Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/797C9A34BEB811EFA0360F88762E951A.roa
File: 797C9A34BEB811EFA0360F88762E951A.roa (raw, json)
Hash identifier: F5xheIb/o+g9KSEOMh1AGxSt9fL0aUKC07tPB64ibCo=
Subject key identifier: F0:EB:CB:C7:0A:B9:9B:73:53:7F:51:1E:11:14:11:C8:1E:D5:AA:01
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E76D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/797C9A34BEB811EFA0360F88762E951A.roa
Signing time: Fri 20 Dec 2024 09:54:59 +0000
ROA not before: Fri 20 Dec 2024 09:54:56 +0000
ROA not after: Sun 02 Feb 2025 09:54:56 +0000
asID: 48031
IP address blocks: 156.236.22.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59245 (0xe76d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 09:54:56 2024 GMT
Not After : Feb 2 09:54:56 2025 GMT
Subject: CN=67653ef3-c20e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:bb:ca:18:0b:4f:40:a2:dd:46:a9:ef:94:df:
42:b6:1b:08:ae:b5:85:19:34:3c:71:47:de:b6:a9:
7e:3c:dd:b3:e1:1b:0b:a0:da:26:02:a7:23:db:e6:
f3:e1:a3:24:6b:89:f2:8e:a4:2c:11:81:76:ab:89:
df:84:8a:05:c4:d1:f5:86:ce:f8:af:df:5b:9e:78:
50:02:8d:e1:93:3d:46:d9:f0:87:2e:7e:25:d9:1f:
b2:ac:7c:31:f1:1e:37:bd:dc:01:94:be:62:2e:f5:
0c:0c:66:c2:23:00:70:9a:17:56:47:90:33:e8:35:
f0:25:73:72:8d:eb:5d:7c:07:11:09:10:4c:f4:5d:
15:ab:78:d5:ba:02:65:48:a0:73:dc:5e:a3:3f:32:
66:aa:a5:47:c5:1c:d0:18:58:4f:2b:dc:ff:ae:bb:
03:8d:c3:60:9f:bf:63:62:6f:1c:88:bf:4c:cf:96:
46:a7:b9:0e:50:c2:0b:bc:60:d2:5c:6a:b6:09:68:
6a:80:cc:a2:95:0f:13:18:cb:41:ae:03:52:d8:08:
85:08:ed:9d:bb:ad:dc:35:f3:dc:21:52:74:c4:4c:
ae:aa:b7:3b:b8:21:52:68:60:70:3d:68:38:3e:0f:
24:34:fb:34:a7:11:9e:17:24:46:e7:f1:94:23:10:
b1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EB:CB:C7:0A:B9:9B:73:53:7F:51:1E:11:14:11:C8:1E:D5:AA:01
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/797C9A34BEB811EFA0360F88762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.22.0/23
Signature Algorithm: sha256WithRSAEncryption
62:1d:a6:60:6c:55:45:bc:b0:73:79:4e:57:4c:dd:b5:06:3e:
59:17:b2:ec:d9:83:48:8a:c3:7a:5d:d4:63:d6:fd:8f:2c:4e:
4f:2a:df:b9:da:7a:1b:a3:2f:fb:88:11:a0:7f:43:0a:8d:a3:
3a:5b:e5:6a:e6:de:c2:5d:30:2c:21:3f:36:75:28:0d:2d:b5:
27:21:30:85:c3:81:d5:b4:22:57:a2:30:4c:c4:75:94:6e:7f:
e9:e4:b2:4b:0d:c6:a7:d2:53:f9:e8:27:2d:88:3a:b1:86:d1:
e9:df:9d:f5:98:b0:97:49:7a:a8:ca:8b:86:cf:75:cf:de:fb:
dd:34:9d:4d:54:2f:dd:4f:1a:fd:8b:e2:ea:be:6e:02:02:30:
84:75:d0:15:cf:49:14:37:a5:52:be:f1:97:6b:6a:a9:30:07:
d0:ba:53:93:27:54:22:a0:f0:4d:e7:af:80:6f:6d:06:c0:46:
36:c6:97:ed:4a:23:b9:03:f6:ed:5f:f5:63:5b:b6:15:d4:68:
77:72:79:d9:77:b9:da:83:18:3a:71:53:24:f7:41:87:84:2d:
d7:d6:19:3a:4c:a9:69:ed:54:85:2b:f3:64:7f:fc:41:05:a3:
59:36:27:3f:65:0b:13:20:34:4b:26:e8:e3:be:6a:5e:3e:5d:
10:4b:55:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOdtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDk1NDU2WhcNMjUwMjAyMDk1NDU2WjAYMRYw
FAYDVQQDEw02NzY1M2VmMy1jMjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA67vKGAtPQKLdRqnvlN9CthsIrrWFGTQ8cUfetql+PN2z4RsLoNomAqcj
2+bz4aMka4nyjqQsEYF2q4nfhIoFxNH1hs74r99bnnhQAo3hkz1G2fCHLn4l2R+y
rHwx8R43vdwBlL5iLvUMDGbCIwBwmhdWR5Az6DXwJXNyjetdfAcRCRBM9F0Vq3jV
ugJlSKBz3F6jPzJmqqVHxRzQGFhPK9z/rrsDjcNgn79jYm8ciL9Mz5ZGp7kOUMIL
vGDSXGq2CWhqgMyilQ8TGMtBrgNS2AiFCO2du63cNfPcIVJ0xEyuqrc7uCFSaGBw
PWg4Pg8kNPs0pxGeFyRG5/GUIxCxIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPDr
y8cKuZtzU39RHhEUEcge1aoBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83OTdDOUEzNEJFQjgxMUVGQTAzNjBGODg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOwWMA0GCSqGSIb3DQEBCwUA
A4IBAQBiHaZgbFVFvLBzeU5XTN21Bj5ZF7Ls2YNIisN6XdRj1v2PLE5PKt+52nob
oy/7iBGgf0MKjaM6W+Vq5t7CXTAsIT82dSgNLbUnITCFw4HVtCJXojBMxHWUbn/p
5LJLDcan0lP56CctiDqxhtHp3531mLCXSXqoyouGz3XP3vvdNJ1NVC/dTxr9i+Lq
vm4CAjCEddAVz0kUN6VSvvGXa2qpMAfQulOTJ1QioPBN56+Ab20GwEY2xpftSiO5
A/btX/VjW7YV1Gh3cnnZd7nagxg6cVMk90GHhC3X1hk6TKlp7VSFK/Nkf/xBBaNZ
Nic/ZQsTIDRLJujjvmpePl0QS1VO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:13 2025 by rpki-client