Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72D32194F2C511EF928272A6762E951A.roa
File: 72D32194F2C511EF928272A6762E951A.roa (raw, json)
Hash identifier: FoNeWiYXPxMXKsFnCbd/z0CQsGjFlFPzC4QGYeNCst4=
Subject key identifier: A1:23:73:29:E0:D7:62:75:80:E9:4B:4A:72:D6:93:DC:D6:ED:45:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012C0B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72D32194F2C511EF928272A6762E951A.roa
Signing time: Mon 24 Feb 2025 15:38:52 +0000
ROA not before: Mon 24 Feb 2025 15:38:48 +0000
ROA not after: Sat 29 Mar 2025 15:38:48 +0000
asID: 203020
IP address blocks: 156.235.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76811 (0x12c0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 24 15:38:48 2025 GMT
Not After : Mar 29 15:38:48 2025 GMT
Subject: CN=67bc928c-4390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:19:bc:40:5e:a2:f2:4b:aa:44:7c:4e:57:1f:
ee:ac:60:13:ef:45:dc:cf:95:44:cb:5c:b4:dc:16:
6e:bc:93:8f:90:58:5b:15:a7:ad:e6:73:96:8c:f9:
e7:09:77:01:31:3e:5f:21:34:db:76:6e:a4:0a:3e:
79:60:cd:39:bc:04:f6:43:57:dd:d7:ef:98:54:21:
74:fb:78:1d:1c:b2:4e:08:a4:2b:56:b5:a1:4c:b5:
47:d2:6a:d2:19:a3:2c:5f:93:c2:c5:71:5a:0e:bd:
8f:95:7b:d6:d0:05:48:be:12:2d:08:2b:1c:19:ac:
b5:9f:51:cc:07:d6:c0:2f:4b:c6:cc:fc:a4:87:b1:
48:3b:ea:e1:92:24:cd:4d:4c:0d:98:1a:ad:c1:04:
30:99:e7:5c:ea:f8:49:d3:5e:b7:67:f5:fd:c9:56:
37:02:5a:33:ff:16:8c:d9:b3:c1:44:32:77:19:c2:
22:45:61:2a:c1:03:e9:58:5c:fa:68:f4:8c:ee:f1:
30:fa:06:0a:f7:0a:70:d5:71:ad:f3:26:69:dc:dd:
80:79:53:19:ed:c2:68:47:1a:30:5f:cc:7e:c4:d9:
17:8b:69:a5:b7:fb:28:93:95:ed:3d:f7:be:be:19:
1c:7d:a8:62:b7:9c:a6:08:f6:0a:41:a7:47:70:73:
dc:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:23:73:29:E0:D7:62:75:80:E9:4B:4A:72:D6:93:DC:D6:ED:45:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72D32194F2C511EF928272A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.24.0/22
Signature Algorithm: sha256WithRSAEncryption
73:d3:a3:52:41:18:58:86:c7:a1:db:8a:e9:92:bf:72:05:5a:
6c:08:be:8e:4d:ae:43:93:da:68:ff:29:d0:23:7d:4a:81:30:
dd:28:77:a2:05:fa:bf:6b:97:69:4c:73:56:e9:cc:e2:07:cb:
dc:b4:f3:76:05:95:b9:47:2d:83:53:e4:0e:44:de:ad:9b:3b:
0f:c9:41:d0:7f:64:0b:ac:05:46:50:66:c4:bc:95:51:68:62:
50:72:a2:b8:ac:ce:f3:25:d9:4d:6c:1e:ee:38:92:23:74:d1:
2f:c9:a4:ab:78:6b:ab:76:00:05:47:6c:07:c5:51:9c:3e:05:
a1:d8:54:fa:0b:f2:00:63:fc:9c:15:29:03:cc:ca:4c:c0:0f:
9c:1d:bd:34:a6:32:90:08:0f:b6:bd:33:0e:2a:45:a2:d8:4b:
e6:2f:c9:8d:fb:71:db:cd:f8:17:77:a5:5d:cd:4d:59:16:22:
16:66:e0:5e:b4:a1:c0:de:8a:64:d3:16:fe:f3:a4:9a:12:50:
90:a2:61:bb:71:0c:ca:4b:e2:b1:72:1e:a3:c8:d6:6e:30:34:
b0:3b:99:74:81:bc:ef:74:3d:de:b6:53:36:4f:f1:a4:e8:ff:
f7:fd:6a:45:05:a6:35:9e:64:e0:48:5e:f2:a0:6d:39:d2:9b:
59:da:fe:05
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASwLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI0MTUzODQ4WhcNMjUwMzI5MTUzODQ4WjAYMRYw
FAYDVQQDEw02N2JjOTI4Yy00MzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqhm8QF6i8kuqRHxOVx/urGAT70Xcz5VEy1y03BZuvJOPkFhbFaet5nOW
jPnnCXcBMT5fITTbdm6kCj55YM05vAT2Q1fd1++YVCF0+3gdHLJOCKQrVrWhTLVH
0mrSGaMsX5PCxXFaDr2PlXvW0AVIvhItCCscGay1n1HMB9bAL0vGzPykh7FIO+rh
kiTNTUwNmBqtwQQwmedc6vhJ0163Z/X9yVY3Aloz/xaM2bPBRDJ3GcIiRWEqwQPp
WFz6aPSM7vEw+gYK9wpw1XGt8yZp3N2AeVMZ7cJoRxowX8x+xNkXi2mlt/sok5Xt
Pfe+vhkcfahit5ymCPYKQadHcHPc6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKEj
cyng12J1gOlLSnLWk9zW7UUGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MkQzMjE5NEYyQzUxMUVGOTI4MjcyQTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOsYMA0GCSqGSIb3DQEBCwUA
A4IBAQBz06NSQRhYhseh24rpkr9yBVpsCL6OTa5Dk9po/ynQI31KgTDdKHeiBfq/
a5dpTHNW6cziB8vctPN2BZW5Ry2DU+QORN6tmzsPyUHQf2QLrAVGUGbEvJVRaGJQ
cqK4rM7zJdlNbB7uOJIjdNEvyaSreGurdgAFR2wHxVGcPgWh2FT6C/IAY/ycFSkD
zMpMwA+cHb00pjKQCA+2vTMOKkWi2EvmL8mN+3HbzfgXd6VdzU1ZFiIWZuBetKHA
3opk0xb+86SaElCQomG7cQzKS+Kxch6jyNZuMDSwO5l0gbzvdD3etlM2T/Gk6P/3
/WpFBaY1nmTgSF7yoG050ptZ2v4F
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:11:14 2025 by rpki-client