Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43B10C9ACACB11EFA66209A0762E951A.roa
File: 43B10C9ACACB11EFA66209A0762E951A.roa (raw, json)
Hash identifier: jGFB4AlNyNeutB3k1xQNJoe7IvL6YYnbg3Xd+BJ0HH8=
Subject key identifier: EE:85:39:FA:84:6F:E9:ED:A5:BB:BD:1B:BA:3A:DA:94:B6:86:88:19
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F750
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43B10C9ACACB11EFA66209A0762E951A.roa
Signing time: Sat 04 Jan 2025 18:39:44 +0000
ROA not before: Sun 05 Jan 2025 18:39:40 +0000
ROA not after: Fri 17 Jan 2025 18:39:40 +0000
asID: 39600
IP address blocks: 156.252.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63312 (0xf750)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 18:39:40 2025 GMT
Not After : Jan 17 18:39:40 2025 GMT
Subject: CN=6779806f-2a00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7c:82:5c:88:9a:8f:73:6d:74:cd:5f:0a:31:
d6:23:bb:cd:74:06:85:91:10:bd:2b:9b:19:f8:01:
7d:f0:64:d0:f5:07:18:1b:27:46:b1:de:93:3b:6e:
44:53:94:12:24:a1:8d:56:c2:0d:e8:a5:aa:cc:4b:
88:2b:bf:26:5f:96:60:d4:3f:57:a1:ba:50:54:a3:
67:5e:a1:69:07:b6:6f:b9:d2:4c:75:79:fa:46:8a:
3b:8f:59:5f:18:f6:59:b1:27:fc:5c:24:49:a8:24:
78:13:81:52:d3:34:50:f4:cb:36:b3:13:3a:33:16:
ae:d9:5f:e4:cd:b0:48:98:58:b8:fc:6b:c8:1e:fe:
6d:1c:83:d2:da:ab:45:a8:cf:67:79:d3:cc:91:8c:
20:6c:96:c3:75:f8:74:c5:45:fc:c1:59:87:65:ad:
75:6b:25:46:e3:c2:c4:46:81:c7:5c:33:a9:13:c8:
63:b8:15:65:19:09:39:2f:86:df:89:8e:a4:ef:ec:
9f:5c:67:ea:a2:60:2f:d8:8b:56:18:df:4d:07:08:
c2:fe:26:12:ea:a2:f1:51:18:55:2c:a8:81:63:ff:
86:10:0e:86:84:4b:af:20:bf:47:a7:b3:44:fb:c4:
e6:4e:de:e2:12:5e:0c:57:1f:04:e0:b8:aa:de:aa:
38:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:85:39:FA:84:6F:E9:ED:A5:BB:BD:1B:BA:3A:DA:94:B6:86:88:19
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43B10C9ACACB11EFA66209A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.10.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:08:b3:c3:4e:da:2a:e0:c5:18:2f:db:93:0f:33:9e:5a:25:
f8:64:c1:1c:56:0d:7a:3b:29:d7:d6:10:04:0c:a9:80:df:61:
a8:67:df:2a:85:b8:1f:23:ec:c8:d7:82:a6:e8:d3:f1:31:76:
f1:38:03:41:a4:9e:35:e9:76:3c:db:dd:51:6a:81:95:16:40:
e0:7b:c7:bd:6e:fa:3f:e1:6d:26:71:c1:9e:73:e7:b9:78:8a:
4b:46:9a:ba:8e:55:00:8b:ba:5a:ce:5e:3e:2c:34:5e:a0:4f:
48:e3:df:b8:78:14:c9:5e:1c:70:a8:40:04:31:8d:90:d8:d0:
ea:e2:f4:4b:42:9e:01:67:67:5d:f9:0b:57:68:dc:1c:fb:a2:
12:f5:a3:9c:f0:8a:d6:88:a7:8d:80:f0:cd:03:c0:0e:2b:b4:
d0:7b:71:6b:55:42:a8:a1:d6:ba:76:28:d4:4e:33:73:61:f4:
0c:7f:65:45:ee:00:42:21:76:a5:29:92:14:b7:41:83:c0:04:
91:ec:e9:44:36:3a:c2:63:e2:8d:06:d4:f7:da:50:5b:4d:94:
ae:fa:af:f5:d9:c2:10:59:30:9a:61:18:4c:df:73:5d:9d:71:
a3:2d:04:17:e7:87:64:42:f6:c0:7b:36:e8:c7:de:a7:d8:06:
96:56:ba:af
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPdQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTgzOTQwWhcNMjUwMTE3MTgzOTQwWjAYMRYw
FAYDVQQDEw02Nzc5ODA2Zi0yYTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt3yCXIiaj3NtdM1fCjHWI7vNdAaFkRC9K5sZ+AF98GTQ9QcYGydGsd6T
O25EU5QSJKGNVsIN6KWqzEuIK78mX5Zg1D9XobpQVKNnXqFpB7ZvudJMdXn6Roo7
j1lfGPZZsSf8XCRJqCR4E4FS0zRQ9Ms2sxM6Mxau2V/kzbBImFi4/GvIHv5tHIPS
2qtFqM9nedPMkYwgbJbDdfh0xUX8wVmHZa11ayVG48LERoHHXDOpE8hjuBVlGQk5
L4bfiY6k7+yfXGfqomAv2ItWGN9NBwjC/iYS6qLxURhVLKiBY/+GEA6GhEuvIL9H
p7NE+8TmTt7iEl4MVx8E4Liq3qo48wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO6F
OfqEb+ntpbu9G7o62pS2hogZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80M0IxMEM5QUNBQ0IxMUVGQTY2MjA5QTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwKMA0GCSqGSIb3DQEBCwUA
A4IBAQCmCLPDTtoq4MUYL9uTDzOeWiX4ZMEcVg16OynX1hAEDKmA32GoZ98qhbgf
I+zI14Km6NPxMXbxOANBpJ416XY8291RaoGVFkDge8e9bvo/4W0mccGec+e5eIpL
Rpq6jlUAi7pazl4+LDReoE9I49+4eBTJXhxwqEAEMY2Q2NDq4vRLQp4BZ2dd+QtX
aNwc+6IS9aOc8IrWiKeNgPDNA8AOK7TQe3FrVUKooda6dijUTjNzYfQMf2VF7gBC
IXalKZIUt0GDwASR7OlENjrCY+KNBtT32lBbTZSu+q/12cIQWTCaYRhM33NdnXGj
LQQX54dkQvbAezbox96n2AaWVrqv
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:09 2025 by rpki-client