Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5266F166D25311EF84CD2A7C762E951A.roa
File: 5266F166D25311EF84CD2A7C762E951A.roa (raw, json)
Hash identifier: P77QOqoXLTk1ZrDH6EFYQ32Q40rcyN4M0g6JwvkzQKY=
Subject key identifier: 62:25:28:68:2F:8E:08:FB:BB:9B:DE:9B:A1:B4:68:84:6E:19:2A:39
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010708
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5266F166D25311EF84CD2A7C762E951A.roa
Signing time: Tue 14 Jan 2025 08:41:18 +0000
ROA not before: Tue 14 Jan 2025 08:41:14 +0000
ROA not after: Wed 22 Jan 2025 08:41:14 +0000
asID: 40065
IP address blocks: 156.235.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67336 (0x10708)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 08:41:14 2025 GMT
Not After : Jan 22 08:41:14 2025 GMT
Subject: CN=6786232e-d0a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7b:a7:d9:bf:c8:c3:eb:2c:e9:21:7f:de:cd:
2a:4d:21:6b:f1:91:9c:d7:40:63:e4:9a:2d:74:6f:
2a:81:2a:1f:e5:77:93:fd:4b:6c:6e:08:9f:1a:b0:
c3:ea:fa:62:2b:6a:a4:43:d1:49:40:60:6c:5a:25:
84:fc:97:5a:77:4c:b8:99:e0:c0:74:0a:d3:db:a3:
85:27:33:91:59:f8:3d:c1:8d:ab:8d:0a:16:5e:4c:
ee:31:85:f9:61:21:b1:a2:9b:5f:55:36:a8:61:c1:
8e:eb:36:b4:1d:66:24:1b:60:d6:4c:db:b2:1a:56:
61:ac:27:b9:ce:2a:c3:43:77:d2:9e:68:8b:90:d9:
31:f1:2d:be:c4:de:01:dd:72:dc:fd:00:54:14:5c:
1c:f5:ed:5d:d4:5e:4b:d4:91:c7:00:02:f2:a5:67:
dd:b1:28:62:e5:a7:8e:84:22:5e:90:ba:92:05:ec:
2d:12:be:25:ce:cc:6b:ef:1c:dd:b5:61:e4:46:f6:
35:38:49:b3:9d:ac:1a:03:f7:77:f8:42:99:77:22:
f5:67:81:c1:1b:be:6e:ce:b5:71:7b:1e:b9:ca:be:
5c:f1:c5:9d:6c:bb:ba:80:f2:d8:ff:d2:22:5d:1e:
af:20:f5:fc:84:c9:65:d8:fd:34:03:27:d1:00:6f:
6c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:25:28:68:2F:8E:08:FB:BB:9B:DE:9B:A1:B4:68:84:6E:19:2A:39
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5266F166D25311EF84CD2A7C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.1.0/24
Signature Algorithm: sha256WithRSAEncryption
12:07:9c:8b:eb:8b:cd:01:37:25:cf:da:4a:70:9d:90:4b:3e:
c0:22:de:3a:8c:17:b2:a1:c6:25:01:9c:12:8a:0f:10:2b:96:
f7:5b:70:e0:be:db:4b:cb:da:81:52:9a:29:00:6a:0c:e1:f4:
b8:6f:5e:5f:ac:80:fc:ed:a0:2d:b3:06:be:2c:02:e8:35:35:
97:94:4d:8a:4a:6f:f0:d9:c9:e5:8e:7d:6f:c7:ed:dd:1f:36:
91:d5:03:29:5f:60:06:49:e8:c9:71:04:40:d8:3e:c3:56:2f:
71:f6:9f:4b:7f:5b:29:4f:3d:36:fc:70:9c:84:27:85:30:6f:
18:f6:6f:63:5b:8c:b7:38:5e:d5:64:c0:0d:83:01:14:f8:3b:
5b:bf:2b:9a:1e:ea:e5:35:4e:f6:56:58:3b:6e:c9:25:c2:7d:
6b:b8:84:2b:f4:92:17:e7:a1:23:b5:86:a6:e8:a7:bc:09:95:
d1:4e:52:2b:34:39:14:02:cc:12:84:15:cd:51:72:7a:77:6a:
81:95:e5:60:19:22:e6:f5:d5:0a:8d:86:09:d8:e8:75:9b:13:
2d:33:86:18:cf:cd:d3:10:44:3b:5e:a3:80:20:e5:ef:2d:ba:
87:4e:fc:61:79:fe:29:9f:2b:fb:95:a0:00:bc:bf:2e:e5:1c:
22:5b:f6:2f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQcIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDg0MTE0WhcNMjUwMTIyMDg0MTE0WjAYMRYw
FAYDVQQDEw02Nzg2MjMyZS1kMGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Xun2b/Iw+ss6SF/3s0qTSFr8ZGc10Bj5JotdG8qgSof5XeT/Utsbgif
GrDD6vpiK2qkQ9FJQGBsWiWE/Jdad0y4meDAdArT26OFJzORWfg9wY2rjQoWXkzu
MYX5YSGxoptfVTaoYcGO6za0HWYkG2DWTNuyGlZhrCe5zirDQ3fSnmiLkNkx8S2+
xN4B3XLc/QBUFFwc9e1d1F5L1JHHAALypWfdsShi5aeOhCJekLqSBewtEr4lzsxr
7xzdtWHkRvY1OEmznawaA/d3+EKZdyL1Z4HBG75uzrVxex65yr5c8cWdbLu6gPLY
/9IiXR6vIPX8hMll2P00AyfRAG9sqwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGIl
KGgvjgj7u5vem6G0aIRuGSo5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MjY2RjE2NkQyNTMxMUVGODRDRDJBN0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOsBMA0GCSqGSIb3DQEBCwUA
A4IBAQASB5yL64vNATclz9pKcJ2QSz7AIt46jBeyocYlAZwSig8QK5b3W3DgvttL
y9qBUpopAGoM4fS4b15frID87aAtswa+LALoNTWXlE2KSm/w2cnljn1vx+3dHzaR
1QMpX2AGSejJcQRA2D7DVi9x9p9Lf1spTz02/HCchCeFMG8Y9m9jW4y3OF7VZMAN
gwEU+DtbvyuaHurlNU72Vlg7bsklwn1ruIQr9JIX56EjtYam6Ke8CZXRTlIrNDkU
AswShBXNUXJ6d2qBleVgGSLm9dUKjYYJ2Oh1mxMtM4YYz83TEEQ7XqOAIOXvLbqH
Tvxhef4pnyv7laAAvL8u5RwiW/Yv
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:58 2025 by rpki-client