:66:f3:6e:b6:19:d0:5c:42:
8e:23:7e:0e:3e:1b:32:e1:c0:d0:d7:6a:ad:9e:60:
ab:b1:9c:33:41:d3:f4:0c:c2:1c:ad:10:88:7d:95:
10:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F1:45:14:7F:F4:CC:61:C8:71:1C:BF:55:81:14:C8:C4:8B:45:92
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42213288CC2411EF81A4A4B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.72.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:3e:3c:cd:e8:6b:e6:f9:b9:cb:97:3d:5e:03:69:49:aa:a2:
88:e6:8a:21:3a:1a:a7:3d:d7:dc:28:4c:f0:19:11:17:0c:37:
d3:51:a3:a4:8c:7d:09:e4:df:72:91:f8:4f:33:df:70:69:d1:
c1:02:29:bb:1b:75:41:5e:72:c0:3b:3a:a2:d0:3c:bf:d2:24:
b7:6e:8f:5a:5a:9f:43:da:1f:c7:17:69:9a:70:11:ea:28:bc:
75:14:f7:4a:54:d8:95:7a:25:e3:2c:cc:c7:b0:47:e3:77:90:
4e:5e:24:4c:06:9d:ce:df:56:ff:1a:70:46:fa:2f:62:6c:7e:
9d:65:73:0d:bd:42:c3:e9:3f:6e:a2:cc:00:23:71:ea:d0:70:
46:98:12:6e:60:2e:c3:86:da:a5:d9:23:31:bc:ad:ed:ee:5d:
54:ea:dc:e6:46:45:fd:55:04:94:ed:79:55:93:b2:fb:a4:5b:
15:0f:58:b1:1d:58:d4:dd:a5:a4:8f:f4:9b:d1:8a:ec:3b:24:
05:32:82:2c:51:db:7d:e0:f3:4d:d2:31:0e:c7:e3:18:a6:c2:
e2:f2:94:a5:64:68:8c:09:ad:c5:45:c8:04:16:57:cd:7a:3a:
cf:05:1b:5e:48:a0:5c:10:4a:85:ad:eb:71:47:4b:1a:05:cf:
ac:ee:9f:81
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPjDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MTE0OTA3WhcNMjUwMTE4MTE0OTA3WjAYMRYw
FAYDVQQDEw02NzdiYzMzZC1lMjdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyMMUYvNcjSdJMeUz2WGjApeM+GnjIfMEfZivAqdJApFhwJa0+Lbwg8ll
l4G3PrFRVwhnFOq9FTfcvMF7Uwmp+tHrUt0UaKjSxGIzGb8Wa3rtk/UYo/i9BSsF
WUODfIcIcfMHXzxRl1msfyGfzHUeQ9Jj0eIWbRIwvYzpfCj3ioQJXo7zYQj0SwjI
Y7vbiLi0uB7GwsXwEcI8agN4X+IoPDLaQkDWgemaDiDt5F/olKkzB2WC4c68h4r7
O1cgd8no5CgzasixAlldtO9kHjRj9dT0M1EdXhktZvNuthnQXEKOI34OPhsy4cDQ
12qtnmCrsZwzQdP0DMIcrRCIfZUQZwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHfx
RRR/9MxhyHEcv1WBFMjEi0WSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MjIxMzI4OENDMjQxMUVGODFBNEE0QjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPBIMA0GCSqGSIb3DQEBCwUA
A4IBAQBsPjzN6Gvm+bnLlz1eA2lJqqKI5oohOhqnPdfcKEzwGREXDDfTUaOkjH0J
5N9ykfhPM99wadHBAim7G3VBXnLAOzqi0Dy/0iS3bo9aWp9D2h/HF2macBHqKLx1
FPdKVNiVeiXjLMzHsEfjd5BOXiRMBp3O31b/GnBG+i9ibH6dZXMNvULD6T9uoswA
I3Hq0HBGmBJuYC7Dhtql2SMxvK3t7l1U6tzmRkX9VQSU7XlVk7L7pFsVD1ixHVjU
3aWkj/Sb0YrsOyQFMoIsUdt94PNN0jEOx+MYpsLi8pSlZGiMCa3FRcgEFlfNejrP
BRteSKBcEEqFretxR0saBc+s7p+B
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:31 2025 by rpki-client