Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4CDF27A4D30C11EF8A291E98762E951A.roa
File: 4CDF27A4D30C11EF8A291E98762E951A.roa (raw, json)
Hash identifier: W+zcpsgTSC+ytPIWcKmsZEnGmHZd9TSDi6fy9Pla8ZY=
Subject key identifier: A9:0E:BD:7B:5A:8A:E4:8C:37:44:1F:85:73:A6:D8:03:AA:C5:26:C0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01082D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4CDF27A4D30C11EF8A291E98762E951A.roa
Signing time: Wed 15 Jan 2025 06:45:25 +0000
ROA not before: Wed 15 Jan 2025 06:45:22 +0000
ROA not after: Sat 25 Jan 2025 06:45:22 +0000
asID: 11331
IP address blocks: 156.239.96.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67629 (0x1082d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 06:45:22 2025 GMT
Not After : Jan 25 06:45:22 2025 GMT
Subject: CN=67875985-797d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f9:98:e1:d8:34:4b:b3:73:66:b0:54:0f:0e:
59:24:dd:8a:ac:cf:8a:b9:47:bf:32:f7:d4:12:59:
a6:57:ab:69:fe:02:69:03:71:81:1a:97:0b:20:cb:
e4:da:76:af:19:71:46:6e:fb:71:00:cb:78:50:bf:
e1:0e:04:01:d4:73:fe:f8:32:e2:d3:60:1b:c0:72:
31:d3:a9:81:6b:a7:58:7a:56:19:8b:6e:d2:a5:5a:
94:b8:75:dc:9b:48:e6:f3:c1:98:85:bb:03:ef:ba:
51:93:ea:8f:06:af:49:56:7b:6d:02:fb:73:e1:3c:
d7:00:12:a0:6c:10:68:7f:a9:18:07:e5:ca:dd:de:
84:6c:13:cb:da:da:5a:ea:ca:19:33:2a:49:09:4f:
05:8e:76:10:bb:62:2d:c7:ad:aa:b6:fc:9f:1e:ea:
b8:b2:7a:ca:93:58:19:bc:60:69:1c:99:34:ac:f5:
ab:1a:2c:db:f8:f5:14:40:08:76:2d:c2:5a:08:3c:
5a:88:68:9f:67:31:3a:e0:e3:b8:b0:ea:ec:ad:b0:
85:e3:5e:5a:30:e0:c9:24:04:52:b1:0b:af:ca:1b:
ba:e2:1f:33:8c:ee:d6:ef:0f:76:bb:62:6e:13:8d:
3c:38:26:67:74:bb:5d:12:f7:72:9f:ea:be:31:fd:
e2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0E:BD:7B:5A:8A:E4:8C:37:44:1F:85:73:A6:D8:03:AA:C5:26:C0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4CDF27A4D30C11EF8A291E98762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.96.0/19
Signature Algorithm: sha256WithRSAEncryption
54:d4:8e:f0:78:e7:45:51:50:48:7c:56:8e:93:d0:4c:54:bf:
1e:1f:61:91:9f:3d:01:ee:40:60:2b:75:5a:c0:29:53:b1:ac:
f9:c4:50:bf:71:2f:3e:8a:03:04:d0:f9:d8:d6:ac:e4:10:37:
52:e8:eb:6d:f3:15:5b:b0:51:39:97:a7:68:80:66:16:23:98:
b1:41:f6:23:bd:6c:79:95:fc:13:05:93:d1:3c:a4:46:aa:aa:
ec:37:b3:52:a2:64:bc:6d:26:11:60:2f:2c:0b:ac:81:67:62:
b2:aa:37:f0:11:a8:50:e4:9c:46:4d:2f:6b:37:3b:54:2f:8f:
93:69:59:ad:fc:a1:6a:5f:37:2d:f4:a6:7a:8c:de:57:3d:45:
6d:df:71:22:b2:69:40:3b:7e:a2:b5:dd:13:34:12:5c:d4:ce:
75:33:ff:42:73:c8:be:3d:07:44:bf:1f:0e:a7:56:7a:0d:58:
a3:9f:f2:8c:44:1c:96:5a:7e:77:88:1d:a4:a2:25:56:b1:0f:
4b:59:c4:6e:c8:9d:c2:d8:6e:fb:72:aa:cd:7e:4c:fc:57:24:
2b:2f:03:41:fc:6a:a0:8f:bb:f6:a1:dc:6d:ba:0a:92:f8:9c:
46:59:79:51:ce:a5:15:9a:f3:70:51:50:c0:d1:7e:58:03:1b:
3b:77:47:aa
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQgtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDY0NTIyWhcNMjUwMTI1MDY0NTIyWjAYMRYw
FAYDVQQDEw02Nzg3NTk4NS03OTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyvmY4dg0S7NzZrBUDw5ZJN2KrM+KuUe/MvfUElmmV6tp/gJpA3GBGpcL
IMvk2navGXFGbvtxAMt4UL/hDgQB1HP++DLi02AbwHIx06mBa6dYelYZi27SpVqU
uHXcm0jm88GYhbsD77pRk+qPBq9JVnttAvtz4TzXABKgbBBof6kYB+XK3d6EbBPL
2tpa6soZMypJCU8FjnYQu2Itx62qtvyfHuq4snrKk1gZvGBpHJk0rPWrGizb+PUU
QAh2LcJaCDxaiGifZzE64OO4sOrsrbCF415aMODJJARSsQuvyhu64h8zjO7W7w92
u2JuE408OCZndLtdEvdyn+q+Mf3izQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKkO
vXtaiuSMN0QfhXOm2AOqxSbAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80Q0RGMjdBNEQzMEMxMUVGOEEyOTFFOTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO9gMA0GCSqGSIb3DQEBCwUA
A4IBAQBU1I7weOdFUVBIfFaOk9BMVL8eH2GRnz0B7kBgK3VawClTsaz5xFC/cS8+
igME0PnY1qzkEDdS6Ott8xVbsFE5l6dogGYWI5ixQfYjvWx5lfwTBZPRPKRGqqrs
N7NSomS8bSYRYC8sC6yBZ2KyqjfwEahQ5JxGTS9rNztUL4+TaVmt/KFqXzct9KZ6
jN5XPUVt33EismlAO36itd0TNBJc1M51M/9Cc8i+PQdEvx8Op1Z6DVijn/KMRByW
Wn53iB2koiVWsQ9LWcRuyJ3C2G77cqrNfkz8VyQrLwNB/Gqgj7v2odxtugqS+JxG
WXlRzqUVmvNwUVDA0X5YAxs7d0eq
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:20 2025 by rpki-client