Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F271694CADB11EFA3533D86762E951A.roa
File: 5F271694CADB11EFA3533D86762E951A.roa (raw, json)
Hash identifier: 06ZtGCb31P0j5uR+KQyOOrwQFRvW1j6QIRiNbtEbCs8=
Subject key identifier: 4E:A6:26:BE:CF:0F:B3:F7:A7:05:74:EB:A3:17:AF:4F:A7:1A:81:83
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F79A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F271694CADB11EFA3533D86762E951A.roa
Signing time: Sat 04 Jan 2025 20:35:01 +0000
ROA not before: Sun 05 Jan 2025 20:34:58 +0000
ROA not after: Tue 04 Feb 2025 20:34:58 +0000
asID: 269070
IP address blocks: 156.249.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63386 (0xf79a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 20:34:58 2025 GMT
Not After : Feb 4 20:34:58 2025 GMT
Subject: CN=67799b75-028e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:76:cb:9d:00:62:0c:13:b8:bf:67:35:bd:87:
ef:6b:49:04:d3:5e:a8:3a:93:1d:a1:3a:f2:10:e0:
7c:b9:ae:72:e0:f1:d4:45:bf:ee:f4:ee:28:a7:20:
1d:eb:e9:bc:7f:f4:79:80:9d:8d:b9:f2:27:21:c1:
72:b4:69:dc:a7:3f:d2:4c:37:03:c8:98:c1:d4:d7:
51:b0:32:fa:12:0e:13:65:59:62:ca:fa:7f:ad:85:
d8:8f:04:e9:25:86:ab:03:97:62:6e:6f:d3:2f:fb:
cf:a7:99:d3:e7:37:50:0a:1a:00:05:42:b6:97:65:
9d:e9:bc:99:dd:45:d9:e8:35:0e:94:fd:d7:86:41:
8b:c1:ea:2f:03:06:4b:d0:0d:ad:ab:e6:cc:ef:98:
ab:88:34:bf:39:5b:d3:34:7d:6e:7f:14:98:58:21:
54:5d:8d:4b:06:32:15:0d:e7:ba:79:79:84:9a:fc:
76:b4:79:b8:de:04:52:fe:ea:fd:13:fb:ef:ae:c5:
24:c5:56:79:46:c1:ce:d9:31:b3:dd:27:ea:32:36:
b7:26:89:f7:61:8d:9a:29:c9:7d:8f:b5:0e:b0:3a:
18:c1:33:f5:df:08:05:fc:c7:99:23:ea:4a:23:80:
4f:dd:90:0e:c5:83:89:c2:db:1c:16:93:65:13:d7:
93:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A6:26:BE:CF:0F:B3:F7:A7:05:74:EB:A3:17:AF:4F:A7:1A:81:83
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F271694CADB11EFA3533D86762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.64.0/22
Signature Algorithm: sha256WithRSAEncryption
78:bd:bf:9c:f7:7d:49:7b:1e:6d:de:52:78:29:3c:a1:49:0b:
ec:5f:2f:fe:72:ba:de:e5:e5:8c:ef:d3:78:21:34:da:e7:78:
9f:06:a1:6b:8d:e9:05:e1:4e:d2:c3:94:25:7c:c4:56:e0:e7:
1c:a9:b0:d3:ac:02:3d:f7:f3:08:59:4a:9a:74:d3:65:9f:dd:
83:06:f0:23:20:cb:14:24:77:22:2c:4d:70:4d:82:6d:25:74:
6c:b6:02:a7:97:fa:16:53:c9:3a:09:65:a7:fb:66:7b:5c:53:
4b:27:b3:7f:78:a7:7b:07:30:29:8d:a8:4f:e3:e1:8f:8c:fe:
b1:8f:fb:eb:86:72:3e:9c:58:b4:dd:6d:21:20:26:51:ed:9c:
62:60:e8:1d:4c:1a:a3:ba:83:49:ef:ae:ea:22:94:76:f6:cf:
1e:6d:95:86:53:f9:27:d5:30:bd:47:96:63:43:da:04:20:cf:
bc:38:da:60:ab:09:fc:40:6c:c4:58:b1:66:f7:c2:c8:b7:3a:
58:46:4f:55:af:97:da:46:dd:91:71:cd:bd:3a:90:b9:f1:ae:
84:5c:d1:73:df:7e:1f:68:4a:19:44:15:1a:0d:21:04:e5:c6:
5f:72:2e:7c:18:ab:a0:33:be:2e:7d:68:3c:b4:13:0a:52:73:
05:f3:8f:15
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPeaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjAzNDU4WhcNMjUwMjA0MjAzNDU4WjAYMRYw
FAYDVQQDEw02Nzc5OWI3NS0wMjhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx3bLnQBiDBO4v2c1vYfva0kE016oOpMdoTryEOB8ua5y4PHURb/u9O4o
pyAd6+m8f/R5gJ2NufInIcFytGncpz/STDcDyJjB1NdRsDL6Eg4TZVliyvp/rYXY
jwTpJYarA5dibm/TL/vPp5nT5zdQChoABUK2l2Wd6byZ3UXZ6DUOlP3XhkGLweov
AwZL0A2tq+bM75iriDS/OVvTNH1ufxSYWCFUXY1LBjIVDee6eXmEmvx2tHm43gRS
/ur9E/vvrsUkxVZ5RsHO2TGz3SfqMja3Jon3YY2aKcl9j7UOsDoYwTP13wgF/MeZ
I+pKI4BP3ZAOxYOJwtscFpNlE9eTMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE6m
Jr7PD7P3pwV066MXr0+nGoGDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RjI3MTY5NENBREIxMUVGQTM1MzNEODY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPlAMA0GCSqGSIb3DQEBCwUA
A4IBAQB4vb+c931Jex5t3lJ4KTyhSQvsXy/+crre5eWM79N4ITTa53ifBqFrjekF
4U7Sw5QlfMRW4OccqbDTrAI99/MIWUqadNNln92DBvAjIMsUJHciLE1wTYJtJXRs
tgKnl/oWU8k6CWWn+2Z7XFNLJ7N/eKd7BzApjahP4+GPjP6xj/vrhnI+nFi03W0h
ICZR7ZxiYOgdTBqjuoNJ767qIpR29s8ebZWGU/kn1TC9R5ZjQ9oEIM+8ONpgqwn8
QGzEWLFm98LItzpYRk9Vr5faRt2Rcc29OpC58a6EXNFz334faEoZRBUaDSEE5cZf
ci58GKugM74ufWg8tBMKUnMF848V
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:40 2025 by rpki-client