Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/842E9D3AD00411EFAE925F6A762E951A.roa
File: 842E9D3AD00411EFAE925F6A762E951A.roa (raw, json)
Hash identifier: UUFy/qXLGDvli5k2R2HduUf31sLzWl3mMd5Ku+EgVgs=
Subject key identifier: 89:61:23:89:5D:E6:FE:D4:46:54:65:14:37:FA:2D:B2:8D:3B:9D:44
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0105A4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/842E9D3AD00411EFAE925F6A762E951A.roa
Signing time: Sat 11 Jan 2025 10:12:09 +0000
ROA not before: Sat 11 Jan 2025 10:12:05 +0000
ROA not after: Sat 25 Jan 2025 10:12:05 +0000
asID: 54801
IP address blocks: 156.240.0.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66980 (0x105a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 10:12:05 2025 GMT
Not After : Jan 25 10:12:05 2025 GMT
Subject: CN=678243f9-d666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2a:32:55:45:92:09:1c:0d:24:44:ba:19:c3:
82:b1:77:55:1a:8a:11:65:25:59:0a:10:4d:0d:0d:
08:c7:96:53:be:ff:f5:88:c5:9b:a7:53:8a:1d:c5:
58:77:93:05:c4:05:95:be:f0:05:b9:5c:14:5f:f0:
06:6d:e1:7c:d1:f0:af:8b:82:61:e8:c9:01:ba:bd:
90:76:bd:4d:a3:84:75:6c:6d:ae:ab:70:f6:02:44:
87:01:fc:2f:97:d4:01:29:05:2f:2e:3b:f3:04:45:
b0:2c:36:b6:9e:4c:4c:50:c5:6b:c3:8c:cc:3b:a8:
ba:37:48:ed:f4:8d:46:9f:80:a0:47:cc:58:32:17:
dc:77:3b:8a:7a:cf:19:e2:bd:95:2f:9c:96:cd:09:
5a:90:66:ad:07:17:c4:9d:be:d4:d8:35:86:33:b6:
e0:40:c5:6c:b7:cb:a5:ed:77:c7:c6:3a:9b:0e:14:
ca:01:b6:c5:31:43:e2:2a:b5:27:3b:4d:ec:da:44:
90:6e:28:0d:e8:de:7b:48:a3:bd:00:69:e1:98:d3:
32:ad:b9:b5:8a:ba:a5:5e:44:27:c9:26:bd:bc:20:
f3:d9:35:4b:0f:58:88:75:20:0f:45:e3:3d:b4:5a:
a4:38:8c:2b:2b:92:e8:d1:c4:f8:38:3d:ab:82:4e:
a3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:61:23:89:5D:E6:FE:D4:46:54:65:14:37:FA:2D:B2:8D:3B:9D:44
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/842E9D3AD00411EFAE925F6A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6e:e1:f4:50:16:a9:bd:5e:b5:88:42:cf:db:bd:4f:bc:95:78:
e1:25:7c:70:1a:1b:8d:1d:e5:d3:a3:0f:b8:da:85:98:fa:14:
44:d7:35:ae:3c:64:b9:e7:76:41:64:3c:fb:8b:86:c3:d0:f8:
8a:a2:5d:dc:ac:41:81:81:47:20:aa:da:6e:df:88:6e:11:e6:
a9:f2:6e:79:24:c2:7e:fd:4a:71:3d:a4:f9:d6:da:e3:ac:b6:
1e:fe:c1:48:84:c7:4a:9e:90:cd:bd:6d:c2:55:26:3f:54:e7:
47:1a:13:21:12:64:92:e4:69:9a:e3:58:e3:6d:8f:d8:9b:92:
7e:36:8c:5d:f8:64:16:36:b0:0b:dd:a3:37:7c:80:bd:f7:4e:
ff:0e:54:92:71:d6:92:20:c1:fe:27:e2:e4:6c:f9:f2:a8:08:
44:5a:0c:0f:f8:00:0d:c7:3d:bf:d9:45:64:af:1f:13:10:3d:
ec:5c:9c:b3:6a:0b:89:09:6b:06:2a:6a:9c:1a:f5:a1:cd:0b:
0d:9a:a7:f6:47:75:e3:f5:db:5d:65:12:84:7a:d2:e4:6b:27:
f5:99:cb:08:a3:56:a1:35:f2:30:31:63:55:d2:a4:a9:b6:7e:
35:5c:4c:00:e6:2c:2f:cf:b4:db:f9:49:3c:05:55:9e:6e:b5:
19:cf:5d:f8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQWkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTAxMjA1WhcNMjUwMTI1MTAxMjA1WjAYMRYw
FAYDVQQDEw02NzgyNDNmOS1kNjY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApyoyVUWSCRwNJES6GcOCsXdVGooRZSVZChBNDQ0Ix5ZTvv/1iMWbp1OK
HcVYd5MFxAWVvvAFuVwUX/AGbeF80fCvi4Jh6MkBur2Qdr1No4R1bG2uq3D2AkSH
Afwvl9QBKQUvLjvzBEWwLDa2nkxMUMVrw4zMO6i6N0jt9I1Gn4CgR8xYMhfcdzuK
es8Z4r2VL5yWzQlakGatBxfEnb7U2DWGM7bgQMVst8ul7XfHxjqbDhTKAbbFMUPi
KrUnO03s2kSQbigN6N57SKO9AGnhmNMyrbm1irqlXkQnySa9vCDz2TVLD1iIdSAP
ReM9tFqkOIwrK5Lo0cT4OD2rgk6joQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIlh
I4ld5v7URlRlFDf6LbKNO51EMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NDJFOUQzQUQwMDQxMUVGQUU5MjVGNkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnPAAMA0GCSqGSIb3DQEBCwUA
A4IBAQBu4fRQFqm9XrWIQs/bvU+8lXjhJXxwGhuNHeXTow+42oWY+hRE1zWuPGS5
53ZBZDz7i4bD0PiKol3crEGBgUcgqtpu34huEeap8m55JMJ+/UpxPaT51trjrLYe
/sFIhMdKnpDNvW3CVSY/VOdHGhMhEmSS5Gma41jjbY/Ym5J+Noxd+GQWNrAL3aM3
fIC9907/DlSScdaSIMH+J+LkbPnyqAhEWgwP+AANxz2/2UVkrx8TED3sXJyzaguJ
CWsGKmqcGvWhzQsNmqf2R3Xj9dtdZRKEetLkayf1mcsIo1ahNfIwMWNV0qSptn41
XEwA5iwvz7Tb+Uk8BVWebrUZz134
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:10 2025 by rpki-client