Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72771A3CC29811EF915A5C8D762E951A.roa
File: 72771A3CC29811EF915A5C8D762E951A.roa (raw, json)
Hash identifier: Hr7JSR7xR3ng3wdjRzSJnJIpL6m6V3YLo2Xd3EtF3uI=
Subject key identifier: C1:4A:F6:E0:57:71:5A:7C:FB:67:98:42:ED:AD:0F:D6:01:64:B8:01
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E9D1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72771A3CC29811EF915A5C8D762E951A.roa
Signing time: Wed 25 Dec 2024 08:15:48 +0000
ROA not before: Wed 25 Dec 2024 08:15:45 +0000
ROA not after: Wed 29 Jan 2025 08:15:45 +0000
asID: 398478
IP address blocks: 156.229.176.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59857 (0xe9d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 08:15:45 2024 GMT
Not After : Jan 29 08:15:45 2025 GMT
Subject: CN=676bbf34-cc50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ed:36:ea:08:7b:b1:94:1f:cd:bb:b9:ca:e0:
c2:3c:66:7a:b4:1c:10:fd:d7:3b:98:ba:e6:13:61:
a6:ae:df:40:96:a1:89:e6:a0:dd:40:5b:a3:83:8f:
6f:39:32:73:53:1d:3b:a3:2f:c4:b8:20:46:82:d3:
e8:76:60:22:eb:5c:79:4b:d0:b9:d2:77:15:ca:fe:
7b:b9:14:69:46:a5:b6:40:d6:d7:f6:01:be:94:5f:
94:27:4c:d8:71:28:b6:b1:7a:5c:6c:e2:2a:1e:4f:
26:7d:7c:b7:39:54:4c:65:64:a3:d5:95:ed:73:61:
a3:e7:79:49:c8:25:9f:58:94:7a:74:a0:13:1f:b2:
2d:bc:51:d2:e0:5d:55:ec:58:e9:b2:89:7f:84:ba:
70:28:3d:89:09:18:a6:31:ec:b1:45:67:25:b7:80:
b4:13:93:14:e1:6a:8f:60:2b:a9:dc:14:c0:17:39:
dd:56:7e:34:b5:8a:32:41:9e:63:fb:59:8b:3a:81:
77:58:2b:e4:6c:c8:ae:0c:b4:12:14:b4:e8:ed:16:
1b:f6:91:9f:4b:fd:0f:d4:1f:e8:ee:74:b4:d2:a7:
ee:cc:27:2a:5a:73:b9:34:c7:43:d5:11:90:1f:5f:
94:89:6a:cd:ce:0b:ff:fe:83:52:cb:d5:05:91:6c:
49:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:4A:F6:E0:57:71:5A:7C:FB:67:98:42:ED:AD:0F:D6:01:64:B8:01
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72771A3CC29811EF915A5C8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.176.0/20
Signature Algorithm: sha256WithRSAEncryption
9e:8d:4a:32:8b:9d:56:b5:e0:3e:57:b1:56:db:fb:7a:fe:93:
ec:c5:d6:88:b2:48:65:e3:9a:03:5c:61:38:91:7f:8c:3a:20:
5f:e2:a4:0c:a6:b1:9e:5e:3c:1d:f1:7e:73:1c:fa:64:c2:b2:
f2:cd:05:73:75:a9:2b:b0:7e:04:90:eb:83:78:31:22:2a:33:
d2:fc:90:3a:a0:bd:92:66:ba:50:a3:c8:a4:cd:57:95:f4:39:
53:28:45:4c:19:fc:8a:a1:3d:11:05:f4:12:94:87:f9:93:ef:
85:29:80:7e:ee:64:5b:83:69:d7:75:c3:9f:4b:8b:ff:38:29:
ff:aa:d2:79:88:9b:a1:28:d6:7b:6b:17:d6:26:64:87:85:c1:
49:83:47:1a:d9:2f:18:7c:f0:72:ab:b9:c7:0a:b3:10:52:91:
de:2c:79:11:21:b5:53:2c:49:a2:10:f6:01:77:6f:d5:98:6a:
05:0f:8b:06:06:5f:c3:f8:aa:1b:80:f6:34:33:40:5e:ae:73:
41:76:ba:e9:ae:a8:d9:4b:c3:d7:0c:b4:47:13:45:16:c5:15:
45:26:e9:29:97:71:4b:46:b5:bc:72:f7:e3:fb:92:1a:ae:df:
79:f4:36:7a:9a:53:21:c8:de:a2:21:88:d0:36:68:0b:90:00:
a3:2e:c0:ee
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOnRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDgxNTQ1WhcNMjUwMTI5MDgxNTQ1WjAYMRYw
FAYDVQQDEw02NzZiYmYzNC1jYzUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoO026gh7sZQfzbu5yuDCPGZ6tBwQ/dc7mLrmE2Gmrt9AlqGJ5qDdQFuj
g49vOTJzUx07oy/EuCBGgtPodmAi61x5S9C50ncVyv57uRRpRqW2QNbX9gG+lF+U
J0zYcSi2sXpcbOIqHk8mfXy3OVRMZWSj1ZXtc2Gj53lJyCWfWJR6dKATH7ItvFHS
4F1V7Fjpsol/hLpwKD2JCRimMeyxRWclt4C0E5MU4WqPYCup3BTAFzndVn40tYoy
QZ5j+1mLOoF3WCvkbMiuDLQSFLTo7RYb9pGfS/0P1B/o7nS00qfuzCcqWnO5NMdD
1RGQH1+UiWrNzgv//oNSy9UFkWxJuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMFK
9uBXcVp8+2eYQu2tD9YBZLgBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83Mjc3MUEzQ0MyOTgxMUVGOTE1QTVDOEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOWwMA0GCSqGSIb3DQEBCwUA
A4IBAQCejUoyi51WteA+V7FW2/t6/pPsxdaIskhl45oDXGE4kX+MOiBf4qQMprGe
Xjwd8X5zHPpkwrLyzQVzdakrsH4EkOuDeDEiKjPS/JA6oL2SZrpQo8ikzVeV9DlT
KEVMGfyKoT0RBfQSlIf5k++FKYB+7mRbg2nXdcOfS4v/OCn/qtJ5iJuhKNZ7axfW
JmSHhcFJg0ca2S8YfPByq7nHCrMQUpHeLHkRIbVTLEmiEPYBd2/VmGoFD4sGBl/D
+KobgPY0M0BernNBdrrprqjZS8PXDLRHE0UWxRVFJukpl3FLRrW8cvfj+5Iart95
9DZ6mlMhyN6iIYjQNmgLkACjLsDu
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:51 2025 by rpki-client