Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/606E31D0CE7E11EFA883E2B8762E951A.roa
File: 606E31D0CE7E11EFA883E2B8762E951A.roa (raw, json)
Hash identifier: DtpjlDT3JvG0eCbgnwV52erLPSJhM0xGXUHDLLAgq+c=
Subject key identifier: F1:47:8E:65:E3:E8:59:B4:6A:3D:0A:23:13:6B:92:AC:F6:DF:70:7D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01037A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/606E31D0CE7E11EFA883E2B8762E951A.roa
Signing time: Thu 09 Jan 2025 11:39:25 +0000
ROA not before: Thu 09 Jan 2025 11:39:21 +0000
ROA not after: Wed 22 Jan 2025 11:39:21 +0000
asID: 5065
IP address blocks: 156.239.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66426 (0x1037a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 11:39:21 2025 GMT
Not After : Jan 22 11:39:21 2025 GMT
Subject: CN=677fb56d-0146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:71:38:3d:9e:e3:c2:0d:b7:b4:61:78:f6:b1:
a6:ba:26:6f:8c:cc:79:0b:ce:14:81:45:13:34:31:
59:ea:2c:0f:c8:38:21:2e:0e:7a:9a:1b:dc:b8:55:
0c:33:fe:ee:d8:a9:89:15:e6:dd:45:5f:c3:57:49:
08:51:29:99:f0:08:4c:7b:56:a5:03:2d:2a:28:69:
cf:7e:08:ea:da:df:e6:20:90:77:ad:c2:78:85:ee:
55:08:92:9c:aa:db:7b:2e:4f:9e:f0:23:1f:c5:65:
26:66:1b:9a:7f:3f:7b:c5:8c:12:f4:43:01:e4:09:
20:2e:e9:46:99:f0:cc:0c:60:35:22:00:bd:75:b0:
9a:7c:e5:45:47:c4:e1:a1:82:23:9b:82:78:d1:d1:
60:9f:fd:7f:6c:6d:9e:69:8b:5d:25:9d:2c:9f:58:
9d:12:fb:24:93:35:d3:68:b4:6b:61:b4:c3:f9:81:
0e:34:b4:27:d5:4f:60:fc:91:d3:6d:93:12:49:d1:
da:20:dd:d8:13:1a:d1:20:2d:21:dc:0b:9b:4c:19:
92:54:6a:60:c2:15:18:1e:4e:28:a6:c7:10:f8:a2:
16:9b:3a:eb:bf:0d:7b:7b:08:ca:2a:fb:42:8b:1e:
30:4f:3c:1d:14:de:c4:c1:70:dd:6b:fa:37:d5:27:
e8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:47:8E:65:E3:E8:59:B4:6A:3D:0A:23:13:6B:92:AC:F6:DF:70:7D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/606E31D0CE7E11EFA883E2B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.143.0/24
Signature Algorithm: sha256WithRSAEncryption
71:5a:38:f1:bb:34:be:9c:73:03:71:2e:e4:3d:e6:22:70:2d:
81:4f:5f:15:9b:03:81:16:7a:7b:f3:e6:25:53:61:a9:4f:ca:
16:a5:42:c4:3c:81:cd:c8:8b:1d:f8:fd:5a:86:45:57:a4:f6:
e5:76:e0:f4:91:cd:d8:be:ab:1a:62:bc:35:35:25:58:2f:c7:
cd:a0:9c:a9:e3:b4:93:bf:3f:d0:90:8f:68:d6:90:b1:53:0c:
07:80:81:e5:99:69:d5:6c:8a:4f:19:2c:7e:b7:dd:a2:2c:41:
2b:9e:69:fc:a8:4a:63:a0:2d:ad:85:1d:ea:5c:04:8d:50:ff:
0d:66:26:45:55:9c:e5:07:61:0c:d2:2b:48:0d:6c:8b:d1:af:
e9:75:18:b6:e4:2b:6d:27:24:62:43:70:4f:1c:a0:8b:92:51:
4a:2b:f5:74:65:4e:45:75:f7:66:6b:55:a8:5b:0a:7c:f7:47:
22:08:a0:77:8c:23:68:41:62:b0:1a:8f:88:8b:e4:b6:89:3a:
e5:1f:dc:1d:6c:ec:72:56:70:65:13:3b:1f:ec:91:42:33:1d:
55:56:9c:df:e5:67:09:c2:01:41:30:68:ec:68:fb:2e:db:d8:
a5:d6:13:a4:44:6c:dc:ba:87:20:6a:65:d4:b3:bd:bc:bc:e3:
fb:ea:8e:09
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQN6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTEzOTIxWhcNMjUwMTIyMTEzOTIxWjAYMRYw
FAYDVQQDEw02NzdmYjU2ZC0wMTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA/nE4PZ7jwg23tGF49rGmuiZvjMx5C84UgUUTNDFZ6iwPyDghLg56mhvc
uFUMM/7u2KmJFebdRV/DV0kIUSmZ8AhMe1alAy0qKGnPfgjq2t/mIJB3rcJ4he5V
CJKcqtt7Lk+e8CMfxWUmZhuafz97xYwS9EMB5AkgLulGmfDMDGA1IgC9dbCafOVF
R8ThoYIjm4J40dFgn/1/bG2eaYtdJZ0sn1idEvskkzXTaLRrYbTD+YEONLQn1U9g
/JHTbZMSSdHaIN3YExrRIC0h3AubTBmSVGpgwhUYHk4opscQ+KIWmzrrvw17ewjK
KvtCix4wTzwdFN7EwXDda/o31SfonQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPFH
jmXj6Fm0aj0KIxNrkqz233B9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MDZFMzFEMENFN0UxMUVGQTg4M0UyQjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO+PMA0GCSqGSIb3DQEBCwUA
A4IBAQBxWjjxuzS+nHMDcS7kPeYicC2BT18VmwOBFnp78+YlU2GpT8oWpULEPIHN
yIsd+P1ahkVXpPblduD0kc3YvqsaYrw1NSVYL8fNoJyp47STvz/QkI9o1pCxUwwH
gIHlmWnVbIpPGSx+t92iLEErnmn8qEpjoC2thR3qXASNUP8NZiZFVZzlB2EM0itI
DWyL0a/pdRi25CttJyRiQ3BPHKCLklFKK/V0ZU5Fdfdma1WoWwp890ciCKB3jCNo
QWKwGo+Ii+S2iTrlH9wdbOxyVnBlEzsf7JFCMx1VVpzf5WcJwgFBMGjsaPsu29il
1hOkRGzcuocgamXUs728vOP76o4J
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:21 2025 by rpki-client