Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/892A4C7CB21711EFA3628A99762E951A.roa
File: 892A4C7CB21711EFA3628A99762E951A.roa (raw, json)
Hash identifier: Bd8jF1CBtiG6zdbrX4gU4K+sofM4Xxh9xjG9vZqCfKo=
Subject key identifier: 95:9F:F3:87:A3:6C:1D:D3:9C:E3:75:F1:03:79:0D:C9:83:60:47:AE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DF5C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/892A4C7CB21711EFA3628A99762E951A.roa
Signing time: Wed 04 Dec 2024 08:12:43 +0000
ROA not before: Wed 04 Dec 2024 08:12:39 +0000
ROA not after: Thu 23 Jan 2025 08:12:39 +0000
asID: 63139
IP address blocks: 156.227.194.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57180 (0xdf5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 4 08:12:39 2024 GMT
Not After : Jan 23 08:12:39 2025 GMT
Subject: CN=67500efb-957c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:15:85:64:fa:d1:28:bc:ea:d9:01:78:4b:61:
bb:f2:a2:a4:de:28:f4:97:fc:fc:a6:d9:bd:99:29:
e2:92:6b:e7:30:da:9a:30:31:d1:d0:ea:8a:15:49:
28:f9:4b:39:e8:25:4e:9d:5e:62:52:73:aa:d1:06:
cc:91:e6:38:c7:56:67:a2:1f:0b:43:b2:d9:e1:48:
c9:d0:9d:0e:d7:e6:af:b9:52:38:1d:96:fa:4e:4b:
b0:2f:c8:a7:7c:bd:31:27:f4:36:50:b3:ab:56:f8:
d9:49:78:f7:d2:22:aa:f5:f0:df:ba:71:49:8f:23:
a5:7a:12:de:f5:96:ce:26:67:af:88:61:e1:ff:70:
71:25:fe:df:6d:f5:50:d1:18:d5:e2:be:0f:eb:71:
99:6d:04:3f:55:ee:74:d9:39:26:7e:32:73:fe:a7:
fd:2c:aa:e3:4c:5e:3b:a5:6f:c0:20:9d:79:56:59:
e4:e0:25:20:39:a4:23:e1:a4:8b:c2:43:15:31:5d:
cc:8c:cb:c9:d2:9a:ff:79:75:c7:e3:0b:3c:af:3e:
e0:1a:86:0c:a2:c2:f8:0d:30:6a:86:3b:ab:97:cb:
b7:3d:c7:07:3e:a6:7c:d6:6c:b5:d1:88:e5:e0:84:
99:e9:ac:c6:01:11:50:66:aa:34:f1:52:08:98:ac:
b2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9F:F3:87:A3:6C:1D:D3:9C:E3:75:F1:03:79:0D:C9:83:60:47:AE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/892A4C7CB21711EFA3628A99762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.194.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:31:6c:e5:80:06:61:e9:13:0a:43:ea:dd:1b:b5:7c:b0:d0:
84:f1:3c:96:bc:73:ad:4d:c7:1d:91:0e:0d:ec:6d:aa:1b:dc:
e6:76:6d:35:07:a6:5e:ad:02:85:1c:38:30:07:a1:80:8d:eb:
36:ac:14:be:4e:c7:0e:69:26:14:b9:6d:b7:f4:cd:34:9b:ff:
af:e7:ad:fa:d3:73:df:57:75:36:c6:11:cc:6d:7a:f4:ce:e6:
cb:e2:80:4e:ed:b9:52:8a:44:10:d7:73:61:2d:30:ae:a7:3b:
ac:a1:29:78:77:e8:13:cc:96:3d:aa:13:87:48:06:41:bb:5e:
5a:b2:27:a6:dd:f6:4a:e2:e0:6c:ea:9e:6a:51:1f:c3:a6:c0:
0e:48:11:e5:43:5b:4c:da:1b:72:21:7c:58:e1:aa:93:18:5f:
3a:35:db:bb:20:85:fd:a2:9f:bd:52:65:67:28:6f:36:07:ba:
14:f7:cc:16:ba:22:09:21:9d:7f:cd:ea:9a:00:fa:b1:6d:0b:
27:4c:bd:86:91:bf:0e:c9:d1:1e:84:db:bb:cf:82:2a:fb:93:
e4:39:96:5f:c9:de:99:ff:5c:81:1b:20:2e:75:0b:f7:a5:84:
37:67:2b:8d:e2:a7:70:ae:23:7d:07:7a:f1:37:8c:1c:34:52:
59:d3:b6:f8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAN9cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA0MDgxMjM5WhcNMjUwMTIzMDgxMjM5WjAYMRYw
FAYDVQQDEw02NzUwMGVmYi05NTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArxWFZPrRKLzq2QF4S2G78qKk3ij0l/z8ptm9mSnikmvnMNqaMDHR0OqK
FUko+Us56CVOnV5iUnOq0QbMkeY4x1Znoh8LQ7LZ4UjJ0J0O1+avuVI4HZb6Tkuw
L8infL0xJ/Q2ULOrVvjZSXj30iKq9fDfunFJjyOlehLe9ZbOJmeviGHh/3BxJf7f
bfVQ0RjV4r4P63GZbQQ/Ve502TkmfjJz/qf9LKrjTF47pW/AIJ15Vlnk4CUgOaQj
4aSLwkMVMV3MjMvJ0pr/eXXH4ws8rz7gGoYMosL4DTBqhjurl8u3PccHPqZ81my1
0Yjl4ISZ6azGARFQZqo08VIImKyy9QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJWf
84ejbB3TnON18QN5DcmDYEeuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84OTJBNEM3Q0IyMTcxMUVGQTM2MjhBOTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOPCMA0GCSqGSIb3DQEBCwUA
A4IBAQB9MWzlgAZh6RMKQ+rdG7V8sNCE8TyWvHOtTccdkQ4N7G2qG9zmdm01B6Ze
rQKFHDgwB6GAjes2rBS+TscOaSYUuW239M00m/+v563603PfV3U2xhHMbXr0zubL
4oBO7blSikQQ13NhLTCupzusoSl4d+gTzJY9qhOHSAZBu15asiem3fZK4uBs6p5q
UR/DpsAOSBHlQ1tM2htyIXxY4aqTGF86Ndu7IIX9op+9UmVnKG82B7oU98wWuiIJ
IZ1/zeqaAPqxbQsnTL2Gkb8OydEehNu7z4Iq+5PkOZZfyd6Z/1yBGyAudQv3pYQ3
ZyuN4qdwriN9B3rxN4wcNFJZ07b4
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:46 2025 by rpki-client