Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/573ACCD6F17411EFAE59DA8A762E951A.roa
File: 573ACCD6F17411EFAE59DA8A762E951A.roa (raw, json)
Hash identifier: Y2ZKLBXRR7H7CKZ33AqDaittf9rk9nI3ij8JbmjcYXU=
Subject key identifier: CD:76:DC:9E:E6:FE:23:D5:9B:3E:6B:82:54:4C:C6:E9:AF:97:F5:7A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0129D4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/573ACCD6F17411EFAE59DA8A762E951A.roa
Signing time: Sat 22 Feb 2025 23:25:45 +0000
ROA not before: Sat 22 Feb 2025 23:25:42 +0000
ROA not after: Fri 04 Apr 2025 23:25:42 +0000
asID: 5068
IP address blocks: 156.226.164.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76244 (0x129d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 22 23:25:42 2025 GMT
Not After : Apr 4 23:25:42 2025 GMT
Subject: CN=67ba5cf9-a195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c2:5e:d0:8f:85:f1:56:bf:34:e2:45:6b:8a:
2d:9b:e4:c6:8a:31:f9:2e:86:19:65:2e:a9:e0:0c:
90:2d:e7:ca:ae:1f:4f:81:10:0e:17:0b:f6:b0:06:
ad:97:8e:e6:55:88:ed:ab:1e:dd:9d:6b:8d:48:23:
6a:4b:f8:2c:d0:fb:09:ad:5a:54:4d:37:4e:6a:0e:
51:3b:b3:c1:fd:bd:c1:80:9f:d2:f3:64:8a:c2:b2:
59:e1:d3:d3:33:64:b0:46:22:bd:c5:ba:7a:b7:9e:
5f:9c:66:a1:c7:e3:37:79:21:d0:f2:d4:be:6b:64:
b7:40:56:13:3e:76:4a:c9:5b:7e:01:f2:82:12:33:
a3:95:87:5b:86:1d:96:ca:21:fa:a5:d5:c5:48:ac:
e8:7a:da:a7:12:c2:c7:fb:94:95:3c:ce:22:98:61:
d3:03:04:54:af:67:32:d9:73:5a:91:73:93:33:0d:
ff:f6:a4:21:94:d7:ff:42:38:c1:ca:99:14:c9:2d:
7b:a2:5b:5e:a2:fc:aa:33:63:e2:66:4b:ce:76:64:
e6:6a:f5:8c:28:c1:18:13:1b:74:98:85:df:69:7f:
3a:37:85:61:be:d2:1f:64:45:01:82:8d:f6:60:59:
55:18:ef:fe:f3:1b:39:ff:84:ba:a1:66:1b:36:17:
a8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:76:DC:9E:E6:FE:23:D5:9B:3E:6B:82:54:4C:C6:E9:AF:97:F5:7A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/573ACCD6F17411EFAE59DA8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.164.0/23
Signature Algorithm: sha256WithRSAEncryption
08:13:28:d9:16:4f:11:c2:ad:49:6a:c6:18:eb:ef:b6:77:89:
ed:3e:f2:43:76:d6:38:82:58:ca:b1:15:8b:92:fd:b0:ae:eb:
28:14:ce:76:f6:4d:7e:12:9e:82:cc:40:cd:ed:e0:96:00:9e:
b1:4a:f6:c8:29:c8:91:fe:cc:c8:79:42:45:f6:53:a5:c8:3c:
aa:a9:d5:75:17:d3:cc:59:ee:1d:8b:45:40:a6:4d:be:5a:89:
2e:7d:ca:1e:6f:c5:fb:61:28:3f:9d:21:44:a7:64:34:8d:b2:
b3:f7:8e:91:e0:58:11:e9:6e:fe:f2:43:cc:c3:aa:c4:c1:36:
64:fe:d8:8a:51:18:66:2b:95:25:22:9c:56:cd:b7:2d:02:19:
f8:bd:2a:0b:cf:19:71:4f:f1:83:d8:6a:6c:b1:47:bb:29:29:
65:fb:79:a4:9f:00:52:cd:15:69:b2:46:43:f6:5f:c0:e8:3b:
95:41:11:79:ab:56:4f:58:02:c1:9c:30:59:bb:1a:78:50:69:
a3:a7:dd:7e:67:f2:0f:c4:99:95:93:ce:7d:b1:97:8e:24:92:
ed:6a:9d:2c:8c:d9:bd:92:bf:6f:14:0e:f8:38:a0:8b:26:cb:
f4:b8:52:20:ec:a8:76:a8:df:43:a9:33:d0:3c:da:ed:6e:a9:
fd:cc:a8:3a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASnUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjIyMjMyNTQyWhcNMjUwNDA0MjMyNTQyWjAYMRYw
FAYDVQQDEw02N2JhNWNmOS1hMTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1sJe0I+F8Va/NOJFa4otm+TGijH5LoYZZS6p4AyQLefKrh9PgRAOFwv2
sAatl47mVYjtqx7dnWuNSCNqS/gs0PsJrVpUTTdOag5RO7PB/b3BgJ/S82SKwrJZ
4dPTM2SwRiK9xbp6t55fnGahx+M3eSHQ8tS+a2S3QFYTPnZKyVt+AfKCEjOjlYdb
hh2WyiH6pdXFSKzoetqnEsLH+5SVPM4imGHTAwRUr2cy2XNakXOTMw3/9qQhlNf/
QjjBypkUyS17olteovyqM2PiZkvOdmTmavWMKMEYExt0mIXfaX86N4VhvtIfZEUB
go32YFlVGO/+8xs5/4S6oWYbNheoyQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM12
3J7m/iPVmz5rglRMxumvl/V6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NzNBQ0NENkYxNzQxMUVGQUU1OURBOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOKkMA0GCSqGSIb3DQEBCwUA
A4IBAQAIEyjZFk8Rwq1JasYY6++2d4ntPvJDdtY4gljKsRWLkv2wrusoFM529k1+
Ep6CzEDN7eCWAJ6xSvbIKciR/szIeUJF9lOlyDyqqdV1F9PMWe4di0VApk2+Woku
fcoeb8X7YSg/nSFEp2Q0jbKz946R4FgR6W7+8kPMw6rEwTZk/tiKURhmK5UlIpxW
zbctAhn4vSoLzxlxT/GD2GpssUe7KSll+3mknwBSzRVpskZD9l/A6DuVQRF5q1ZP
WALBnDBZuxp4UGmjp91+Z/IPxJmVk859sZeOJJLtap0sjNm9kr9vFA74OKCLJsv0
uFIg7Kh2qN9DqTPQPNrtbqn9zKg6
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:11 2025 by rpki-client