Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/627C5B7ECC2011EFA8E32A9A762E951A.roa
File: 627C5B7ECC2011EFA8E32A9A762E951A.roa (raw, json)
Hash identifier: AkoM+zUoJy2T9rrBf9ccT4o5Wp+ANW/WceqPPOpRzCU=
Subject key identifier: 27:DE:C9:F8:79:2A:12:90:95:54:AC:35:D7:55:13:09:07:31:4C:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F8A3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/627C5B7ECC2011EFA8E32A9A762E951A.roa
Signing time: Mon 06 Jan 2025 11:21:33 +0000
ROA not before: Mon 06 Jan 2025 11:21:30 +0000
ROA not after: Wed 15 Jan 2025 11:21:30 +0000
asID: 40065
IP address blocks: 156.227.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63651 (0xf8a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 11:21:30 2025 GMT
Not After : Jan 15 11:21:30 2025 GMT
Subject: CN=677bbcbd-cf5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e5:56:db:0e:e3:d6:fc:6e:58:e8:9b:83:42:
1d:97:57:eb:93:7e:87:67:ea:10:48:d9:6b:f1:fc:
45:cb:19:28:47:ed:ef:60:4c:88:2c:b1:b5:25:b7:
cf:c5:c9:69:3a:53:d9:30:d0:4b:a0:70:70:e5:ff:
b0:fd:99:a0:61:a7:d3:27:a0:a2:db:71:2b:bb:b4:
5e:d4:c0:7c:85:62:6d:21:36:4e:9e:4f:f2:a7:b6:
78:90:7f:c3:5c:80:41:5a:58:e3:1d:03:26:b0:46:
6b:ac:7e:f4:31:b9:96:c4:d6:7d:ed:4e:0b:64:87:
b5:cf:b3:b1:ec:70:d8:e8:7e:49:cf:b7:1c:ad:e3:
75:51:1c:4e:a6:de:cf:2f:70:79:37:fd:44:12:92:
66:6e:15:59:73:d1:44:c1:e2:4e:15:ec:2e:f6:23:
b2:3a:89:be:88:1e:1c:7e:13:4f:bc:46:52:35:96:
ee:a4:10:34:84:26:81:11:50:4b:40:f6:e1:59:99:
25:2d:e8:a0:95:25:62:f5:38:39:d2:4a:6c:28:86:
8d:df:a5:49:3a:5e:e2:e6:72:42:ad:3e:d9:fa:e0:
ce:20:d0:28:ec:0c:06:c5:de:a8:71:dd:07:5c:37:
b4:b8:b5:2f:50:8e:1e:65:b1:02:3c:3e:75:e2:cc:
46:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:DE:C9:F8:79:2A:12:90:95:54:AC:35:D7:55:13:09:07:31:4C:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/627C5B7ECC2011EFA8E32A9A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.16.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:db:74:30:69:04:c9:ce:b8:20:62:76:8c:d5:01:15:68:36:
e4:3f:9e:f8:4d:58:6f:90:95:8a:3a:05:75:2c:e3:8e:27:98:
97:7d:79:d3:fc:7d:49:65:8e:5a:55:ff:5f:44:18:0b:4f:23:
3a:f2:f8:93:2b:85:14:a6:9e:ac:fd:e4:8a:91:65:b0:fc:8f:
e6:7d:3e:8f:32:8f:c4:fe:5a:3f:4d:25:38:5d:96:a2:2a:0f:
64:81:7b:ef:c9:a9:4a:51:11:3e:5c:7d:a2:88:de:44:7c:24:
3c:0f:19:7d:64:5d:77:08:e3:33:1c:91:6c:40:0f:b5:26:25:
6e:33:06:fa:ef:94:ec:8b:d1:95:4e:06:cd:92:90:fe:7f:d9:
dc:99:14:a3:fb:7e:6a:db:63:79:1e:d1:88:51:df:a7:f1:93:
a1:77:f4:db:33:ec:80:e3:a9:b3:86:8b:82:de:e3:09:d5:08:
c4:08:0f:83:46:99:83:ce:37:c8:65:99:1a:1d:63:00:d9:c4:
83:b3:9b:90:3e:2e:39:a7:ef:a7:55:61:4f:ae:f5:f1:dd:82:
eb:c5:d9:53:00:55:fc:bd:00:ab:3b:1a:c7:ce:ef:76:a7:a1:
e3:37:3d:e0:7e:88:df:6b:dd:59:be:fc:ac:51:35:25:bd:81:
e5:58:d5:d4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPijMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MTEyMTMwWhcNMjUwMTE1MTEyMTMwWjAYMRYw
FAYDVQQDEw02NzdiYmNiZC1jZjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqOVW2w7j1vxuWOibg0Idl1frk36HZ+oQSNlr8fxFyxkoR+3vYEyILLG1
JbfPxclpOlPZMNBLoHBw5f+w/ZmgYafTJ6Ci23Eru7Re1MB8hWJtITZOnk/yp7Z4
kH/DXIBBWljjHQMmsEZrrH70MbmWxNZ97U4LZIe1z7Ox7HDY6H5Jz7ccreN1URxO
pt7PL3B5N/1EEpJmbhVZc9FEweJOFewu9iOyOom+iB4cfhNPvEZSNZbupBA0hCaB
EVBLQPbhWZklLeiglSVi9Tg50kpsKIaN36VJOl7i5nJCrT7Z+uDOINAo7AwGxd6o
cd0HXDe0uLUvUI4eZbECPD514sxGPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCfe
yfh5KhKQlVSsNddVEwkHMUwbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MjdDNUI3RUNDMjAxMUVGQThFMzJBOUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOMQMA0GCSqGSIb3DQEBCwUA
A4IBAQBf23QwaQTJzrggYnaM1QEVaDbkP574TVhvkJWKOgV1LOOOJ5iXfXnT/H1J
ZY5aVf9fRBgLTyM68viTK4UUpp6s/eSKkWWw/I/mfT6PMo/E/lo/TSU4XZaiKg9k
gXvvyalKURE+XH2iiN5EfCQ8Dxl9ZF13COMzHJFsQA+1JiVuMwb675Tsi9GVTgbN
kpD+f9ncmRSj+35q22N5HtGIUd+n8ZOhd/TbM+yA46mzhouC3uMJ1QjECA+DRpmD
zjfIZZkaHWMA2cSDs5uQPi45p++nVWFPrvXx3YLrxdlTAFX8vQCrOxrHzu92p6Hj
Nz3gfojfa91ZvvysUTUlvYHlWNXU
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:07 2025 by rpki-client