Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5865CF3C84F311EE91A494454AD9E6FC.roa
File: 5865CF3C84F311EE91A494454AD9E6FC.roa (raw, json)
Hash identifier: JrqCJKqMhIpcoiIDPIVrvtnNDAail4gnMpvOGSd7Wss=
Subject key identifier: BF:E6:CE:D5:27:A2:84:04:83:82:60:C4:AE:17:99:15:43:19:D3:83
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 494F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5865CF3C84F311EE91A494454AD9E6FC.roa
Signing time: Fri 17 Nov 2023 02:45:19 +0000
ROA not before: Fri 17 Nov 2023 02:45:16 +0000
ROA not after: Tue 12 Nov 2024 02:45:16 +0000
asID: 64267
IP address blocks: 156.239.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18767 (0x494f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 17 02:45:16 2023 GMT
Not After : Nov 12 02:45:16 2024 GMT
Subject: CN=6556d3bf-74b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:d1:0a:b1:62:98:fc:f3:fa:ae:01:6c:50:34:
2f:52:a3:50:76:41:6f:ee:21:e6:6d:fa:65:e6:4b:
99:da:ff:08:88:ab:f5:0d:37:09:29:4f:75:53:88:
9a:ed:55:91:cb:5c:4f:c1:94:4d:e9:bd:86:4d:7c:
33:9d:fd:9b:89:e6:11:3f:c6:7a:c7:4c:00:5c:cd:
fe:c9:0c:48:be:8a:3b:70:25:67:eb:7f:fa:e3:ec:
76:5b:78:20:39:4f:27:ad:6a:7c:96:04:5a:f5:c0:
ed:59:f6:77:85:fa:ad:cc:19:dc:b7:20:d0:f9:25:
f7:0b:1c:35:ac:b6:d5:eb:9a:fb:16:44:6a:a9:64:
c9:6e:49:35:10:24:40:95:88:64:6b:fc:97:82:f5:
16:2f:cb:33:4e:04:c9:42:7d:67:5f:77:53:04:4b:
b4:8e:57:1d:4c:81:69:2c:92:f2:34:c5:91:4c:cb:
dc:36:33:27:45:41:6c:a0:76:68:75:da:c7:37:66:
fc:f9:d2:02:b2:d5:07:80:06:5d:41:6d:77:fc:b2:
1e:34:d4:89:bd:db:2a:3a:76:54:01:f7:b1:0e:3d:
4d:eb:e9:4e:38:c1:e1:45:8d:1e:07:22:9e:5f:f6:
91:e2:2d:bd:af:57:fd:e9:19:b9:e5:69:55:99:cb:
ba:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E6:CE:D5:27:A2:84:04:83:82:60:C4:AE:17:99:15:43:19:D3:83
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5865CF3C84F311EE91A494454AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.34.0/24
Signature Algorithm: sha256WithRSAEncryption
83:76:a1:56:5c:55:97:3a:a1:a7:da:06:4b:bc:12:67:8d:e2:
11:3b:cd:c7:e5:ac:c5:05:39:02:da:f8:f8:75:c5:0a:d0:33:
f5:1e:cb:b2:4a:ba:8a:c2:59:71:77:c7:07:8b:fd:82:63:d9:
aa:07:04:f6:72:f9:48:50:7e:31:1b:4a:63:41:fc:a6:ed:cc:
21:e3:b2:dd:65:b3:12:47:3e:5a:92:66:b6:3d:8c:27:a7:37:
a2:5d:dc:29:3f:d3:3d:0a:86:08:3d:f1:ed:19:3e:ad:37:2c:
f8:fc:21:23:05:7a:21:8c:1c:84:5b:b4:1f:4f:16:10:02:79:
1d:83:de:b6:41:f1:0f:4c:c4:44:46:40:3e:cc:7c:a6:c9:99:
77:00:a2:6c:57:1f:a9:69:57:a6:f9:9f:fb:a1:67:87:71:04:
54:d2:d0:28:05:44:cf:5d:0d:8c:14:f0:6b:c6:32:ec:14:9d:
ad:6c:45:60:2e:63:40:c6:f3:d9:c5:5c:7e:79:63:8d:fb:9f:
37:2f:d4:3b:aa:d4:b3:a2:02:fa:c7:8f:f2:99:95:2c:eb:65:
d1:c0:1f:b7:3d:b5:12:be:c0:01:7c:b3:90:ab:7e:84:ad:6b:
a2:7e:4e:43:47:00:85:ab:9f:4d:f9:af:c5:5f:33:09:15:c0:
1a:6f:6c:c9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICSU8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzExMTcwMjQ1MTZaFw0yNDExMTIwMjQ1MTZaMBgxFjAU
BgNVBAMTDTY1NTZkM2JmLTc0YjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDn0QqxYpj88/quAWxQNC9So1B2QW/uIeZt+mXmS5na/wiIq/UNNwkpT3VT
iJrtVZHLXE/BlE3pvYZNfDOd/ZuJ5hE/xnrHTABczf7JDEi+ijtwJWfrf/rj7HZb
eCA5TyetanyWBFr1wO1Z9neF+q3MGdy3IND5JfcLHDWsttXrmvsWRGqpZMluSTUQ
JECViGRr/JeC9RYvyzNOBMlCfWdfd1MES7SOVx1MgWkskvI0xZFMy9w2MydFQWyg
dmh12sc3Zvz50gKy1QeABl1BbXf8sh401Im92yo6dlQB97EOPU3r6U44weFFjR4H
Ip5f9pHiLb2vV/3pGbnlaVWZy7qHAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUv+bO
1SeihASDgmDErheZFUMZ04MwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzU4NjVDRjNDODRGMzExRUU5MUE0OTQ0NTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc7yIwDQYJKoZIhvcNAQELBQAD
ggEBAIN2oVZcVZc6oafaBku8EmeN4hE7zcflrMUFOQLa+Ph1xQrQM/Uey7JKuorC
WXF3xweL/YJj2aoHBPZy+UhQfjEbSmNB/KbtzCHjst1lsxJHPlqSZrY9jCenN6Jd
3Ck/0z0Khgg98e0ZPq03LPj8ISMFeiGMHIRbtB9PFhACeR2D3rZB8Q9MxERGQD7M
fKbJmXcAomxXH6lpV6b5n/uhZ4dxBFTS0CgFRM9dDYwU8GvGMuwUna1sRWAuY0DG
89nFXH55Y437nzcv1Duq1LOiAvrHj/KZlSzrZdHAH7c9tRK+wAF8s5CrfoSta6J+
TkNHAIWrn035r8VfMwkVwBpvbMk=
-----END CERTIFICATE-----
Generated at Sun May 11 14:57:49 2025 by rpki-client