Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/82F9D058F2D511EF81B23D94762E951A.roa
File: 82F9D058F2D511EF81B23D94762E951A.roa (raw, json)
Hash identifier: LbzuufBPzDtNqfZd0NEIm4ziXkydSMRbO2Tl5ZkjwrU=
Subject key identifier: EB:30:6C:42:B2:47:D1:D4:BE:9D:40:4B:D2:9B:FA:96:A0:B1:B6:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012CF3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/82F9D058F2D511EF81B23D94762E951A.roa
Signing time: Mon 24 Feb 2025 17:33:51 +0000
ROA not before: Mon 24 Feb 2025 17:33:48 +0000
ROA not after: Sat 29 Mar 2025 17:33:48 +0000
asID: 203020
IP address blocks: 156.235.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77043 (0x12cf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 24 17:33:48 2025 GMT
Not After : Mar 29 17:33:48 2025 GMT
Subject: CN=67bcad7f-b483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1b:9d:e5:57:51:fa:52:fd:4e:31:16:73:86:
02:69:8d:7c:7b:19:32:be:04:f4:5d:66:eb:b0:af:
cc:5f:2f:ac:52:e6:51:7d:84:a1:7c:61:c3:c4:8b:
b3:08:af:2b:45:38:3e:bb:e9:02:6b:4a:59:50:6c:
b6:77:87:15:de:e5:6e:fb:b7:ea:0c:b1:84:5c:bf:
64:48:60:41:3a:45:58:7e:9a:1f:37:54:33:ce:ce:
e7:1f:82:7a:dc:9c:35:61:a6:bf:b8:c1:1c:d7:fa:
0c:f9:16:07:64:27:cf:50:eb:80:a3:93:d7:f2:6d:
54:06:af:a8:7e:37:ab:1d:89:51:d6:46:16:ce:48:
cb:23:e7:11:37:d4:3e:47:15:c4:d7:79:03:52:ea:
7d:63:3c:cb:07:21:17:06:1b:7b:2a:9b:2a:69:84:
fa:40:db:6b:6c:77:b7:29:e7:09:6e:1c:94:2b:98:
82:7b:78:6e:23:49:e1:a8:a0:aa:31:71:5d:f0:19:
fa:52:1b:7a:48:b4:2f:95:1e:fe:c7:1d:06:5d:a9:
e5:7f:68:e8:d5:73:08:c6:fe:b6:ec:92:9b:d6:43:
2b:8e:fa:10:e5:f7:79:c4:47:0b:64:c4:06:43:2a:
83:9d:53:09:f3:e7:a8:70:7d:58:62:d5:ea:0c:48:
da:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:30:6C:42:B2:47:D1:D4:BE:9D:40:4B:D2:9B:FA:96:A0:B1:B6:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/82F9D058F2D511EF81B23D94762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.24.0/22
Signature Algorithm: sha256WithRSAEncryption
78:a3:c4:e7:8d:48:70:57:57:6f:50:f1:a8:7c:28:51:a9:f4:
6d:17:55:6d:0c:4e:76:b2:f9:3e:c0:c3:41:9d:c9:79:c6:5a:
c7:60:f7:d6:80:70:d6:12:94:8d:73:9f:1c:21:c2:e2:f9:01:
39:cb:b6:e6:d4:37:56:9a:c9:ee:2c:a4:90:aa:3f:eb:6f:cb:
a1:73:67:c3:67:37:ac:29:f6:12:6b:b5:00:f9:11:8f:e1:79:
0f:ea:6e:e0:91:26:a3:77:40:44:ea:1a:ef:1b:18:ad:11:88:
2f:59:f9:dc:ba:69:4a:03:bb:d3:25:1d:e6:b4:ba:13:f8:59:
b3:d5:12:89:14:27:17:87:19:d4:e7:e9:ab:9c:a6:67:c2:40:
41:bf:4d:38:b6:6c:7f:dd:bf:c1:bd:7a:f3:aa:8c:e9:2d:21:
ad:cd:bf:3e:0b:90:f9:9c:54:64:56:1e:0c:a8:99:53:9a:01:
a0:d0:10:f6:ed:5a:f6:40:bc:95:a6:e6:1c:14:3b:af:3a:2f:
d5:27:d7:12:a7:97:a5:7d:91:ca:c2:89:44:2e:18:1c:70:65:
ea:86:11:19:db:8c:8b:ef:15:80:a0:2d:4c:6d:56:e2:c6:b8:
e8:58:96:66:23:ed:c8:b0:fb:ad:50:08:81:26:7b:ca:64:61:
79:f3:b4:90
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASzzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI0MTczMzQ4WhcNMjUwMzI5MTczMzQ4WjAYMRYw
FAYDVQQDEw02N2JjYWQ3Zi1iNDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvBud5VdR+lL9TjEWc4YCaY18exkyvgT0XWbrsK/MXy+sUuZRfYShfGHD
xIuzCK8rRTg+u+kCa0pZUGy2d4cV3uVu+7fqDLGEXL9kSGBBOkVYfpofN1Qzzs7n
H4J63Jw1Yaa/uMEc1/oM+RYHZCfPUOuAo5PX8m1UBq+ofjerHYlR1kYWzkjLI+cR
N9Q+RxXE13kDUup9YzzLByEXBht7KpsqaYT6QNtrbHe3KecJbhyUK5iCe3huI0nh
qKCqMXFd8Bn6Uht6SLQvlR7+xx0GXanlf2jo1XMIxv627JKb1kMrjvoQ5fd5xEcL
ZMQGQyqDnVMJ8+eocH1YYtXqDEjaKQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOsw
bEKyR9HUvp1AS9Kb+pagsbayMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MkY5RDA1OEYyRDUxMUVGODFCMjNEOTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOsYMA0GCSqGSIb3DQEBCwUA
A4IBAQB4o8TnjUhwV1dvUPGofChRqfRtF1VtDE52svk+wMNBncl5xlrHYPfWgHDW
EpSNc58cIcLi+QE5y7bm1DdWmsnuLKSQqj/rb8uhc2fDZzesKfYSa7UA+RGP4XkP
6m7gkSajd0BE6hrvGxitEYgvWfncumlKA7vTJR3mtLoT+Fmz1RKJFCcXhxnU5+mr
nKZnwkBBv004tmx/3b/BvXrzqozpLSGtzb8+C5D5nFRkVh4MqJlTmgGg0BD27Vr2
QLyVpuYcFDuvOi/VJ9cSp5elfZHKwolELhgccGXqhhEZ24yL7xWAoC1MbVbixrjo
WJZmI+3IsPutUAiBJnvKZGF587SQ
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:02:43 2025 by rpki-client