Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77AC34C6CABB11EFB1A5BBBC762E951A.roa
File: 77AC34C6CABB11EFB1A5BBBC762E951A.roa (raw, json)
Hash identifier: HdG7DlqgCcQoBPb/HPeTvq1fVWzk2lpQXpGlV9OB+0I=
Subject key identifier: C8:4E:91:9C:92:B5:E2:FA:64:1F:D9:83:F9:FF:BA:DC:20:B5:F0:5B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6FA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77AC34C6CABB11EFB1A5BBBC762E951A.roa
Signing time: Sat 04 Jan 2025 16:46:39 +0000
ROA not before: Sun 05 Jan 2025 16:46:35 +0000
ROA not after: Wed 15 Jan 2025 16:46:35 +0000
asID: 39600
IP address blocks: 156.238.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63226 (0xf6fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 16:46:35 2025 GMT
Not After : Jan 15 16:46:35 2025 GMT
Subject: CN=677965ef-a348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:da:45:2a:4c:e4:a1:97:0d:f7:56:c8:5c:e2:
37:da:42:75:41:d3:45:a6:bd:8b:1a:4f:de:a9:ea:
27:c6:18:39:60:cf:47:ef:6d:fc:35:b4:b2:83:ec:
3b:6e:48:06:9b:36:5d:fb:50:6f:95:d9:78:5d:8c:
f5:3f:9d:04:08:ca:b1:95:e9:f3:11:4e:76:40:52:
52:60:48:00:c2:9b:cd:03:7f:97:f8:c6:4e:59:9d:
9f:2c:1c:c8:1a:07:2f:ac:5b:c1:98:6f:65:a9:67:
fb:b4:1e:89:bb:c7:c1:8a:3a:db:48:36:f0:2a:3d:
1c:65:ad:90:63:d0:56:ab:13:a1:40:a2:04:a4:f7:
44:44:6d:35:7b:5b:63:a7:48:c6:1f:1f:0e:f2:26:
bd:a5:17:76:31:68:f6:af:aa:00:bd:1e:13:48:74:
93:e4:f2:b9:9e:78:67:55:b4:f7:dc:3d:54:c7:cc:
c6:9f:f1:77:f0:26:3f:f5:70:7f:72:92:74:f8:35:
08:53:e7:55:9c:c6:df:32:ac:df:50:a3:d2:9d:c6:
98:ee:aa:f7:3d:03:0a:fc:fe:76:fd:53:d4:82:70:
1f:eb:35:da:47:ba:e6:8f:b5:11:16:d4:d1:02:42:
d3:e6:d5:5d:a0:c6:6e:ef:ed:52:68:cd:4e:95:3e:
5b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:4E:91:9C:92:B5:E2:FA:64:1F:D9:83:F9:FF:BA:DC:20:B5:F0:5B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77AC34C6CABB11EFB1A5BBBC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.165.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:1f:f0:75:9c:e6:87:65:61:a8:be:65:af:47:61:4c:56:f1:
31:1f:8e:e5:d7:8c:c7:c5:d3:b1:0d:d3:2e:c3:61:5e:b0:cd:
4d:b5:57:a2:9e:6f:58:8a:ac:98:79:b3:46:6c:72:02:73:ad:
ac:f8:76:0b:bc:06:89:c5:3b:af:b0:ef:3b:c6:74:20:a6:2e:
80:79:5a:57:ca:dd:c5:32:87:61:f9:bb:55:24:5d:0e:a1:21:
65:0f:e0:86:07:3e:6f:94:4d:1d:6e:9a:02:cc:99:16:26:0e:
a4:f5:05:17:83:b5:c8:64:3a:16:09:00:d4:de:08:f8:df:49:
64:b8:28:c8:a1:15:cd:58:1f:f0:48:70:97:2b:94:d4:84:6d:
a9:73:47:b9:4c:d1:5e:63:07:e4:98:66:e1:ff:5c:1b:a1:68:
fc:26:cc:9c:ee:d6:36:0c:56:a2:53:1b:93:19:2f:f9:28:8a:
4d:b5:30:51:f1:ad:9e:05:15:49:47:85:0b:cd:08:4f:c1:de:
86:12:0c:e5:06:4c:2f:f3:91:25:28:f9:42:26:d3:01:2e:ac:
d6:d9:d1:be:81:ca:ec:25:b9:43:8f:f3:85:65:8f:cc:e4:9b:
74:05:05:51:08:83:16:af:2b:80:7c:08:b4:4d:b3:94:ec:c7:
7d:4f:a5:51
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPb6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTY0NjM1WhcNMjUwMTE1MTY0NjM1WjAYMRYw
FAYDVQQDEw02Nzc5NjVlZi1hMzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2NpFKkzkoZcN91bIXOI32kJ1QdNFpr2LGk/eqeonxhg5YM9H7238NbSy
g+w7bkgGmzZd+1Bvldl4XYz1P50ECMqxlenzEU52QFJSYEgAwpvNA3+X+MZOWZ2f
LBzIGgcvrFvBmG9lqWf7tB6Ju8fBijrbSDbwKj0cZa2QY9BWqxOhQKIEpPdERG01
e1tjp0jGHx8O8ia9pRd2MWj2r6oAvR4TSHST5PK5nnhnVbT33D1Ux8zGn/F38CY/
9XB/cpJ0+DUIU+dVnMbfMqzfUKPSncaY7qr3PQMK/P52/VPUgnAf6zXaR7rmj7UR
FtTRAkLT5tVdoMZu7+1SaM1OlT5bvwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMhO
kZySteL6ZB/Zg/n/utwgtfBbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83N0FDMzRDNkNBQkIxMUVGQjFBNUJCQkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO6lMA0GCSqGSIb3DQEBCwUA
A4IBAQC6H/B1nOaHZWGovmWvR2FMVvExH47l14zHxdOxDdMuw2FesM1NtVeinm9Y
iqyYebNGbHICc62s+HYLvAaJxTuvsO87xnQgpi6AeVpXyt3FModh+btVJF0OoSFl
D+CGBz5vlE0dbpoCzJkWJg6k9QUXg7XIZDoWCQDU3gj430lkuCjIoRXNWB/wSHCX
K5TUhG2pc0e5TNFeYwfkmGbh/1wboWj8Jsyc7tY2DFaiUxuTGS/5KIpNtTBR8a2e
BRVJR4ULzQhPwd6GEgzlBkwv85ElKPlCJtMBLqzW2dG+gcrsJblDj/OFZY/M5Jt0
BQVRCIMWryuAfAi0TbOU7Md9T6VR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:23 2025 by rpki-client