Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8ED452F6C1C811EF8393FA53762E951A.roa
File: 8ED452F6C1C811EF8393FA53762E951A.roa (raw, json)
Hash identifier: jo1jhkRyGYL8RhVlaiuZ8pt1h4WueNClCTjeOzFXSMw=
Subject key identifier: F4:A1:67:17:77:3B:98:11:15:B1:77:AE:A1:B1:AA:81:69:86:34:2D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E877
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8ED452F6C1C811EF8393FA53762E951A.roa
Signing time: Tue 24 Dec 2024 07:27:41 +0000
ROA not before: Tue 24 Dec 2024 07:27:37 +0000
ROA not after: Tue 28 Jan 2025 07:27:37 +0000
asID: 61112
IP address blocks: 156.226.168.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59511 (0xe877)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 24 07:27:37 2024 GMT
Not After : Jan 28 07:27:37 2025 GMT
Subject: CN=676a626c-b003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4a:12:31:e1:ac:f0:6e:2c:43:47:12:56:16:
a3:fd:df:61:3b:94:08:52:8b:e0:0e:f8:e7:3f:c0:
5a:73:fb:52:ac:c5:c8:ca:66:22:3c:45:c2:ec:75:
2b:57:36:57:71:fa:ae:65:6b:21:00:46:61:81:23:
64:c1:90:ac:4b:01:32:37:d7:50:23:dd:34:ee:06:
ab:b0:69:dc:aa:d1:cb:d4:3f:1c:a0:f9:87:f8:f2:
54:1d:22:18:ad:c6:30:9e:67:8a:de:4e:19:c7:ca:
c6:73:46:dd:dc:ce:66:56:0a:33:fb:bf:7e:84:3d:
a2:15:b8:46:85:1a:9c:5f:90:7b:61:d4:41:b5:d8:
f8:ed:fb:ce:64:91:83:0a:ca:c6:c7:31:18:52:aa:
71:86:25:b5:64:ed:b4:83:2a:7a:5f:41:d2:1d:eb:
be:e3:61:b8:ea:04:25:e5:f5:36:d6:dc:0e:b9:bc:
99:4a:80:3a:de:8b:8e:77:e7:d3:fc:4b:cd:43:13:
79:37:3a:4d:2c:ef:36:34:72:45:c8:75:6a:d1:68:
03:29:20:1a:e2:fc:5b:3f:79:f8:82:28:c4:ee:d0:
ae:d8:2e:73:27:2a:b1:d7:ee:aa:e6:ed:09:e8:df:
99:c8:a7:75:c4:13:de:b4:8e:5d:da:9c:db:9c:75:
91:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A1:67:17:77:3B:98:11:15:B1:77:AE:A1:B1:AA:81:69:86:34:2D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8ED452F6C1C811EF8393FA53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.168.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:91:ac:e6:88:3e:01:7c:4e:42:de:6e:a6:d7:6a:36:21:2d:
b6:94:c2:48:06:d9:47:d3:16:ba:bd:c4:b6:b4:51:57:d5:7d:
83:f8:7d:32:e8:96:7c:b7:2b:56:5e:d4:67:de:d0:99:3b:3a:
c9:de:40:2a:fb:03:85:55:8a:94:5f:98:41:ea:f4:ca:dd:d9:
ff:52:89:2a:d8:b9:c6:3a:58:ff:2c:d1:8c:fd:af:0f:c0:1a:
d0:eb:d7:f8:3f:1d:29:8b:88:03:04:76:64:ba:75:8d:78:96:
40:a2:85:c1:c9:3e:0e:3a:ce:34:0a:09:f9:7a:83:6a:28:10:
7e:02:3c:68:3a:6c:c0:b8:99:09:46:b4:bf:b0:f2:c8:c5:3d:
d6:82:c2:9c:86:1b:80:04:0f:bf:3e:62:c1:58:b3:48:2e:a9:
dc:30:2c:f9:9e:c7:dd:43:19:1c:58:b0:00:f7:bd:4c:f8:39:
04:15:7a:b4:6e:b1:08:bd:03:16:1f:15:2b:12:77:43:ae:85:
ee:e5:bf:c6:65:79:db:aa:d7:56:3e:7b:ce:bb:c1:a8:b1:6d:
cd:00:72:05:1c:e2:c3:96:a9:c6:0b:27:ff:18:9b:89:24:11:
3d:f5:9c:17:29:24:5d:65:20:57:09:d9:ac:1e:dc:8e:2a:7d:
b7:b5:06:70
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOh3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI0MDcyNzM3WhcNMjUwMTI4MDcyNzM3WjAYMRYw
FAYDVQQDEw02NzZhNjI2Yy1iMDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1EoSMeGs8G4sQ0cSVhaj/d9hO5QIUovgDvjnP8Bac/tSrMXIymYiPEXC
7HUrVzZXcfquZWshAEZhgSNkwZCsSwEyN9dQI9007garsGncqtHL1D8coPmH+PJU
HSIYrcYwnmeK3k4Zx8rGc0bd3M5mVgoz+79+hD2iFbhGhRqcX5B7YdRBtdj47fvO
ZJGDCsrGxzEYUqpxhiW1ZO20gyp6X0HSHeu+42G46gQl5fU21twOubyZSoA63ouO
d+fT/EvNQxN5NzpNLO82NHJFyHVq0WgDKSAa4vxbP3n4gijE7tCu2C5zJyqx1+6q
5u0J6N+ZyKd1xBPetI5d2pzbnHWRXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPSh
Zxd3O5gRFbF3rqGxqoFphjQtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RUQ0NTJGNkMxQzgxMUVGODM5M0ZBNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOKoMA0GCSqGSIb3DQEBCwUA
A4IBAQAvkazmiD4BfE5C3m6m12o2IS22lMJIBtlH0xa6vcS2tFFX1X2D+H0y6JZ8
tytWXtRn3tCZOzrJ3kAq+wOFVYqUX5hB6vTK3dn/Uokq2LnGOlj/LNGM/a8PwBrQ
69f4Px0pi4gDBHZkunWNeJZAooXByT4OOs40Cgn5eoNqKBB+AjxoOmzAuJkJRrS/
sPLIxT3WgsKchhuABA+/PmLBWLNILqncMCz5nsfdQxkcWLAA971M+DkEFXq0brEI
vQMWHxUrEndDroXu5b/GZXnbqtdWPnvOu8GosW3NAHIFHOLDlqnGCyf/GJuJJBE9
9ZwXKSRdZSBXCdmsHtyOKn23tQZw
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:17 2025 by rpki-client