Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/873CC2DEF2D911EF879AB3AF762E951A.roa
File: 873CC2DEF2D911EF879AB3AF762E951A.roa (raw, json)
Hash identifier: NN6PWC+ijJ7OiEVqfZZPfuCpGrUYN2pnrDRu/sYciyE=
Subject key identifier: 82:20:E8:DF:41:25:FF:B6:70:59:EC:3F:0C:C5:76:F5:56:19:C9:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012D1D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/873CC2DEF2D911EF879AB3AF762E951A.roa
Signing time: Mon 24 Feb 2025 18:02:36 +0000
ROA not before: Mon 24 Feb 2025 18:02:33 +0000
ROA not after: Sat 29 Mar 2025 18:02:33 +0000
asID: 203020
IP address blocks: 156.232.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77085 (0x12d1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 24 18:02:33 2025 GMT
Not After : Mar 29 18:02:33 2025 GMT
Subject: CN=67bcb43c-64d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:53:35:74:c8:63:e4:9a:5d:3f:f0:eb:26:fe:
f8:2f:52:79:ae:ea:8b:6d:af:79:cb:f5:b4:c3:1c:
4f:92:d7:dd:95:c4:6e:d8:15:cf:83:c3:f7:57:6c:
9a:d8:0c:62:18:8e:8e:48:f7:ab:09:7b:da:92:d6:
04:25:8d:80:63:89:c4:5d:bd:7d:fc:2e:dd:0e:7f:
c7:c1:e7:4d:9c:41:1f:b8:f0:a7:4c:8c:07:a4:a3:
66:b2:55:ca:ce:f8:8d:74:01:41:d9:13:6b:bc:38:
84:94:70:b3:9d:fb:01:f0:5f:06:1a:54:6a:5f:18:
a4:74:3c:8d:18:dc:90:33:13:b2:25:3c:65:7c:d9:
34:35:75:ab:1c:61:c0:d8:4e:1b:7d:17:00:5a:1d:
9f:96:c5:0c:74:82:62:44:42:ca:50:a5:ca:66:6f:
ed:a7:b0:05:5d:60:e4:7b:27:52:8a:53:a0:ac:a6:
d3:64:31:1a:7f:80:2d:36:c7:2c:15:f3:ab:4c:ea:
1f:37:37:41:b8:5e:3d:e5:9b:a1:04:b5:e2:6d:0b:
e9:6c:e2:e0:7c:fd:8b:b6:5c:bd:d7:c9:8b:38:3a:
f7:da:0f:a8:80:0a:0d:1d:19:18:0c:99:b4:8e:10:
d7:ad:87:c5:45:d4:c9:c6:cf:b2:b9:a5:d1:69:3e:
84:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:20:E8:DF:41:25:FF:B6:70:59:EC:3F:0C:C5:76:F5:56:19:C9:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/873CC2DEF2D911EF879AB3AF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.108.0/22
Signature Algorithm: sha256WithRSAEncryption
10:50:b7:24:3b:0b:fb:f1:97:e8:b2:da:5c:0d:f8:8c:1f:39:
7d:ee:17:2a:50:30:aa:91:4b:21:01:84:07:cc:39:cb:34:55:
e8:b1:2b:c2:64:dc:62:d3:c0:97:00:e8:33:32:3d:a6:05:7c:
cf:fb:c2:66:71:d8:e4:12:e2:17:c7:67:27:21:96:03:70:61:
3a:9d:8c:a9:bd:a8:94:b2:3c:20:9a:e2:36:23:ca:2a:71:f5:
f0:c0:35:0a:5f:10:de:e1:33:4c:5a:55:ac:61:7e:b9:67:c6:
8c:06:95:23:a6:55:0f:bd:4f:89:96:fc:b3:ee:fb:4d:e3:6d:
c6:92:f2:bc:68:21:5e:66:32:ac:50:fb:d1:c9:3b:90:b5:51:
33:51:f5:2f:ed:b7:7f:15:8b:89:f6:e3:25:8d:56:2d:7a:6b:
be:6a:3a:76:52:a1:cc:05:f4:b0:55:7d:b6:21:ff:b0:6d:f4:
9a:cc:28:b2:3c:77:35:33:df:c9:40:a9:ac:f7:6b:7c:56:d3:
7a:a1:5a:24:7e:ae:18:41:7f:f4:1c:3d:c3:d1:59:a0:ac:09:
73:70:a4:db:c3:c6:05:53:e6:0f:21:f7:a3:2c:96:ca:4f:0e:
4d:31:f4:31:02:37:d2:b6:e8:84:55:9c:67:33:98:f3:dd:86:
3b:2d:8c:f9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAS0dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI0MTgwMjMzWhcNMjUwMzI5MTgwMjMzWjAYMRYw
FAYDVQQDEw02N2JjYjQzYy02NGQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx1M1dMhj5JpdP/DrJv74L1J5ruqLba95y/W0wxxPktfdlcRu2BXPg8P3
V2ya2AxiGI6OSPerCXvaktYEJY2AY4nEXb19/C7dDn/HwedNnEEfuPCnTIwHpKNm
slXKzviNdAFB2RNrvDiElHCznfsB8F8GGlRqXxikdDyNGNyQMxOyJTxlfNk0NXWr
HGHA2E4bfRcAWh2flsUMdIJiRELKUKXKZm/tp7AFXWDkeydSilOgrKbTZDEaf4At
NscsFfOrTOofNzdBuF495ZuhBLXibQvpbOLgfP2Ltly918mLODr32g+ogAoNHRkY
DJm0jhDXrYfFRdTJxs+yuaXRaT6EkwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIIg
6N9BJf+2cFnsPwzFdvVWGckiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NzNDQzJERUYyRDkxMUVGODc5QUIzQUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOhsMA0GCSqGSIb3DQEBCwUA
A4IBAQAQULckOwv78ZfostpcDfiMHzl97hcqUDCqkUshAYQHzDnLNFXosSvCZNxi
08CXAOgzMj2mBXzP+8JmcdjkEuIXx2cnIZYDcGE6nYypvaiUsjwgmuI2I8oqcfXw
wDUKXxDe4TNMWlWsYX65Z8aMBpUjplUPvU+Jlvyz7vtN423GkvK8aCFeZjKsUPvR
yTuQtVEzUfUv7bd/FYuJ9uMljVYtemu+ajp2UqHMBfSwVX22If+wbfSazCiyPHc1
M9/JQKms92t8VtN6oVokfq4YQX/0HD3D0VmgrAlzcKTbw8YFU+YPIfejLJbKTw5N
MfQxAjfStuiEVZxnM5jz3YY7LYz5
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:58:25 2025 by rpki-client