Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7CEF0054CCDB11EF90CB8444762E951A.roa
File: 7CEF0054CCDB11EF90CB8444762E951A.roa (raw, json)
Hash identifier: 1zd9EAXrlNcMkdvOPLItsuiGaQi9V9CfhTMI5DxbtEc=
Subject key identifier: CE:2E:E5:96:64:88:DB:65:D6:55:23:F0:6F:AF:DD:0B:5E:CA:B5:D0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB5F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7CEF0054CCDB11EF90CB8444762E951A.roa
Signing time: Tue 07 Jan 2025 09:40:54 +0000
ROA not before: Tue 07 Jan 2025 09:40:50 +0000
ROA not after: Sat 18 Jan 2025 09:40:50 +0000
asID: 398704
IP address blocks: 156.245.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64351 (0xfb5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:40:50 2025 GMT
Not After : Jan 18 09:40:50 2025 GMT
Subject: CN=677cf6a6-55bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:62:e3:80:93:6e:6a:2b:53:01:2c:ef:a0:51:
42:ae:44:73:3f:fb:ba:b4:00:1a:fb:95:b3:e6:54:
4a:92:8c:bf:de:71:2c:ec:11:f1:4f:ca:6e:45:b3:
95:bf:c7:a6:ba:dd:bd:9f:6e:a6:e8:cb:6c:c7:b0:
b2:f8:3d:a7:69:b9:dd:48:57:2e:52:4c:0b:d6:54:
7c:7c:d6:31:37:12:91:6f:9f:fd:bf:df:db:2f:05:
0f:ad:10:10:ae:57:91:a7:5e:d0:ed:2f:43:18:21:
92:60:8e:78:0c:8f:30:b9:ed:1f:19:d8:3d:b9:2a:
01:ad:48:5d:a1:34:69:9f:6d:00:cc:9b:80:2c:26:
1e:38:9d:93:bf:cb:2d:78:8f:25:4f:25:2f:d0:e3:
44:db:84:39:4d:ce:30:e5:1d:de:0c:0c:5f:d3:78:
b5:7d:8b:23:b2:3a:ae:f0:02:37:0e:0c:43:07:2c:
a2:4a:9b:16:d4:c6:2c:17:98:e4:c0:df:05:99:e1:
0b:6a:de:74:dc:3a:4b:53:9b:de:37:71:84:26:ab:
2e:94:db:43:ba:17:87:ad:1f:d1:cd:b8:d7:8a:2c:
6c:a4:f1:91:5c:26:22:3d:ae:d9:a0:9f:3c:10:39:
64:f8:46:fa:80:5b:c1:58:12:59:5c:b7:4a:2a:89:
a3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:2E:E5:96:64:88:DB:65:D6:55:23:F0:6F:AF:DD:0B:5E:CA:B5:D0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7CEF0054CCDB11EF90CB8444762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.244.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:e9:53:27:83:c8:91:01:22:c9:0a:67:b0:da:76:12:c4:cd:
c4:19:f1:29:64:3a:6a:69:e2:cf:b5:f8:e1:f1:d8:61:2f:86:
d1:57:6a:95:c2:e9:90:95:c1:1a:6c:d4:e6:0f:03:3b:7e:3b:
90:fd:68:73:2c:df:43:8c:96:ad:88:8a:96:5a:e2:72:71:8f:
3f:f3:d7:d8:35:ce:5a:81:c5:52:9e:db:dc:2c:2e:b2:50:d4:
ee:97:94:96:2d:52:bb:0b:ea:bc:1b:4c:b0:e2:bc:f9:82:c4:
b6:4d:92:ac:d6:47:68:a7:cf:d1:66:b2:63:df:78:f4:8e:51:
4b:59:2d:28:f0:33:35:86:b2:df:94:c3:79:d3:56:e8:c6:5b:
2b:01:8d:b0:e1:d8:00:8f:94:69:cc:4b:99:cc:da:9b:ce:0d:
6a:0b:a1:97:d2:a9:d5:1f:b9:c7:d1:12:c6:c5:32:63:8d:e6:
db:9a:5c:02:b2:0e:59:2d:cd:b5:9f:64:b9:d4:ad:67:5b:09:
45:cf:27:1d:83:e5:84:a5:5c:8b:e0:97:cd:9e:5c:cc:c4:b8:
0f:81:0f:20:ed:a0:c1:bc:5a:6f:40:24:8a:53:52:d5:ad:39:
a4:2b:1f:d3:44:9a:c4:76:15:48:ed:4d:e3:92:36:e4:d8:31:
71:5f:b5:64
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPtfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDk0MDUwWhcNMjUwMTE4MDk0MDUwWjAYMRYw
FAYDVQQDEw02NzdjZjZhNi01NWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx2LjgJNuaitTASzvoFFCrkRzP/u6tAAa+5Wz5lRKkoy/3nEs7BHxT8pu
RbOVv8emut29n26m6Mtsx7Cy+D2nabndSFcuUkwL1lR8fNYxNxKRb5/9v9/bLwUP
rRAQrleRp17Q7S9DGCGSYI54DI8wue0fGdg9uSoBrUhdoTRpn20AzJuALCYeOJ2T
v8steI8lTyUv0ONE24Q5Tc4w5R3eDAxf03i1fYsjsjqu8AI3DgxDByyiSpsW1MYs
F5jkwN8FmeELat503DpLU5veN3GEJqsulNtDuheHrR/RzbjXiixspPGRXCYiPa7Z
oJ88EDlk+Eb6gFvBWBJZXLdKKomjLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM4u
5ZZkiNtl1lUj8G+v3QteyrXQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83Q0VGMDA1NENDREIxMUVGOTBDQjg0NDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPX0MA0GCSqGSIb3DQEBCwUA
A4IBAQCn6VMng8iRASLJCmew2nYSxM3EGfEpZDpqaeLPtfjh8dhhL4bRV2qVwumQ
lcEabNTmDwM7fjuQ/WhzLN9DjJatiIqWWuJycY8/89fYNc5agcVSntvcLC6yUNTu
l5SWLVK7C+q8G0yw4rz5gsS2TZKs1kdop8/RZrJj33j0jlFLWS0o8DM1hrLflMN5
01boxlsrAY2w4dgAj5RpzEuZzNqbzg1qC6GX0qnVH7nH0RLGxTJjjebbmlwCsg5Z
Lc21n2S51K1nWwlFzycdg+WEpVyL4JfNnlzMxLgPgQ8g7aDBvFpvQCSKU1LVrTmk
Kx/TRJrEdhVI7U3jkjbk2DFxX7Vk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:01 2025 by rpki-client