Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/54BF0290BAF811EFBB3E036B762E951A.roa
File: 54BF0290BAF811EFBB3E036B762E951A.roa (raw, json)
Hash identifier: DfcLrNzkC2qw1yRtVz/siCPpRln7u3qYcpBi0RlOq5A=
Subject key identifier: D0:7F:0E:9B:C2:6A:FA:2F:E7:2D:62:BE:CD:88:31:A5:25:4E:CA:77
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E3F7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/54BF0290BAF811EFBB3E036B762E951A.roa
Signing time: Sun 15 Dec 2024 15:22:01 +0000
ROA not before: Sun 15 Dec 2024 15:21:57 +0000
ROA not after: Mon 20 Jan 2025 15:21:57 +0000
asID: 395886
IP address blocks: 156.225.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58359 (0xe3f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 15 15:21:57 2024 GMT
Not After : Jan 20 15:21:57 2025 GMT
Subject: CN=675ef419-af68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:16:05:6c:87:1b:c6:e8:fc:42:86:f4:cc:22:
8f:82:27:4d:2b:cc:a0:71:90:e1:5c:de:6e:b0:9c:
4c:be:1c:23:96:ef:46:9b:68:82:5c:42:8a:ef:bb:
da:3a:53:1f:e4:08:88:7f:d3:54:c1:99:26:7c:02:
e0:0a:69:e7:93:83:19:34:ce:25:4f:2f:a0:bc:80:
fd:ec:9e:ce:5e:9a:cf:d9:b3:16:b3:f3:71:b2:6b:
43:e8:0e:59:24:2d:a2:ce:f5:4f:75:67:95:93:a1:
01:65:a0:bc:77:46:33:cc:0c:61:0e:1f:4a:ea:d1:
a6:45:b4:4d:66:b5:f7:8a:de:c8:80:dd:79:02:cf:
3e:1b:65:bb:1d:1f:4a:c1:ad:87:07:f2:e9:62:af:
0d:b1:89:a2:e9:3a:2d:25:e1:17:06:bc:65:6f:8e:
88:52:29:f7:35:12:86:8b:cc:bd:cf:d7:68:ec:ed:
6d:b3:53:59:79:4f:79:2f:92:6d:d1:41:0f:a0:a0:
67:f8:6b:78:37:79:82:98:d9:cd:66:20:9a:b6:20:
db:43:51:87:ad:2c:bf:4b:64:98:23:f1:53:40:9d:
84:04:0a:49:bf:1f:8a:c0:80:2e:26:67:51:95:8f:
f5:1f:42:f1:a8:2c:6d:2b:48:48:f5:c5:3e:f1:0e:
fa:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7F:0E:9B:C2:6A:FA:2F:E7:2D:62:BE:CD:88:31:A5:25:4E:CA:77
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/54BF0290BAF811EFBB3E036B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
ae:93:63:a0:81:3a:95:ce:d0:44:a5:70:4f:f3:7a:d3:98:2f:
92:f1:f1:a5:ea:86:79:cb:fc:73:7e:6b:ef:ce:4f:db:02:d3:
e2:e7:e3:24:a3:ea:0f:6f:0c:2a:59:3c:46:ad:0a:23:ac:2a:
02:67:e6:9f:d4:26:10:09:f1:12:61:ff:ae:77:ce:45:31:bc:
a8:a4:95:bd:a4:9f:3a:bb:d9:5d:46:e7:d2:13:23:c3:3d:f9:
52:0b:f2:39:d8:30:89:24:64:f9:56:7e:7b:f9:22:ec:90:8c:
c9:aa:db:9a:06:d5:56:5a:bb:0e:a1:f9:c3:a6:40:e9:bd:a1:
75:cf:4c:11:cd:4f:42:40:5f:32:e6:5e:54:b5:1c:43:a4:ba:
f5:20:b5:1c:fd:cc:17:74:21:89:61:36:20:23:a8:98:39:08:
28:d7:fb:d5:1c:aa:12:7c:c4:d5:05:3f:8c:e4:9d:6d:57:e9:
a1:12:e7:76:6c:f3:62:92:37:12:30:3e:d4:f0:c5:53:01:e7:
db:0c:b0:ec:21:d0:79:b4:87:e8:12:1d:e7:31:f9:1d:9c:65:
a7:27:2d:d9:fe:10:87:b5:b4:63:91:c7:00:10:93:5a:75:a1:
84:80:55:78:77:d2:27:93:40:a7:25:7c:2e:0e:9c:27:94:7b:
c6:bb:b9:60
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOP3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE1MTUyMTU3WhcNMjUwMTIwMTUyMTU3WjAYMRYw
FAYDVQQDEw02NzVlZjQxOS1hZjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1hYFbIcbxuj8Qob0zCKPgidNK8ygcZDhXN5usJxMvhwjlu9Gm2iCXEKK
77vaOlMf5AiIf9NUwZkmfALgCmnnk4MZNM4lTy+gvID97J7OXprP2bMWs/NxsmtD
6A5ZJC2izvVPdWeVk6EBZaC8d0YzzAxhDh9K6tGmRbRNZrX3it7IgN15As8+G2W7
HR9Kwa2HB/LpYq8NsYmi6TotJeEXBrxlb46IUin3NRKGi8y9z9do7O1ts1NZeU95
L5Jt0UEPoKBn+Gt4N3mCmNnNZiCatiDbQ1GHrSy/S2SYI/FTQJ2EBApJvx+KwIAu
JmdRlY/1H0LxqCxtK0hI9cU+8Q76LQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNB/
DpvCavov5y1ivs2IMaUlTsp3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NEJGMDI5MEJBRjgxMUVGQkIzRTAzNkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQCuk2OggTqVztBEpXBP83rTmC+S8fGl6oZ5y/xzfmvvzk/bAtPi5+Mko+oP
bwwqWTxGrQojrCoCZ+af1CYQCfESYf+ud85FMbyopJW9pJ86u9ldRufSEyPDPflS
C/I52DCJJGT5Vn57+SLskIzJqtuaBtVWWrsOofnDpkDpvaF1z0wRzU9CQF8y5l5U
tRxDpLr1ILUc/cwXdCGJYTYgI6iYOQgo1/vVHKoSfMTVBT+M5J1tV+mhEud2bPNi
kjcSMD7U8MVTAefbDLDsIdB5tIfoEh3nMfkdnGWnJy3Z/hCHtbRjkccAEJNadaGE
gFV4d9Ink0CnJXwuDpwnlHvGu7lg
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:37 2025 by rpki-client