Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F04B7E6BB7611EFB12B618D762E951A.roa
File: 8F04B7E6BB7611EFB12B618D762E951A.roa (raw, json)
Hash identifier: KD/dDrrTj7L/D+xWbROYJablcvfbR3MMWcsbgLPlit8=
Subject key identifier: 1D:91:28:3F:F2:7C:77:DC:0E:40:55:3F:27:C1:8D:A9:4B:5B:9C:1D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E40A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F04B7E6BB7611EFB12B618D762E951A.roa
Signing time: Mon 16 Dec 2024 06:25:35 +0000
ROA not before: Mon 16 Dec 2024 06:25:32 +0000
ROA not after: Mon 20 Jan 2025 06:25:32 +0000
asID: 7018
IP address blocks: 156.253.240.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58378 (0xe40a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 16 06:25:32 2024 GMT
Not After : Jan 20 06:25:32 2025 GMT
Subject: CN=675fc7df-90e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:16:43:6d:da:e7:7f:5d:73:d9:44:25:e2:8f:
16:6c:f5:56:03:60:ef:d8:45:e3:5b:0e:bd:5b:38:
cd:80:3a:49:31:20:63:e6:be:f8:a3:21:e1:8a:9c:
f3:b3:03:8d:7e:d7:44:e6:50:9e:57:8f:d5:e5:3e:
1d:c5:dc:f4:80:b4:bc:ce:05:f2:be:52:19:0c:09:
10:d8:2e:82:f8:16:f9:80:58:96:4f:ad:c5:f2:d7:
cd:8d:05:1b:b0:7c:20:59:b8:1b:18:8e:d7:2f:34:
d7:77:53:e8:9e:47:26:68:10:3e:08:61:fc:f0:4d:
cd:ef:68:84:53:e4:77:6f:64:56:6e:3b:76:ee:7f:
c7:c9:b4:79:9f:07:da:57:fe:96:04:35:4b:23:77:
76:f1:8f:a1:85:0b:55:06:9b:0d:ff:13:2f:98:08:
77:df:0d:15:78:b4:80:48:0f:a6:90:ca:98:00:61:
ca:e1:89:56:e9:9c:05:6e:15:b5:eb:bb:4f:ad:7d:
96:e8:7c:90:e5:bd:fe:1b:57:04:82:9d:f3:c7:a4:
fb:61:fc:8f:eb:91:35:c4:a4:7e:6b:5e:63:ea:08:
36:e4:27:ba:dd:78:84:4b:01:41:f6:78:86:9e:53:
c9:58:fc:aa:d6:3e:82:46:91:3b:54:c8:c8:0d:c2:
70:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:91:28:3F:F2:7C:77:DC:0E:40:55:3F:27:C1:8D:A9:4B:5B:9C:1D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F04B7E6BB7611EFB12B618D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.240.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:97:21:96:73:d7:90:95:db:ac:6d:a2:66:a2:fa:6a:cb:54:
07:ee:cd:1c:2f:cf:4c:ee:f4:70:2b:6d:79:2a:9e:3b:4d:a6:
dd:21:ee:e6:96:52:d9:28:62:87:a0:90:ea:20:48:52:0b:e4:
f9:e4:10:97:96:59:81:c3:f9:18:c1:11:5c:d7:77:e0:bf:c9:
80:12:a9:72:c5:9a:9b:0c:0b:e7:4d:c0:68:33:02:fb:85:68:
24:cd:ed:bd:22:1d:15:8d:6d:68:fe:16:3b:7e:fc:7d:c2:5d:
c2:c8:21:02:22:65:8b:89:7d:17:7d:77:f8:a7:f8:f4:c3:84:
03:95:0a:c0:d2:0c:01:c3:c7:12:1c:ef:d8:6d:3c:60:da:a8:
a5:1a:65:94:6b:64:52:5d:4f:62:53:1b:6d:cf:95:3a:6c:8c:
af:d8:d4:b0:14:dc:a1:dd:38:0f:e0:ca:fb:bc:53:0c:2e:49:
87:68:fc:a1:ef:e7:7e:7f:1d:66:23:f3:59:5d:bf:a1:8d:f1:
73:ac:e8:92:3d:2c:f2:b4:ec:04:a7:f8:90:f0:71:4e:ea:0f:
91:e4:96:9d:34:41:42:d8:3c:6a:39:b1:85:ad:ff:74:03:cb:
c7:85:0a:43:ef:b6:52:99:0d:b8:7e:48:26:fd:d5:52:32:5e:
c4:0b:1e:42
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOQKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE2MDYyNTMyWhcNMjUwMTIwMDYyNTMyWjAYMRYw
FAYDVQQDEw02NzVmYzdkZi05MGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlhZDbdrnf11z2UQl4o8WbPVWA2Dv2EXjWw69WzjNgDpJMSBj5r74oyHh
ipzzswONftdE5lCeV4/V5T4dxdz0gLS8zgXyvlIZDAkQ2C6C+Bb5gFiWT63F8tfN
jQUbsHwgWbgbGI7XLzTXd1PonkcmaBA+CGH88E3N72iEU+R3b2RWbjt27n/HybR5
nwfaV/6WBDVLI3d28Y+hhQtVBpsN/xMvmAh33w0VeLSASA+mkMqYAGHK4YlW6ZwF
bhW167tPrX2W6HyQ5b3+G1cEgp3zx6T7YfyP65E1xKR+a15j6gg25Ce63XiESwFB
9niGnlPJWPyq1j6CRpE7VMjIDcJwawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB2R
KD/yfHfcDkBVPyfBjalLW5wdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RjA0QjdFNkJCNzYxMUVGQjEyQjYxOEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnP3wMA0GCSqGSIb3DQEBCwUA
A4IBAQCclyGWc9eQldusbaJmovpqy1QH7s0cL89M7vRwK215Kp47TabdIe7mllLZ
KGKHoJDqIEhSC+T55BCXllmBw/kYwRFc13fgv8mAEqlyxZqbDAvnTcBoMwL7hWgk
ze29Ih0VjW1o/hY7fvx9wl3CyCECImWLiX0XfXf4p/j0w4QDlQrA0gwBw8cSHO/Y
bTxg2qilGmWUa2RSXU9iUxttz5U6bIyv2NSwFNyh3TgP4Mr7vFMMLkmHaPyh7+d+
fx1mI/NZXb+hjfFzrOiSPSzytOwEp/iQ8HFO6g+R5JadNEFC2DxqObGFrf90A8vH
hQpD77ZSmQ24fkgm/dVSMl7ECx5C
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:13 2025 by rpki-client