Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BF430C6BD1011EF90F03E9C762E951A.roa
File: 4BF430C6BD1011EF90F03E9C762E951A.roa (raw, json)
Hash identifier: 8V2XJcMFhrOyMqGwPX/GNyOKip+Auk5Sn25D5f0nieY=
Subject key identifier: EB:9E:6F:A6:F7:F3:36:67:07:4E:7B:4E:A3:42:F8:90:6C:7E:A8:73
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E47A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BF430C6BD1011EF90F03E9C762E951A.roa
Signing time: Wed 18 Dec 2024 07:18:36 +0000
ROA not before: Wed 18 Dec 2024 07:18:33 +0000
ROA not after: Thu 23 Jan 2025 07:18:33 +0000
asID: 203020
IP address blocks: 156.243.160.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58490 (0xe47a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 18 07:18:33 2024 GMT
Not After : Jan 23 07:18:33 2025 GMT
Subject: CN=6762774c-bbf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:03:9a:67:8b:88:eb:d8:f0:aa:8a:ea:33:be:
ce:b7:d1:0a:84:d1:4a:ee:53:02:22:33:5f:92:da:
ba:e7:62:f3:e8:aa:49:ca:31:67:56:1f:b3:14:a9:
ce:e5:eb:05:a2:c5:97:02:4c:6b:c5:99:97:48:95:
ec:bd:8a:f3:64:b4:42:35:47:6e:50:5d:73:87:3f:
e7:de:76:a9:ca:c2:4e:f8:0e:dc:1c:ea:d7:f5:0d:
c9:04:c7:44:b4:0e:8b:fc:fb:67:9f:35:7b:d1:7f:
0d:64:9c:93:7c:7c:53:12:d6:7d:94:22:db:b6:ca:
58:e1:ca:a8:5a:a5:c0:f4:72:f6:b8:7f:74:a3:47:
45:94:25:d5:d5:bc:11:9b:1a:00:2b:40:1d:89:97:
82:b3:b3:11:f0:6c:5a:8b:da:17:42:88:a9:e8:47:
b8:1e:bd:a0:2b:bd:69:a4:54:83:7a:3f:c0:82:4e:
42:08:8c:a8:48:e8:b1:9b:64:48:d9:39:0f:dd:48:
1d:38:96:59:c8:6d:2f:04:84:14:d3:3a:f5:0d:30:
14:56:d1:0c:24:f7:d2:eb:98:28:33:3b:75:06:d9:
ab:32:2d:41:d6:f6:0e:1e:c8:7a:5a:22:2c:58:32:
54:15:3b:3d:b8:12:81:11:9c:bc:8f:08:c1:69:d6:
4e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:9E:6F:A6:F7:F3:36:67:07:4E:7B:4E:A3:42:F8:90:6C:7E:A8:73
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BF430C6BD1011EF90F03E9C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.160.0/20
Signature Algorithm: sha256WithRSAEncryption
4a:11:e3:62:27:d2:5f:78:e7:d9:5d:b6:d5:9b:3d:9c:4b:e0:
4c:21:58:bb:a8:82:55:fa:38:cb:86:0d:16:93:a5:c3:d5:3d:
2a:8f:d4:26:c4:66:0d:94:9c:fb:93:87:40:a2:b2:d2:03:b5:
7f:dd:d8:21:b5:26:40:37:9c:ab:5b:c9:3e:e5:1e:21:e9:34:
97:94:e2:71:c0:77:86:13:33:d5:f2:5f:25:e6:df:b9:a7:f2:
73:a1:1e:a2:1f:8e:8f:33:ae:7a:72:12:d4:bc:da:5c:84:30:
dc:1d:8e:08:d4:42:a0:44:db:87:51:a7:35:20:88:c8:44:0b:
3f:d3:74:4e:e2:a7:9a:7c:4b:45:5e:cd:15:67:d9:a4:85:a5:
ce:f0:0d:37:2c:45:da:f0:af:fd:05:de:c1:c7:28:ea:af:b2:
54:60:c0:c9:82:03:ab:1b:69:a2:62:4a:ef:da:63:51:b2:89:
43:14:9c:df:34:96:55:3c:27:5a:31:50:06:f0:93:cd:05:42:
a5:89:9f:a7:a4:d4:5e:e7:ce:3f:3f:9c:af:c1:89:7d:f3:88:
f2:07:96:84:27:d6:02:fb:5a:21:c7:44:9e:3a:19:c1:c8:b0:
01:85:a1:70:8a:f8:53:18:29:98:a3:db:e9:9b:da:b6:5d:0d:
0e:02:ce:82
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOR6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE4MDcxODMzWhcNMjUwMTIzMDcxODMzWjAYMRYw
FAYDVQQDEw02NzYyNzc0Yy1iYmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA/QOaZ4uI69jwqorqM77Ot9EKhNFK7lMCIjNfktq652Lz6KpJyjFnVh+z
FKnO5esFosWXAkxrxZmXSJXsvYrzZLRCNUduUF1zhz/n3napysJO+A7cHOrX9Q3J
BMdEtA6L/PtnnzV70X8NZJyTfHxTEtZ9lCLbtspY4cqoWqXA9HL2uH90o0dFlCXV
1bwRmxoAK0AdiZeCs7MR8Gxai9oXQoip6Ee4Hr2gK71ppFSDej/Agk5CCIyoSOix
m2RI2TkP3UgdOJZZyG0vBIQU0zr1DTAUVtEMJPfS65goMzt1BtmrMi1B1vYOHsh6
WiIsWDJUFTs9uBKBEZy8jwjBadZOYQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOue
b6b38zZnB057TqNC+JBsfqhzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QkY0MzBDNkJEMTAxMUVGOTBGMDNFOUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPOgMA0GCSqGSIb3DQEBCwUA
A4IBAQBKEeNiJ9JfeOfZXbbVmz2cS+BMIVi7qIJV+jjLhg0Wk6XD1T0qj9QmxGYN
lJz7k4dAorLSA7V/3dghtSZAN5yrW8k+5R4h6TSXlOJxwHeGEzPV8l8l5t+5p/Jz
oR6iH46PM656chLUvNpchDDcHY4I1EKgRNuHUac1IIjIRAs/03RO4qeafEtFXs0V
Z9mkhaXO8A03LEXa8K/9Bd7Bxyjqr7JUYMDJggOrG2miYkrv2mNRsolDFJzfNJZV
PCdaMVAG8JPNBUKliZ+npNRe584/P5yvwYl984jyB5aEJ9YC+1ohx0SeOhnByLAB
haFwivhTGCmYo9vpm9q2XQ0OAs6C
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:34 2025 by rpki-client