Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A258EF2CCD811EF9EEE3AAF762E951A.roa
File: 4A258EF2CCD811EF9EEE3AAF762E951A.roa (raw, json)
Hash identifier: anbRSOvP3ury1GnfNtRqnr/i3yP8dRRXuerMR0vLlao=
Subject key identifier: C5:8B:FE:00:C4:C0:16:F2:2A:DA:BC:CD:EF:81:81:AD:AB:AF:F1:54
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB26
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A258EF2CCD811EF9EEE3AAF762E951A.roa
Signing time: Tue 07 Jan 2025 09:18:00 +0000
ROA not before: Tue 07 Jan 2025 09:17:56 +0000
ROA not after: Sat 18 Jan 2025 09:17:56 +0000
asID: 133522
IP address blocks: 156.227.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64294 (0xfb26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:17:56 2025 GMT
Not After : Jan 18 09:17:56 2025 GMT
Subject: CN=677cf148-3396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:20:b4:0f:a3:71:07:6f:2d:3c:cb:e7:34:30:
01:43:6d:61:a8:43:06:87:91:78:6d:3c:b1:c6:8b:
8d:7c:fb:74:f0:2d:49:c0:34:55:a4:bf:f2:99:2b:
cf:7f:28:f0:3b:c8:ab:96:4d:de:4f:ae:1b:f6:4e:
b8:42:d7:34:4f:19:4d:9b:cb:b3:d2:4b:91:36:fb:
f4:f0:bd:64:47:10:44:57:36:57:8c:05:d0:79:2d:
5a:90:fa:a6:0e:fc:65:fa:fa:5b:a8:02:f6:2b:8e:
20:6a:07:2e:e5:89:d6:e3:a7:9e:d5:9f:4b:b6:fd:
bc:d9:5b:cf:60:5c:9b:31:9a:a7:95:f3:5b:66:f3:
73:38:4e:61:f8:68:0f:f8:11:75:a3:25:5b:35:f9:
54:99:84:4d:de:7f:6c:e1:6a:2e:4f:8d:a0:b1:04:
b7:8b:fa:d2:f4:c3:a0:56:18:96:73:99:22:23:29:
c3:e8:70:ac:53:ae:a2:f8:bf:f0:43:2d:ec:b4:97:
a5:00:c7:30:6e:d5:19:85:75:bc:12:75:22:54:5c:
62:14:a5:5a:7e:da:3e:98:89:42:25:8c:23:63:36:
2b:4b:5f:68:4d:d6:7d:f2:4c:96:6a:d9:47:84:6d:
56:42:35:55:49:a1:a3:66:96:b3:29:ab:63:82:6c:
f9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:8B:FE:00:C4:C0:16:F2:2A:DA:BC:CD:EF:81:81:AD:AB:AF:F1:54
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A258EF2CCD811EF9EEE3AAF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.32.0/19
Signature Algorithm: sha256WithRSAEncryption
40:79:df:7a:75:84:3c:0f:ca:78:0a:55:12:c1:23:d0:f7:2f:
fd:a3:79:94:9a:64:1d:96:57:a1:a2:7b:4e:ed:08:25:7a:38:
2d:4a:7c:ac:b4:3a:da:dc:c0:0e:f8:6a:69:81:85:36:a1:72:
50:d5:d2:46:fe:eb:3f:c0:c3:96:00:3c:9b:26:4c:01:b6:67:
24:7f:e6:6a:20:a1:0e:47:5f:fe:a6:65:5f:66:9c:43:a4:4f:
8a:69:2d:dc:7a:64:5d:91:f0:da:81:5e:04:d7:23:63:8a:c6:
45:81:cd:1f:3a:c7:5b:4b:ca:8f:14:54:15:99:61:01:dc:36:
c1:4b:f8:f0:be:b7:0b:ea:3f:6a:c9:9c:4e:a0:1d:b7:81:2d:
e7:6f:b1:a7:fa:f3:47:63:a8:c1:47:83:fd:68:98:48:b5:7a:
b6:a8:0c:e1:65:b5:18:f4:39:36:a9:56:aa:99:6f:2f:a5:28:
08:9f:0c:4a:4a:83:00:42:b0:b8:67:fa:50:51:ec:3c:b9:5f:
b3:59:d9:96:0a:29:41:75:7e:93:1f:19:07:87:17:bb:7a:f9:
19:09:74:89:82:f4:dc:0d:e9:b6:8e:ff:a9:ac:e3:0f:db:e2:
b6:fc:0a:cf:28:80:ea:84:7a:97:c6:99:ff:92:86:33:89:17:
16:5c:37:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPsmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkxNzU2WhcNMjUwMTE4MDkxNzU2WjAYMRYw
FAYDVQQDEw02NzdjZjE0OC0zMzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoiC0D6NxB28tPMvnNDABQ21hqEMGh5F4bTyxxouNfPt08C1JwDRVpL/y
mSvPfyjwO8irlk3eT64b9k64Qtc0TxlNm8uz0kuRNvv08L1kRxBEVzZXjAXQeS1a
kPqmDvxl+vpbqAL2K44gagcu5YnW46ee1Z9Ltv282VvPYFybMZqnlfNbZvNzOE5h
+GgP+BF1oyVbNflUmYRN3n9s4WouT42gsQS3i/rS9MOgVhiWc5kiIynD6HCsU66i
+L/wQy3stJelAMcwbtUZhXW8EnUiVFxiFKVafto+mIlCJYwjYzYrS19oTdZ98kyW
atlHhG1WQjVVSaGjZpazKatjgmz5VwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMWL
/gDEwBbyKtq8ze+Bga2rr/FUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QTI1OEVGMkNDRDgxMUVGOUVFRTNBQUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnOMgMA0GCSqGSIb3DQEBCwUA
A4IBAQBAed96dYQ8D8p4ClUSwSPQ9y/9o3mUmmQdllehontO7QglejgtSnystDra
3MAO+GppgYU2oXJQ1dJG/us/wMOWADybJkwBtmckf+ZqIKEOR1/+pmVfZpxDpE+K
aS3cemRdkfDagV4E1yNjisZFgc0fOsdbS8qPFFQVmWEB3DbBS/jwvrcL6j9qyZxO
oB23gS3nb7Gn+vNHY6jBR4P9aJhItXq2qAzhZbUY9Dk2qVaqmW8vpSgInwxKSoMA
QrC4Z/pQUew8uV+zWdmWCilBdX6THxkHhxe7evkZCXSJgvTcDem2jv+prOMP2+K2
/ArPKIDqhHqXxpn/koYziRcWXDfE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:52 2025 by rpki-client