Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/46448008C5CC11EFA64AAD62762E951A.roa
File: 46448008C5CC11EFA64AAD62762E951A.roa (raw, json)
Hash identifier: j3lkbqYhWhDnMVTfLDCmdDMR+vF9gEHopiBz7WtFpqw=
Subject key identifier: AB:D0:26:B4:EA:51:92:5E:0C:D7:B2:2F:CA:27:F7:63:3E:F0:DE:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F1C2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/46448008C5CC11EFA64AAD62762E951A.roa
Signing time: Sun 29 Dec 2024 10:04:21 +0000
ROA not before: Sun 29 Dec 2024 10:04:18 +0000
ROA not after: Fri 31 Jan 2025 10:04:18 +0000
asID: 205125
IP address blocks: 156.255.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61890 (0xf1c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 29 10:04:18 2024 GMT
Not After : Jan 31 10:04:18 2025 GMT
Subject: CN=67711ea5-bf1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:89:6b:2f:58:a8:2d:6b:a5:e9:84:21:e4:43:
90:99:a5:9a:2c:a6:cb:08:02:27:5f:c0:65:0b:e0:
d1:48:e0:b2:27:b4:3b:c5:86:af:a4:0f:30:9e:fc:
bc:aa:20:8a:5c:e3:92:3f:3a:45:7d:a4:28:59:c1:
bf:d5:e6:c5:48:60:08:9e:7e:fc:d0:bf:cf:83:6a:
81:d3:1f:ae:db:65:ab:aa:de:5b:a9:54:89:06:4f:
47:c0:0f:81:fc:a6:48:61:17:5c:93:19:2c:b3:80:
ca:02:d0:38:fd:05:75:ea:b9:ab:69:a7:91:1a:55:
d5:a3:74:34:ac:22:a7:a2:da:3b:f9:96:fc:28:b3:
1c:90:37:af:41:7d:11:21:49:19:15:40:68:9d:71:
ea:07:1d:b9:60:8b:af:f1:fb:42:15:0b:3b:8a:7f:
66:9e:29:6b:09:98:ab:97:7e:0f:b5:92:ff:e0:72:
fd:34:61:b4:1a:ca:86:ff:67:45:75:c8:ac:0b:93:
70:1d:2f:d8:d6:dd:20:6b:d5:a9:56:e6:6a:e9:2e:
f8:76:00:fa:6e:d7:b4:42:d3:b0:64:f6:51:0f:4c:
33:97:b6:fd:ab:25:3a:98:47:ad:4f:a9:ec:c2:e3:
4e:3a:3d:90:4b:47:0a:51:10:e9:6f:4b:33:4e:1e:
0e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D0:26:B4:EA:51:92:5E:0C:D7:B2:2F:CA:27:F7:63:3E:F0:DE:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/46448008C5CC11EFA64AAD62762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.9.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:c9:6a:6c:a7:a0:ba:07:39:88:5f:d5:96:af:f1:48:61:46:
e3:8f:b1:e9:30:1f:62:4a:0e:43:59:df:bd:70:d8:07:57:d5:
4d:b9:be:d9:4a:16:fc:9c:fc:88:4f:d9:cd:63:6e:dd:9e:8c:
91:70:6b:bb:fb:d9:89:8b:6d:90:2a:c2:3d:27:92:2f:fe:97:
6b:d1:59:8b:52:49:50:55:da:77:da:87:c3:d4:3f:08:ee:04:
21:f1:d3:f6:16:ce:0f:89:8e:b8:19:f2:3b:9d:df:00:a9:10:
af:e3:ed:c7:76:a5:f9:a2:98:ba:2e:59:c7:35:7a:7c:38:e4:
94:5f:db:6a:9a:02:4e:f0:d7:ad:bc:45:f6:1c:c4:7a:08:a7:
25:81:ab:95:a1:1f:27:99:77:56:f2:0e:5f:bb:c7:28:5f:be:
c3:6c:04:f7:97:db:f4:46:85:d7:ef:26:6b:79:1b:e8:02:01:
03:e7:0c:11:37:d8:eb:d8:0c:6c:18:fe:38:66:0e:cd:f1:9f:
97:d2:38:06:fc:77:f5:a7:53:33:aa:6f:f2:19:fb:9f:7c:d1:
bf:7a:03:74:c3:e2:98:b9:bd:5b:d5:a4:83:16:84:c0:56:8e:
da:a8:60:c4:fe:45:b1:d1:d6:ad:68:0c:ac:d4:4c:c8:13:41:
a5:96:fb:ce
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPHCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI5MTAwNDE4WhcNMjUwMTMxMTAwNDE4WjAYMRYw
FAYDVQQDEw02NzcxMWVhNS1iZjFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsIlrL1ioLWul6YQh5EOQmaWaLKbLCAInX8BlC+DRSOCyJ7Q7xYavpA8w
nvy8qiCKXOOSPzpFfaQoWcG/1ebFSGAInn780L/Pg2qB0x+u22Wrqt5bqVSJBk9H
wA+B/KZIYRdckxkss4DKAtA4/QV16rmraaeRGlXVo3Q0rCKnoto7+Zb8KLMckDev
QX0RIUkZFUBonXHqBx25YIuv8ftCFQs7in9mnilrCZirl34PtZL/4HL9NGG0GsqG
/2dFdcisC5NwHS/Y1t0ga9WpVuZq6S74dgD6bte0QtOwZPZRD0wzl7b9qyU6mEet
T6nswuNOOj2QS0cKURDpb0szTh4OiwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKvQ
JrTqUZJeDNeyL8on92M+8N6yMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NjQ0ODAwOEM1Q0MxMUVGQTY0QUFENjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8JMA0GCSqGSIb3DQEBCwUA
A4IBAQAryWpsp6C6BzmIX9WWr/FIYUbjj7HpMB9iSg5DWd+9cNgHV9VNub7ZShb8
nPyIT9nNY27dnoyRcGu7+9mJi22QKsI9J5Iv/pdr0VmLUklQVdp32ofD1D8I7gQh
8dP2Fs4PiY64GfI7nd8AqRCv4+3HdqX5opi6LlnHNXp8OOSUX9tqmgJO8NetvEX2
HMR6CKclgauVoR8nmXdW8g5fu8coX77DbAT3l9v0RoXX7yZreRvoAgED5wwRN9jr
2AxsGP44Zg7N8Z+X0jgG/Hf1p1Mzqm/yGfuffNG/egN0w+KYub1b1aSDFoTAVo7a
qGDE/kWx0dataAys1EzIE0GllvvO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:37 2025 by rpki-client