Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4733343ACBF011EFBEBE4F6D762E951A.roa
File: 4733343ACBF011EFBEBE4F6D762E951A.roa (raw, json)
Hash identifier: irkKWlpWFGRMvp9cOugsH6jT3FwPg/m/PuELNHpOoes=
Subject key identifier: 34:CD:FE:27:BE:09:8D:FA:6B:43:A6:63:0D:67:61:2A:C3:F6:99:62
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F83A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4733343ACBF011EFBEBE4F6D762E951A.roa
Signing time: Mon 06 Jan 2025 05:37:12 +0000
ROA not before: Mon 06 Jan 2025 05:37:08 +0000
ROA not after: Tue 04 Feb 2025 05:37:08 +0000
asID: 5065
IP address blocks: 156.255.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63546 (0xf83a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 05:37:08 2025 GMT
Not After : Feb 4 05:37:08 2025 GMT
Subject: CN=677b6c08-6735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:08:96:b8:71:aa:9d:34:9e:35:32:aa:bf:88:
e8:63:35:a5:d5:42:55:76:81:9d:b7:aa:5d:dc:db:
dc:5c:0f:6d:59:e7:64:5c:98:8d:01:80:f5:ef:3b:
f6:a1:d6:dd:96:72:2c:e4:64:ca:d8:81:7a:1a:58:
d7:27:dd:ca:7a:6a:07:5e:33:8a:d9:06:87:86:3a:
1e:13:92:8a:1d:ea:8f:76:eb:42:62:04:06:67:b0:
b7:2d:b5:41:cb:e2:7e:4d:3c:c6:5b:6a:dc:16:07:
a0:e2:3e:bd:78:55:7d:45:05:ed:52:e1:30:96:2f:
1e:df:93:d9:a6:8d:49:9f:41:28:23:9f:2c:72:76:
da:da:79:17:81:e9:c6:55:6c:6e:b3:c5:18:ed:47:
94:35:7a:6d:49:86:53:21:13:5f:21:36:c4:2a:4a:
0f:c9:e6:24:d5:82:0e:f9:21:08:90:d1:1c:d0:c4:
fc:b7:bd:5f:a5:73:87:af:3e:f2:54:e8:1b:8f:10:
9d:6b:56:5a:ac:84:98:24:9e:99:f6:fd:5a:0c:83:
02:cd:88:46:ed:23:f0:5e:4a:77:b2:1e:d8:14:ca:
b9:77:ce:30:dd:94:5a:56:3c:08:5b:cc:86:85:dc:
51:40:09:d8:f6:af:12:2c:31:ef:ea:4d:d6:2c:81:
10:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CD:FE:27:BE:09:8D:FA:6B:43:A6:63:0D:67:61:2A:C3:F6:99:62
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4733343ACBF011EFBEBE4F6D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.64.0/22
Signature Algorithm: sha256WithRSAEncryption
55:7d:ee:5c:8f:e0:8a:27:dd:88:5f:0b:a4:43:fe:4a:52:08:
2c:51:94:94:7b:67:8e:4d:a7:65:f6:70:50:01:83:eb:4a:8b:
b5:18:69:02:62:80:c4:dd:dc:71:4d:13:56:2f:62:cf:e6:de:
98:fe:9e:37:e5:65:8d:bc:5b:9e:38:df:67:0e:e6:1a:0c:58:
53:9a:c6:b9:1c:2c:ff:de:79:e9:37:b2:5b:d9:b3:b3:04:54:
cf:5e:4d:77:48:c3:6b:09:ea:54:96:e1:e1:19:db:ab:e5:56:
e6:84:bd:26:8b:9c:f5:95:a5:99:00:95:81:5e:71:c8:43:d9:
38:4b:1e:94:20:6c:67:7b:14:e4:be:65:98:43:f5:6d:d0:cd:
ec:3e:b3:bb:0c:8d:58:bc:22:72:30:98:09:97:db:95:20:80:
97:ad:a8:ca:a5:0b:2b:b1:27:dd:ef:34:67:39:e6:26:9e:fa:
11:66:4f:f4:4e:6e:a2:f1:92:d3:49:da:5e:6b:7e:77:28:99:
45:d0:9c:c0:34:a2:47:e1:ec:cf:05:d9:9d:73:32:ba:68:73:
be:8c:38:92:98:8b:66:11:7a:3b:0d:92:fe:23:79:82:b6:95:
ae:59:ba:28:26:e1:53:ee:81:c1:b0:ac:3a:ac:bf:bd:f6:39:
77:c4:ec:1e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPg6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDUzNzA4WhcNMjUwMjA0MDUzNzA4WjAYMRYw
FAYDVQQDEw02NzdiNmMwOC02NzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArQiWuHGqnTSeNTKqv4joYzWl1UJVdoGdt6pd3NvcXA9tWedkXJiNAYD1
7zv2odbdlnIs5GTK2IF6GljXJ93KemoHXjOK2QaHhjoeE5KKHeqPdutCYgQGZ7C3
LbVBy+J+TTzGW2rcFgeg4j69eFV9RQXtUuEwli8e35PZpo1Jn0EoI58scnba2nkX
genGVWxus8UY7UeUNXptSYZTIRNfITbEKkoPyeYk1YIO+SEIkNEc0MT8t71fpXOH
rz7yVOgbjxCda1ZarISYJJ6Z9v1aDIMCzYhG7SPwXkp3sh7YFMq5d84w3ZRaVjwI
W8yGhdxRQAnY9q8SLDHv6k3WLIEQ8wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDTN
/ie+CY36a0OmYw1nYSrD9pliMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NzMzMzQzQUNCRjAxMUVGQkVCRTRGNkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnP9AMA0GCSqGSIb3DQEBCwUA
A4IBAQBVfe5cj+CKJ92IXwukQ/5KUggsUZSUe2eOTadl9nBQAYPrSou1GGkCYoDE
3dxxTRNWL2LP5t6Y/p435WWNvFueON9nDuYaDFhTmsa5HCz/3nnpN7Jb2bOzBFTP
Xk13SMNrCepUluHhGdur5VbmhL0mi5z1laWZAJWBXnHIQ9k4Sx6UIGxnexTkvmWY
Q/Vt0M3sPrO7DI1YvCJyMJgJl9uVIICXrajKpQsrsSfd7zRnOeYmnvoRZk/0Tm6i
8ZLTSdpea353KJlF0JzANKJH4ezPBdmdczK6aHO+jDiSmItmEXo7DZL+I3mCtpWu
WbooJuFT7oHBsKw6rL+99jl3xOwe
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:02 2025 by rpki-client