Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4432374ACCDB11EFB0502742762E951A.roa
File: 4432374ACCDB11EFB0502742762E951A.roa (raw, json)
Hash identifier: ZrOGzEvr4CjMeBZsJjmA6qL3SCdM0q4r52m9f+eXRiE=
Subject key identifier: 3B:7B:5A:B2:F3:23:99:1C:70:C4:C1:92:72:D1:0B:9D:74:7D:8B:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB5B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4432374ACCDB11EFB0502742762E951A.roa
Signing time: Tue 07 Jan 2025 09:39:19 +0000
ROA not before: Tue 07 Jan 2025 09:39:15 +0000
ROA not after: Sat 18 Jan 2025 09:39:15 +0000
asID: 137547
IP address blocks: 156.245.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64347 (0xfb5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:39:15 2025 GMT
Not After : Jan 18 09:39:15 2025 GMT
Subject: CN=677cf646-9b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:49:23:18:03:ca:a1:11:98:0e:a5:81:af:16:
ba:5e:ea:e5:63:f2:e0:5e:5d:31:ba:4b:2e:7c:e6:
09:22:21:22:9f:37:a2:13:ae:09:56:c1:a7:e6:47:
e9:2c:03:6c:29:1a:ff:77:3b:7c:36:12:9a:c1:ab:
18:6a:ae:ec:db:57:7f:04:89:d2:ea:e6:2a:b3:78:
00:b5:91:2a:d9:c6:77:79:f8:d0:47:26:7c:d2:dc:
dd:68:29:46:52:79:4d:55:dc:31:c6:e6:9f:f6:a9:
3d:54:ef:a9:e3:86:77:d9:d5:69:ef:a3:ab:f6:4b:
df:4e:05:54:5c:e4:61:86:6e:e9:d2:47:04:b5:f2:
20:63:8b:f4:36:2f:20:a4:15:db:a4:3e:2a:3f:02:
64:a0:96:2d:5c:14:fe:2b:5b:e1:a4:c0:d0:ec:88:
26:4e:80:83:73:78:d6:d9:32:10:60:f2:15:13:15:
bc:aa:13:20:04:eb:b0:62:ec:74:c1:2c:24:8d:13:
3d:64:97:b7:b4:d0:4c:f4:2f:ed:19:49:df:75:dc:
38:38:58:3d:ad:9b:44:f8:d8:4e:fd:97:77:cb:4b:
1b:14:a4:ac:6d:8d:a0:1a:74:34:19:d9:c0:78:43:
c5:43:12:d6:09:c8:f0:be:da:6c:03:d3:fd:21:03:
7c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:7B:5A:B2:F3:23:99:1C:70:C4:C1:92:72:D1:0B:9D:74:7D:8B:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4432374ACCDB11EFB0502742762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.209.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:e3:4c:c9:85:06:45:db:91:56:5a:88:d8:23:f6:57:b8:09:
31:e3:39:70:ba:24:0f:bf:c5:de:46:31:b6:b5:a5:04:69:16:
be:37:73:71:57:57:fd:26:53:3a:53:2b:99:34:18:a2:23:de:
90:23:c2:1d:51:8c:2d:35:02:38:03:63:b2:5a:27:1c:46:75:
69:96:9d:ea:87:85:80:5d:75:fd:0a:db:86:b9:a8:9b:63:50:
0b:da:0b:9c:72:a4:3d:7f:e8:bf:b9:c0:c7:71:c7:ac:b2:94:
fc:b4:9a:c5:b7:c6:89:3a:b9:5d:df:8b:a8:72:37:ff:e0:28:
7e:cc:fc:32:5d:85:90:5c:42:74:75:2f:ac:3d:cd:8c:06:62:
49:44:00:2c:ec:56:2b:b6:03:f3:1c:6e:b9:5b:ea:c1:b1:6f:
bb:71:f5:f1:6e:17:16:1a:73:5c:59:31:f9:d9:6e:9c:ef:ea:
d4:da:c6:51:0b:df:c2:6a:ea:aa:8b:e9:2d:be:6a:c0:18:c5:
bb:7d:ed:59:44:97:d4:9a:64:2f:36:63:8b:c4:4d:69:9d:e2:
ec:29:88:b0:ad:ee:f1:00:ac:04:34:56:a7:08:8d:a7:d7:7a:
78:f5:ce:3e:98:99:94:d4:02:0c:9a:07:2c:4f:28:a2:1c:ea:
48:3d:2b:b3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPtbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkzOTE1WhcNMjUwMTE4MDkzOTE1WjAYMRYw
FAYDVQQDEw02NzdjZjY0Ni05YjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy0kjGAPKoRGYDqWBrxa6XurlY/LgXl0xuksufOYJIiEinzeiE64JVsGn
5kfpLANsKRr/dzt8NhKawasYaq7s21d/BInS6uYqs3gAtZEq2cZ3efjQRyZ80tzd
aClGUnlNVdwxxuaf9qk9VO+p44Z32dVp76Or9kvfTgVUXORhhm7p0kcEtfIgY4v0
Ni8gpBXbpD4qPwJkoJYtXBT+K1vhpMDQ7IgmToCDc3jW2TIQYPIVExW8qhMgBOuw
Yux0wSwkjRM9ZJe3tNBM9C/tGUnfddw4OFg9rZtE+NhO/Zd3y0sbFKSsbY2gGnQ0
GdnAeEPFQxLWCcjwvtpsA9P9IQN8rwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDt7
WrLzI5kccMTBknLRC510fYunMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NDMyMzc0QUNDREIxMUVGQjA1MDI3NDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPXRMA0GCSqGSIb3DQEBCwUA
A4IBAQCP40zJhQZF25FWWojYI/ZXuAkx4zlwuiQPv8XeRjG2taUEaRa+N3NxV1f9
JlM6UyuZNBiiI96QI8IdUYwtNQI4A2OyWiccRnVplp3qh4WAXXX9CtuGuaibY1AL
2guccqQ9f+i/ucDHccesspT8tJrFt8aJOrld34uocjf/4Ch+zPwyXYWQXEJ0dS+s
Pc2MBmJJRAAs7FYrtgPzHG65W+rBsW+7cfXxbhcWGnNcWTH52W6c7+rU2sZRC9/C
auqqi+ktvmrAGMW7fe1ZRJfUmmQvNmOLxE1pneLsKYiwre7xAKwENFanCI2n13p4
9c4+mJmU1AIMmgcsTyiiHOpIPSuz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:03 2025 by rpki-client