Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77B051CACE6F11EFA54FAE5D762E951A.roa
File: 77B051CACE6F11EFA54FAE5D762E951A.roa (raw, json)
Hash identifier: wgUtGe4ZvaMDQ7c9wtdL90JQ4BKm+FiYHzvezOFA8tA=
Subject key identifier: 5C:4D:71:F9:A7:93:3C:F0:0C:C6:F1:80:4A:FF:EB:BB:7B:BB:F4:51
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010322
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77B051CACE6F11EFA54FAE5D762E951A.roa
Signing time: Thu 09 Jan 2025 09:52:42 +0000
ROA not before: Thu 09 Jan 2025 09:52:38 +0000
ROA not after: Wed 22 Jan 2025 09:52:38 +0000
asID: 5065
IP address blocks: 156.233.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66338 (0x10322)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 09:52:38 2025 GMT
Not After : Jan 22 09:52:38 2025 GMT
Subject: CN=677f9c6a-0f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:06:75:b8:f9:2d:48:91:80:61:35:61:62:8f:
ea:c3:87:a5:85:ff:34:7d:93:af:8f:83:42:38:b9:
c0:8c:3c:e5:17:64:a4:8e:ca:5a:0d:e5:85:38:89:
79:81:d2:fd:47:39:c9:5d:3d:f2:57:15:52:68:74:
5e:6b:7f:5a:b3:8d:cc:30:c7:dc:a5:d2:cd:97:ba:
e8:61:3c:4f:6e:93:e3:79:a3:a7:fc:bb:d7:6a:21:
6d:7a:b2:7c:e9:1f:78:97:68:7d:23:78:3d:47:e7:
15:92:98:c8:54:3e:e2:25:cc:10:00:a1:3f:a9:d8:
a5:33:b5:14:78:9a:39:2c:67:4c:0e:64:42:08:38:
8e:09:3d:cc:0a:3f:3c:91:89:c9:ed:2d:eb:e9:c7:
0a:23:95:a3:41:b4:e7:57:64:b8:ec:71:a2:7c:7c:
16:f8:b8:3f:76:69:f6:0b:fa:7d:6e:db:55:f7:6c:
5a:8c:f6:0c:9b:a1:a5:97:3c:84:f9:76:f2:1f:93:
62:47:a9:72:a9:13:8c:91:bd:22:0d:40:6d:b0:91:
c9:f1:f0:86:6c:3f:61:6e:ee:28:b8:e0:7f:e5:d2:
67:41:d1:1a:2b:95:bb:9a:3a:54:cf:2e:90:75:22:
a3:42:fd:6a:35:fb:7a:d7:15:8a:7a:3d:ac:02:0f:
a4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4D:71:F9:A7:93:3C:F0:0C:C6:F1:80:4A:FF:EB:BB:7B:BB:F4:51
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77B051CACE6F11EFA54FAE5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.20.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:f6:63:a0:f0:9d:38:d4:6e:3e:92:c5:a4:b2:dc:a7:06:73:
84:4e:df:87:90:7c:2b:cc:8e:00:2b:08:77:e3:96:cf:8f:77:
90:7b:ca:f8:e1:95:06:9e:7a:72:07:c2:86:e7:d6:2c:d2:35:
38:8c:e4:09:c5:15:b5:bd:90:66:12:e8:82:17:7f:72:b4:ee:
b9:4d:3d:39:bd:bf:1e:dc:e2:76:e3:9f:a8:72:8d:fe:de:70:
52:3e:cf:e0:aa:07:89:8e:c0:7d:9d:85:6f:de:26:60:e9:f2:
79:a7:43:61:6f:82:e9:4f:26:0e:e2:60:e4:bd:82:46:b5:b4:
57:f6:f2:78:4e:69:05:9f:92:95:72:1c:4c:3d:e3:b1:84:60:
50:09:c6:72:86:d4:83:08:89:00:c8:02:03:21:2c:04:ab:2e:
49:e8:49:73:78:26:47:20:96:aa:44:51:26:3b:89:06:31:f5:
36:e4:18:7c:6a:60:52:88:79:33:18:02:c2:23:6f:a5:8d:a0:
17:e1:75:e8:41:ed:71:38:62:42:e4:c5:36:46:30:ec:04:83:
38:46:3c:d7:e8:d4:5c:b0:d9:97:6a:7c:cd:28:b8:61:fb:6b:
e8:c3:8f:e8:a7:62:4b:c6:76:c0:ed:e6:52:55:e2:a3:02:51:
b0:57:89:b2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQMiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDk1MjM4WhcNMjUwMTIyMDk1MjM4WjAYMRYw
FAYDVQQDEw02NzdmOWM2YS0wZjg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2wZ1uPktSJGAYTVhYo/qw4elhf80fZOvj4NCOLnAjDzlF2SkjspaDeWF
OIl5gdL9RznJXT3yVxVSaHRea39as43MMMfcpdLNl7roYTxPbpPjeaOn/LvXaiFt
erJ86R94l2h9I3g9R+cVkpjIVD7iJcwQAKE/qdilM7UUeJo5LGdMDmRCCDiOCT3M
Cj88kYnJ7S3r6ccKI5WjQbTnV2S47HGifHwW+Lg/dmn2C/p9bttV92xajPYMm6Gl
lzyE+XbyH5NiR6lyqROMkb0iDUBtsJHJ8fCGbD9hbu4ouOB/5dJnQdEaK5W7mjpU
zy6QdSKjQv1qNft61xWKej2sAg+kdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFxN
cfmnkzzwDMbxgEr/67t7u/RRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83N0IwNTFDQUNFNkYxMUVGQTU0RkFFNUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOkUMA0GCSqGSIb3DQEBCwUA
A4IBAQCr9mOg8J041G4+ksWkstynBnOETt+HkHwrzI4AKwh345bPj3eQe8r44ZUG
nnpyB8KG59Ys0jU4jOQJxRW1vZBmEuiCF39ytO65TT05vb8e3OJ245+oco3+3nBS
Ps/gqgeJjsB9nYVv3iZg6fJ5p0Nhb4LpTyYO4mDkvYJGtbRX9vJ4TmkFn5KVchxM
PeOxhGBQCcZyhtSDCIkAyAIDISwEqy5J6ElzeCZHIJaqRFEmO4kGMfU25Bh8amBS
iHkzGALCI2+ljaAX4XXoQe1xOGJC5MU2RjDsBIM4RjzX6NRcsNmXanzNKLhh+2vo
w4/op2JLxnbA7eZSVeKjAlGwV4my
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:11 2025 by rpki-client