Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65A24CFABA2811EFB789BA51762E951A.roa
File: 65A24CFABA2811EFB789BA51762E951A.roa (raw, json)
Hash identifier: tepJ+yttBlJM9v5WIWK49jLnokY0U7lRxwMIlySFL3Y=
Subject key identifier: 3C:04:09:97:51:02:05:8B:B8:10:81:63:CE:BE:10:E5:80:C8:A0:D5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E3B2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65A24CFABA2811EFB789BA51762E951A.roa
Signing time: Sat 14 Dec 2024 14:33:34 +0000
ROA not before: Sat 14 Dec 2024 14:33:30 +0000
ROA not after: Mon 20 Jan 2025 14:33:30 +0000
asID: 60223
IP address blocks: 156.253.224.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58290 (0xe3b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 14 14:33:30 2024 GMT
Not After : Jan 20 14:33:30 2025 GMT
Subject: CN=675d973e-5e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:56:d4:fd:16:df:27:b1:8f:c2:51:e4:1c:82:
09:fc:f0:11:42:b9:5e:23:6a:b1:b8:c2:97:63:0c:
fd:22:ca:6e:6f:6a:39:15:49:90:03:22:e6:81:cc:
08:6d:69:0d:7c:c1:11:8e:a6:f1:b4:bf:9d:94:8c:
5c:04:69:9e:8f:cc:bd:da:e1:54:81:8a:6e:69:f7:
03:2c:94:03:8e:47:1d:4c:1c:e4:ac:5a:1a:7b:5b:
78:c7:49:0c:56:e0:f8:43:6d:9a:8c:7c:c1:de:41:
46:85:c0:13:cf:64:d0:37:e8:b8:03:48:85:19:42:
99:ee:2f:87:f9:a3:94:9d:e0:17:d3:41:f3:f2:70:
6d:4f:c5:2c:d0:7e:92:68:af:de:d4:a8:c6:20:27:
e3:f2:ad:97:65:28:ea:cf:a2:cc:77:cc:6c:37:c0:
43:fa:00:3b:f5:0b:11:59:2b:d7:03:88:43:2e:8c:
2c:93:af:4d:49:22:34:59:ff:43:06:af:6f:83:29:
a1:cb:83:d9:a7:7d:0e:3d:9a:5e:40:a1:ad:f7:77:
6d:cb:b0:cd:09:5d:f1:d8:ae:29:c9:6a:19:bf:bf:
6e:7c:79:00:4e:3d:ea:07:ba:b4:d0:01:92:54:15:
e1:4f:84:b8:57:8c:a7:e4:29:3f:42:86:ca:ff:fa:
5f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:04:09:97:51:02:05:8B:B8:10:81:63:CE:BE:10:E5:80:C8:A0:D5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65A24CFABA2811EFB789BA51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.224.0/23
Signature Algorithm: sha256WithRSAEncryption
85:2d:a2:1c:f2:c5:00:a7:14:3f:8f:e1:ca:5f:f7:9f:c0:6a:
06:3a:70:c8:20:ef:d5:7b:a0:e2:f0:1f:93:3f:a8:00:f4:56:
de:0b:10:95:3b:c6:6f:58:9e:75:f0:c0:3e:1b:4f:9a:ac:9a:
0b:91:69:57:2e:1a:1a:3e:b6:32:f3:87:2e:b8:c7:8c:6b:af:
d2:e8:9f:c2:b4:5f:35:bc:5e:73:03:42:a9:d1:e9:7a:e7:34:
15:f6:10:06:6e:c9:ab:0c:72:13:f4:de:24:c1:36:01:56:e0:
f8:f5:73:53:4a:18:33:e8:47:2d:be:ac:d6:f4:e3:1c:ff:14:
2c:ad:11:55:38:a4:73:6f:af:64:df:1c:14:4f:5a:48:97:3e:
af:9c:20:0b:fb:01:4c:ca:60:5e:48:b9:ab:37:1a:e8:8d:4c:
03:cf:67:7b:e5:5b:9e:f1:9f:81:6e:c6:de:a5:0e:2f:1f:83:
93:1d:6e:d4:7c:57:fd:4c:a7:00:3f:58:40:4b:94:1d:c8:6b:
a4:db:91:4f:82:74:41:cc:1f:18:25:84:4a:31:42:8b:4d:f9:
5a:7e:1f:62:3e:69:82:45:1e:c8:22:ce:dc:72:ef:95:e0:03:
0e:76:7d:ae:20:61:73:86:30:fa:6e:62:0e:6a:3d:3d:07:77:
67:9d:bb:67
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOOyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE0MTQzMzMwWhcNMjUwMTIwMTQzMzMwWjAYMRYw
FAYDVQQDEw02NzVkOTczZS01ZTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAylbU/RbfJ7GPwlHkHIIJ/PARQrleI2qxuMKXYwz9Ispub2o5FUmQAyLm
gcwIbWkNfMERjqbxtL+dlIxcBGmej8y92uFUgYpuafcDLJQDjkcdTBzkrFoae1t4
x0kMVuD4Q22ajHzB3kFGhcATz2TQN+i4A0iFGUKZ7i+H+aOUneAX00Hz8nBtT8Us
0H6SaK/e1KjGICfj8q2XZSjqz6LMd8xsN8BD+gA79QsRWSvXA4hDLowsk69NSSI0
Wf9DBq9vgymhy4PZp30OPZpeQKGt93dty7DNCV3x2K4pyWoZv79ufHkATj3qB7q0
0AGSVBXhT4S4V4yn5Ck/QobK//pfwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDwE
CZdRAgWLuBCBY86+EOWAyKDVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NUEyNENGQUJBMjgxMUVGQjc4OUJBNTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP3gMA0GCSqGSIb3DQEBCwUA
A4IBAQCFLaIc8sUApxQ/j+HKX/efwGoGOnDIIO/Ve6Di8B+TP6gA9FbeCxCVO8Zv
WJ518MA+G0+arJoLkWlXLhoaPrYy84cuuMeMa6/S6J/CtF81vF5zA0Kp0el65zQV
9hAGbsmrDHIT9N4kwTYBVuD49XNTShgz6EctvqzW9OMc/xQsrRFVOKRzb69k3xwU
T1pIlz6vnCAL+wFMymBeSLmrNxrojUwDz2d75Vue8Z+BbsbepQ4vH4OTHW7UfFf9
TKcAP1hAS5QdyGuk25FPgnRBzB8YJYRKMUKLTflafh9iPmmCRR7IIs7ccu+V4AMO
dn2uIGFzhjD6bmIOaj09B3dnnbtn
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:34 2025 by rpki-client