Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7AAC7DC6CEFC11EFA6340C5D762E951A.roa
File: 7AAC7DC6CEFC11EFA6340C5D762E951A.roa (raw, json)
Hash identifier: i2CjIkNbdOJser6TchLoIqjdelhMSkVmVOCoN7U8l7Q=
Subject key identifier: 49:76:63:54:A9:06:15:7A:4B:0E:E3:3A:CC:AC:AC:56:DB:D0:F7:C5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0104B3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7AAC7DC6CEFC11EFA6340C5D762E951A.roa
Signing time: Fri 10 Jan 2025 02:42:06 +0000
ROA not before: Fri 10 Jan 2025 02:42:02 +0000
ROA not after: Mon 27 Jan 2025 02:42:02 +0000
asID: 137547
IP address blocks: 156.245.188.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66739 (0x104b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 02:42:02 2025 GMT
Not After : Jan 27 02:42:02 2025 GMT
Subject: CN=678088fe-4f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e9:09:53:16:e1:5b:e6:aa:22:3d:51:46:ee:
19:9e:5e:20:c1:81:62:7b:97:d6:0c:da:77:c2:4f:
9e:40:9c:1a:04:a8:9e:10:b1:82:90:f2:e8:60:df:
6f:e4:d7:7f:1d:18:dd:3c:43:f8:a8:67:cb:5a:e1:
ac:ff:66:0a:4e:91:0b:e0:3d:c2:e5:35:d2:d1:45:
c9:7b:76:c1:82:ab:4a:bd:fd:1e:e5:97:f3:94:b9:
fe:a0:df:28:25:4c:75:4a:2a:8d:00:2b:74:88:19:
80:67:03:69:6c:74:20:37:06:75:78:01:0a:a2:d3:
3d:88:00:96:3f:f5:cf:d1:15:a0:77:6e:53:f9:7a:
59:cf:2a:ab:0b:c3:8c:17:1a:14:d6:a5:f5:e3:9b:
07:fc:46:f7:0e:c2:6d:70:29:dd:94:4e:18:fb:6d:
ba:43:a1:b3:f2:c3:3b:3f:44:e6:72:61:84:b5:b1:
eb:7f:b4:d7:07:c0:84:43:cb:56:da:8d:a6:92:fc:
61:a5:0f:a0:64:7f:5e:7b:8f:f6:39:75:1b:35:1b:
2c:de:54:82:ee:dc:9c:4f:17:16:10:dc:47:61:e8:
2c:d0:90:a2:08:46:b5:f5:34:29:22:52:8e:78:94:
aa:e5:73:10:c2:fc:75:79:f3:c8:4f:ee:bd:d8:75:
41:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:76:63:54:A9:06:15:7A:4B:0E:E3:3A:CC:AC:AC:56:DB:D0:F7:C5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7AAC7DC6CEFC11EFA6340C5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.188.0/23
Signature Algorithm: sha256WithRSAEncryption
75:b8:13:d9:67:56:52:01:30:39:5b:64:90:cd:d2:99:4d:d9:
39:0a:5c:6b:74:a0:9a:ee:7b:40:e4:dd:0a:de:49:62:d1:93:
9f:76:3b:db:ff:33:d4:88:24:89:61:c1:83:9c:18:f1:bf:67:
07:a3:4a:21:db:63:13:f1:28:79:20:c5:19:65:0d:8b:d1:fc:
19:21:4c:34:f0:a3:33:d2:be:f5:75:c9:0f:3b:63:44:ff:26:
54:29:db:22:1f:5d:a9:da:ac:ab:58:5c:65:65:f2:3e:0b:97:
cb:36:99:69:84:78:3c:5b:5e:4c:33:e0:ae:a6:e7:38:b2:58:
6c:e0:2e:a7:07:66:38:ce:47:48:5f:73:6a:cb:ad:b3:68:18:
e2:7c:16:c8:74:f0:d9:b1:83:d9:a5:d3:c9:1e:2d:ba:24:69:
a2:30:c5:0d:1b:4d:4f:34:a5:0b:ef:54:11:45:1a:91:be:81:
fc:8a:da:5e:9e:c4:bc:a0:23:97:17:39:c7:dc:4a:90:4a:9a:
2d:dd:cb:de:23:59:29:19:ce:bd:c1:08:58:44:32:ac:a1:a3:
e6:32:79:fd:24:f3:51:0a:7a:6a:a5:79:83:c7:05:4e:cb:ae:
0c:82:6d:35:02:2a:8f:33:2d:b5:bc:15:dc:78:ce:61:bb:04:
4d:5b:66:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQSzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDI0MjAyWhcNMjUwMTI3MDI0MjAyWjAYMRYw
FAYDVQQDEw02NzgwODhmZS00ZjcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApOkJUxbhW+aqIj1RRu4Znl4gwYFie5fWDNp3wk+eQJwaBKieELGCkPLo
YN9v5Nd/HRjdPEP4qGfLWuGs/2YKTpEL4D3C5TXS0UXJe3bBgqtKvf0e5ZfzlLn+
oN8oJUx1SiqNACt0iBmAZwNpbHQgNwZ1eAEKotM9iACWP/XP0RWgd25T+XpZzyqr
C8OMFxoU1qX145sH/Eb3DsJtcCndlE4Y+226Q6Gz8sM7P0TmcmGEtbHrf7TXB8CE
Q8tW2o2mkvxhpQ+gZH9ee4/2OXUbNRss3lSC7tycTxcWENxHYegs0JCiCEa19TQp
IlKOeJSq5XMQwvx1efPIT+692HVBhwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEl2
Y1SpBhV6Sw7jOsysrFbb0PfFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QUFDN0RDNkNFRkMxMUVGQTYzNDBDNUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPW8MA0GCSqGSIb3DQEBCwUA
A4IBAQB1uBPZZ1ZSATA5W2SQzdKZTdk5ClxrdKCa7ntA5N0K3kli0ZOfdjvb/zPU
iCSJYcGDnBjxv2cHo0oh22MT8Sh5IMUZZQ2L0fwZIUw08KMz0r71dckPO2NE/yZU
KdsiH12p2qyrWFxlZfI+C5fLNplphHg8W15MM+Cupuc4slhs4C6nB2Y4zkdIX3Nq
y62zaBjifBbIdPDZsYPZpdPJHi26JGmiMMUNG01PNKUL71QRRRqRvoH8itpensS8
oCOXFznH3EqQSpot3cveI1kpGc69wQhYRDKsoaPmMnn9JPNRCnpqpXmDxwVOy64M
gm01AiqPMy21vBXceM5huwRNW2a6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:17 2025 by rpki-client