Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D6EB270CF0011EFB485B37A762E951A.roa
File: 5D6EB270CF0011EFB485B37A762E951A.roa (raw, json)
Hash identifier: 8Sz+t0ckiEtHDKmAj124Tt7BXc3z+SHT6+FXR61ldU4=
Subject key identifier: 2D:2C:3A:86:15:B3:98:FC:77:42:62:92:A6:7C:8B:FD:07:19:81:2A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0104CF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D6EB270CF0011EFB485B37A762E951A.roa
Signing time: Fri 10 Jan 2025 03:09:55 +0000
ROA not before: Fri 10 Jan 2025 03:09:51 +0000
ROA not after: Mon 27 Jan 2025 03:09:51 +0000
asID: 152092
IP address blocks: 156.245.200.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66767 (0x104cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 03:09:51 2025 GMT
Not After : Jan 27 03:09:51 2025 GMT
Subject: CN=67808f83-3265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b9:63:a5:4f:03:66:a9:85:e5:7b:af:db:42:
0b:a5:b4:d5:d7:af:4e:e2:60:b8:17:cc:b7:e9:fe:
da:a1:77:59:8b:79:eb:30:e4:7f:0c:29:31:d1:dc:
31:da:4f:8b:29:46:74:d5:14:c8:8c:5e:59:2d:28:
d8:8f:f3:56:31:1d:46:45:2a:65:79:87:51:bd:33:
2b:41:a6:58:48:53:cc:13:ae:25:39:3f:14:da:a9:
7f:71:5f:70:36:0b:90:4c:c1:0e:47:dc:4f:5c:87:
6b:aa:1e:d7:d2:7a:01:93:22:d2:3a:0a:e9:0b:96:
7d:a9:e9:7a:4e:ac:6f:0c:dd:34:3d:cd:62:70:45:
b1:57:b9:37:64:6c:78:42:c9:07:e8:77:d7:06:2d:
5d:64:fc:4b:c8:10:70:1f:3b:6a:4e:4b:f0:d0:13:
e1:82:fb:8a:f4:f1:de:a3:75:8a:ed:5c:c9:97:c8:
2e:0d:0f:87:aa:91:7b:f7:b8:67:29:54:81:42:4d:
11:03:6a:30:c9:e7:0d:5c:6b:88:f6:28:00:f4:32:
6e:2a:59:77:6c:29:ee:c2:09:a8:da:b6:2c:1e:0f:
82:24:51:e8:03:ab:d5:7d:c3:d6:3b:e6:2f:5d:ba:
96:02:2c:76:54:a1:04:9b:93:e2:f1:08:f0:f2:20:
b9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:2C:3A:86:15:B3:98:FC:77:42:62:92:A6:7C:8B:FD:07:19:81:2A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D6EB270CF0011EFB485B37A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.200.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:82:ef:ef:a1:51:92:e6:4e:7a:a0:74:03:4d:26:95:bf:23:
94:9f:09:65:54:cc:69:14:07:23:69:cd:c8:56:4e:31:3f:42:
99:4d:e6:27:68:f2:b7:07:1c:4c:48:82:c5:1c:cd:8f:5d:52:
24:5b:2c:6a:e2:45:ff:1c:05:f1:42:4e:3d:29:0f:fc:e5:21:
49:c6:a9:8f:ab:75:7c:80:f8:a1:a8:ae:1b:52:ba:ce:43:12:
d3:e5:5c:d8:1d:cf:6f:4a:db:cd:9a:49:56:42:9e:79:83:47:
f5:b3:14:d9:5b:3b:72:5e:8c:02:04:46:7b:57:00:13:3c:6a:
8a:0e:29:ea:6f:f0:af:9e:fe:e5:36:d8:c4:18:8e:af:65:f0:
61:13:45:36:b6:0b:a9:01:bc:84:95:c8:b9:cd:0c:ed:05:ba:
d6:02:0b:f2:9e:86:4f:ab:f4:43:15:80:23:78:84:33:82:d3:
55:1d:6a:26:51:72:8a:78:d9:58:f9:30:73:d0:4d:a1:67:8d:
5a:7d:2d:b2:cf:51:33:3d:9a:09:f7:a8:03:d7:a9:fb:f7:af:
d6:63:a9:d8:55:aa:f3:cd:70:f2:26:ad:4a:f2:27:c8:59:3b:
d1:87:bb:f9:5f:a4:1c:62:76:16:b8:3e:8b:61:47:56:55:52:
5c:b5:cd:a9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQTPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDMwOTUxWhcNMjUwMTI3MDMwOTUxWjAYMRYw
FAYDVQQDEw02NzgwOGY4My0zMjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA07ljpU8DZqmF5Xuv20ILpbTV169O4mC4F8y36f7aoXdZi3nrMOR/DCkx
0dwx2k+LKUZ01RTIjF5ZLSjYj/NWMR1GRSpleYdRvTMrQaZYSFPME64lOT8U2ql/
cV9wNguQTMEOR9xPXIdrqh7X0noBkyLSOgrpC5Z9qel6TqxvDN00Pc1icEWxV7k3
ZGx4QskH6HfXBi1dZPxLyBBwHztqTkvw0BPhgvuK9PHeo3WK7VzJl8guDQ+HqpF7
97hnKVSBQk0RA2owyecNXGuI9igA9DJuKll3bCnuwgmo2rYsHg+CJFHoA6vVfcPW
O+YvXbqWAix2VKEEm5Pi8Qjw8iC5lQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC0s
OoYVs5j8d0JikqZ8i/0HGYEqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RDZFQjI3MENGMDAxMUVGQjQ4NUIzN0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPXIMA0GCSqGSIb3DQEBCwUA
A4IBAQAdgu/voVGS5k56oHQDTSaVvyOUnwllVMxpFAcjac3IVk4xP0KZTeYnaPK3
BxxMSILFHM2PXVIkWyxq4kX/HAXxQk49KQ/85SFJxqmPq3V8gPihqK4bUrrOQxLT
5VzYHc9vStvNmklWQp55g0f1sxTZWztyXowCBEZ7VwATPGqKDinqb/Cvnv7lNtjE
GI6vZfBhE0U2tgupAbyElci5zQztBbrWAgvynoZPq/RDFYAjeIQzgtNVHWomUXKK
eNlY+TBz0E2hZ41afS2yz1EzPZoJ96gD16n796/WY6nYVarzzXDyJq1K8ifIWTvR
h7v5X6QcYnYWuD6LYUdWVVJctc2p
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:42 2025 by rpki-client