Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C36CBBAC0FD11EFAE96A052762E951A.roa
File: 5C36CBBAC0FD11EFAE96A052762E951A.roa (raw, json)
Hash identifier: yyCNojoBGQ8JSMvqB7Bbv+WK8kAQ6dY+xhXvkOJlEKU=
Subject key identifier: 82:3E:DD:EC:E1:8B:03:37:98:F6:9D:7D:53:A1:5B:5D:66:80:D9:34
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E800
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C36CBBAC0FD11EFAE96A052762E951A.roa
Signing time: Mon 23 Dec 2024 07:13:08 +0000
ROA not before: Mon 23 Dec 2024 07:13:04 +0000
ROA not after: Fri 31 Jan 2025 07:13:04 +0000
asID: 203020
IP address blocks: 156.235.32.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59392 (0xe800)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 23 07:13:04 2024 GMT
Not After : Jan 31 07:13:04 2025 GMT
Subject: CN=67690d84-48ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ae:0c:8a:d4:7b:55:86:0b:8e:69:de:05:3e:
fd:b9:6a:76:c5:81:02:ab:aa:3a:25:6c:51:e4:5b:
60:46:0b:cc:f3:c3:ee:c6:43:06:2d:33:1a:95:d0:
4a:32:a4:a9:75:9f:a1:63:76:61:f4:ba:fa:b6:92:
cc:a6:ad:03:b2:cd:fe:ff:b3:52:7c:af:ef:fe:09:
f8:dc:69:36:6b:86:93:89:7e:49:c9:e9:d5:d8:01:
c5:2e:e2:e5:9c:be:c5:38:05:28:84:8a:8b:26:02:
e0:32:35:6c:1d:5e:0b:64:95:99:af:65:86:78:bd:
b6:4d:8f:97:5a:1f:05:cf:0c:5e:d2:78:8c:76:ac:
57:f0:24:52:39:96:0d:ae:80:96:d1:b2:cc:14:29:
c2:01:3a:ef:72:91:85:61:e9:90:c4:0f:3b:a9:50:
ed:5f:88:90:a9:85:77:e6:6b:f8:b8:c8:cf:35:f9:
be:78:de:0d:9c:3d:f9:0b:6d:81:8a:70:89:ef:dd:
2b:b9:2d:01:8e:0b:86:c5:1a:a0:49:2a:19:ec:dd:
14:25:27:22:db:25:34:ef:79:8b:92:eb:b7:d8:ab:
6c:86:ab:54:e7:61:ed:2f:ba:3f:93:bf:d8:c7:1d:
b0:fb:42:d8:12:05:cd:9e:6d:d0:d7:fd:da:38:60:
4d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3E:DD:EC:E1:8B:03:37:98:F6:9D:7D:53:A1:5B:5D:66:80:D9:34
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C36CBBAC0FD11EFAE96A052762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.32.0/20
Signature Algorithm: sha256WithRSAEncryption
73:39:9a:ff:5d:c8:2d:be:6e:13:31:11:f8:64:34:b6:e8:66:
ba:26:2f:b1:6d:25:24:48:90:39:a8:95:fe:71:8c:39:25:aa:
87:fd:e8:38:d4:ab:02:c1:61:b0:d2:f9:d1:1c:6d:0a:64:70:
89:ac:3b:1b:56:bb:17:91:e5:07:7f:ca:ae:3b:b8:37:b5:49:
d1:68:e6:6d:34:5b:87:7d:ce:90:3a:3d:7d:57:44:13:68:2b:
22:9c:6f:9a:6d:80:75:cd:4c:0f:bb:47:98:66:0d:49:68:66:
f1:82:3f:a0:78:2c:8d:5d:4b:36:de:95:1d:a2:10:c4:1a:02:
19:52:de:08:88:ef:49:2f:e1:a8:12:94:f6:b4:2e:58:33:8d:
59:a2:d9:75:95:23:8f:b7:8e:b0:df:ca:61:21:03:36:ca:f5:
2a:dc:5f:d5:fa:6c:30:2d:23:8d:50:bb:75:8a:45:c7:1a:d1:
ca:56:15:7d:8a:ea:64:d9:80:61:0a:ec:5d:b4:e9:b9:3e:07:
47:c5:33:b5:2e:5a:25:4d:52:3e:14:be:43:e7:4e:eb:54:41:
86:2f:3d:f1:d4:c0:d8:8d:f8:2e:8d:cf:fa:f6:a3:1c:ec:e0:
ff:14:26:3f:ae:7a:53:1b:e1:15:2f:a9:48:7a:93:38:d7:d6:
9f:c5:b8:b0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOgAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIzMDcxMzA0WhcNMjUwMTMxMDcxMzA0WjAYMRYw
FAYDVQQDEw02NzY5MGQ4NC00OGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtK4MitR7VYYLjmneBT79uWp2xYECq6o6JWxR5FtgRgvM88PuxkMGLTMa
ldBKMqSpdZ+hY3Zh9Lr6tpLMpq0Dss3+/7NSfK/v/gn43Gk2a4aTiX5JyenV2AHF
LuLlnL7FOAUohIqLJgLgMjVsHV4LZJWZr2WGeL22TY+XWh8Fzwxe0niMdqxX8CRS
OZYNroCW0bLMFCnCATrvcpGFYemQxA87qVDtX4iQqYV35mv4uMjPNfm+eN4NnD35
C22BinCJ790ruS0BjguGxRqgSSoZ7N0UJSci2yU073mLkuu32KtshqtU52HtL7o/
k7/Yxx2w+0LYEgXNnm3Q1/3aOGBNewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFII+
3ezhiwM3mPadfVOhW11mgNk0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QzM2Q0JCQUMwRkQxMUVGQUU5NkEwNTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOsgMA0GCSqGSIb3DQEBCwUA
A4IBAQBzOZr/Xcgtvm4TMRH4ZDS26Ga6Ji+xbSUkSJA5qJX+cYw5JaqH/eg41KsC
wWGw0vnRHG0KZHCJrDsbVrsXkeUHf8quO7g3tUnRaOZtNFuHfc6QOj19V0QTaCsi
nG+abYB1zUwPu0eYZg1JaGbxgj+geCyNXUs23pUdohDEGgIZUt4IiO9JL+GoEpT2
tC5YM41Zotl1lSOPt46w38phIQM2yvUq3F/V+mwwLSONULt1ikXHGtHKVhV9iupk
2YBhCuxdtOm5PgdHxTO1LlolTVI+FL5D507rVEGGLz3x1MDYjfgujc/69qMc7OD/
FCY/rnpTG+EVL6lIepM419afxbiw
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:26 2025 by rpki-client