Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BC0F0CCCE8111EF9D3A8E4E762E951A.roa
File: 8BC0F0CCCE8111EF9D3A8E4E762E951A.roa (raw, json)
Hash identifier: D/e98mmSVxd8xDaOcw4WrqSpTjhEkubsc5+GEAdXXfU=
Subject key identifier: 54:A3:A0:8E:B1:12:51:5C:0A:3E:D2:05:78:AE:05:35:4A:C6:98:14
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0103A9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BC0F0CCCE8111EF9D3A8E4E762E951A.roa
Signing time: Thu 09 Jan 2025 12:02:06 +0000
ROA not before: Thu 09 Jan 2025 12:02:03 +0000
ROA not after: Wed 22 Jan 2025 12:02:03 +0000
asID: 22773
IP address blocks: 156.249.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66473 (0x103a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 12:02:03 2025 GMT
Not After : Jan 22 12:02:03 2025 GMT
Subject: CN=677fbabe-1eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7e:f7:a0:bc:49:27:30:98:e2:d1:85:ae:6d:
d7:a0:6e:52:02:ca:c3:36:4c:23:17:e0:08:25:d0:
4a:ac:37:bf:9c:e9:07:0f:12:33:2c:b3:d9:37:04:
cc:16:72:07:df:64:78:95:a9:39:50:3a:74:f0:a7:
98:67:48:2c:a3:31:49:9d:ac:3d:2d:eb:f4:b8:b0:
16:47:38:d2:93:20:6c:b6:86:b3:c0:f6:44:c8:fb:
2e:7d:12:88:60:cc:7f:b4:a3:73:f2:42:ac:d3:38:
8c:c3:de:02:20:82:4d:26:0c:98:80:db:c8:9f:29:
61:ae:75:0c:46:f7:5f:79:cc:a5:e1:4b:15:a4:db:
f1:54:4f:e7:99:43:a6:f2:c9:b2:24:0b:07:34:e4:
be:41:15:35:5c:4d:e3:cf:2e:c3:d3:28:7d:bc:8c:
ab:be:cb:be:1f:84:15:54:28:ea:41:57:7d:77:da:
4d:e5:ff:9a:b6:72:69:d8:a4:50:6a:ff:34:bc:31:
4d:68:1c:56:ea:de:75:77:dc:cf:ab:70:af:3a:06:
17:02:19:d3:39:b8:c6:30:01:af:2b:14:a8:c5:42:
81:a6:de:c6:dc:05:5f:4c:5d:90:cd:5d:ff:e5:15:
67:bd:06:44:7b:87:e0:d7:58:e4:24:38:bd:59:42:
55:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A3:A0:8E:B1:12:51:5C:0A:3E:D2:05:78:AE:05:35:4A:C6:98:14
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BC0F0CCCE8111EF9D3A8E4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.4.0/22
Signature Algorithm: sha256WithRSAEncryption
47:b9:13:f3:02:d4:c0:72:5b:59:8a:c0:53:1e:9c:89:82:96:
c2:09:0e:2c:f5:bb:db:eb:b5:d4:d9:25:b8:e1:6b:64:24:25:
e6:10:01:f6:7c:cc:80:4e:e6:4c:da:c0:c8:91:d0:cb:83:75:
da:ea:b8:f8:69:58:3a:2d:12:02:50:bc:bc:fd:f2:b7:09:96:
97:98:a9:b8:fc:84:d4:fa:2f:47:34:b3:b5:e8:aa:87:13:7a:
d2:42:0d:d3:d2:c9:ec:8c:b9:43:30:49:5b:c8:6f:e1:4a:6e:
2d:ad:9d:2f:f3:e7:48:35:8b:6b:d5:92:46:00:53:75:b3:ad:
7e:9e:9d:75:fa:da:30:7f:7e:3f:3e:21:01:27:8f:d0:3f:04:
60:45:65:c6:a5:d4:7a:0b:18:90:9f:5f:21:42:30:58:cd:d7:
e8:58:f0:51:e5:86:2f:d4:6a:6a:73:e1:12:a6:08:bd:f3:b5:
ac:5c:d3:24:52:c4:7f:01:98:c7:95:a6:d5:e2:5f:67:45:e7:
2d:ac:cf:6c:f2:c1:f1:89:25:f3:3b:13:59:b8:46:a2:f0:41:
25:5d:ea:69:f7:86:c3:e1:06:40:d6:b5:d5:6e:0c:90:9e:eb:
cf:75:c2:be:c2:d1:e9:e7:d2:47:77:ca:0a:2f:89:6a:04:de:
34:46:0c:c6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQOpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTIwMjAzWhcNMjUwMTIyMTIwMjAzWjAYMRYw
FAYDVQQDEw02NzdmYmFiZS0xZWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4H73oLxJJzCY4tGFrm3XoG5SAsrDNkwjF+AIJdBKrDe/nOkHDxIzLLPZ
NwTMFnIH32R4lak5UDp08KeYZ0gsozFJnaw9Lev0uLAWRzjSkyBstoazwPZEyPsu
fRKIYMx/tKNz8kKs0ziMw94CIIJNJgyYgNvInylhrnUMRvdfecyl4UsVpNvxVE/n
mUOm8smyJAsHNOS+QRU1XE3jzy7D0yh9vIyrvsu+H4QVVCjqQVd9d9pN5f+atnJp
2KRQav80vDFNaBxW6t51d9zPq3CvOgYXAhnTObjGMAGvKxSoxUKBpt7G3AVfTF2Q
zV3/5RVnvQZEe4fg11jkJDi9WUJVuQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFSj
oI6xElFcCj7SBXiuBTVKxpgUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QkMwRjBDQ0NFODExMUVGOUQzQThFNEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPkEMA0GCSqGSIb3DQEBCwUA
A4IBAQBHuRPzAtTAcltZisBTHpyJgpbCCQ4s9bvb67XU2SW44WtkJCXmEAH2fMyA
TuZM2sDIkdDLg3Xa6rj4aVg6LRICULy8/fK3CZaXmKm4/ITU+i9HNLO16KqHE3rS
Qg3T0snsjLlDMElbyG/hSm4trZ0v8+dINYtr1ZJGAFN1s61+np11+towf34/PiEB
J4/QPwRgRWXGpdR6CxiQn18hQjBYzdfoWPBR5YYv1Gpqc+ESpgi987WsXNMkUsR/
AZjHlabV4l9nRectrM9s8sHxiSXzOxNZuEai8EElXepp94bD4QZA1rXVbgyQnuvP
dcK+wtHp59JHd8oKL4lqBN40RgzG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:54 2025 by rpki-client