Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91CA3648F5CF11EF9783BA8B762E951A.roa
File: 91CA3648F5CF11EF9783BA8B762E951A.roa (raw, json)
Hash identifier: 4B1ZT+iPcV1JB0J3GMU5ekGQnPI2VW7GlhpVJQo4kF0=
Subject key identifier: 49:4C:A6:48:B1:B4:E3:98:B3:DF:BA:E2:A9:27:68:CA:18:F8:AD:85
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013D8E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91CA3648F5CF11EF9783BA8B762E951A.roa
Signing time: Fri 28 Feb 2025 12:28:52 +0000
ROA not before: Fri 28 Feb 2025 12:28:49 +0000
ROA not after: Mon 31 Mar 2025 12:28:49 +0000
asID: 398993
IP address blocks: 156.252.160.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81294 (0x13d8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 12:28:49 2025 GMT
Not After : Mar 31 12:28:49 2025 GMT
Subject: CN=67c1ac04-2821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d3:34:c2:11:4c:a2:23:df:f8:82:72:f4:40:
5c:94:0a:99:2c:c1:9e:51:c5:63:cf:df:8f:99:fa:
11:f1:a8:6f:c3:ff:7a:36:bb:9b:ab:2a:b7:da:4c:
ff:ab:75:83:a1:d0:53:d3:55:df:23:ab:02:99:3c:
2a:83:1b:e6:7b:b4:12:be:48:fd:00:e7:91:ca:d7:
e2:f3:25:ef:7e:6a:b9:43:87:3f:a8:af:a0:c8:ea:
e3:d9:16:a4:4c:c3:16:bc:29:28:58:a2:77:79:b5:
57:f9:e2:ea:bf:dc:6c:82:20:41:d3:3c:a2:78:43:
3e:55:9e:9b:8b:40:fa:0d:99:5f:08:6e:ba:b9:33:
67:73:aa:b5:69:a9:f7:49:f8:ff:40:ca:33:f1:d5:
a2:f1:48:cc:1c:29:bb:0e:75:7a:44:e6:b9:17:4d:
57:e1:dc:8d:e8:7b:90:8e:a5:18:aa:18:7c:ca:43:
4a:23:ab:ad:96:05:f4:6e:c5:16:8a:b3:c0:20:d1:
cd:bd:94:b4:93:e0:e3:61:7b:8c:fc:3f:1e:1a:9c:
8d:f7:a2:24:4a:ad:08:0e:fb:97:ba:c1:e5:84:40:
09:3a:69:f5:7c:00:10:6f:65:4f:fb:60:68:a1:92:
d9:a6:5b:84:03:25:53:cc:5f:51:ba:4a:2d:92:fa:
78:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:4C:A6:48:B1:B4:E3:98:B3:DF:BA:E2:A9:27:68:CA:18:F8:AD:85
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91CA3648F5CF11EF9783BA8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.160.0/20
Signature Algorithm: sha256WithRSAEncryption
9b:1c:4a:71:71:63:3e:8b:5a:c3:19:cd:e7:60:4d:4c:99:30:
5c:75:99:31:c0:2d:4c:8f:e2:55:a6:fb:9a:81:23:80:fe:cb:
63:db:30:30:8c:00:89:4c:a4:0d:68:a1:62:54:be:b5:a9:5c:
2c:1a:d7:10:12:5a:de:ab:fe:e9:5f:71:bf:d6:7e:48:f4:43:
dc:26:f5:2b:67:1c:a6:0a:45:08:cb:f5:56:5f:a9:89:b2:0b:
6d:4c:4c:42:c2:82:e3:b8:1d:1a:65:d6:56:8e:5e:d4:72:d7:
82:d2:36:2f:01:77:bd:5a:ea:3a:ca:fa:1e:c7:1d:0d:59:a6:
be:0e:fe:11:23:4c:a1:e8:2c:12:1e:30:c6:be:09:4b:c2:92:
0b:07:43:95:3a:e9:00:1d:d7:45:80:45:23:8c:a4:f3:13:41:
53:eb:16:26:5d:3b:be:2a:d6:4b:70:ad:c3:a6:25:3f:9a:78:
18:b9:d1:9a:de:d8:ff:ab:8e:37:8c:d9:58:11:12:c5:9d:c1:
e0:92:8d:f9:13:50:56:5b:ec:46:72:e4:10:3d:99:44:03:71:
62:05:6c:1d:64:d1:12:51:ca:aa:b3:88:3d:f7:60:2a:e8:bd:
8e:1c:4a:07:37:16:6d:28:ce:2a:c5:9f:2f:18:86:a5:b5:e0:
40:31:fd:22
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT2OMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTIyODQ5WhcNMjUwMzMxMTIyODQ5WjAYMRYw
FAYDVQQDEw02N2MxYWMwNC0yODIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0dM0whFMoiPf+IJy9EBclAqZLMGeUcVjz9+PmfoR8ahvw/96Nrubqyq3
2kz/q3WDodBT01XfI6sCmTwqgxvme7QSvkj9AOeRytfi8yXvfmq5Q4c/qK+gyOrj
2RakTMMWvCkoWKJ3ebVX+eLqv9xsgiBB0zyieEM+VZ6bi0D6DZlfCG66uTNnc6q1
aan3Sfj/QMoz8dWi8UjMHCm7DnV6ROa5F01X4dyN6HuQjqUYqhh8ykNKI6utlgX0
bsUWirPAINHNvZS0k+DjYXuM/D8eGpyN96IkSq0IDvuXusHlhEAJOmn1fAAQb2VP
+2BooZLZpluEAyVTzF9Rukotkvp4+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFElM
pkixtOOYs9+64qknaMoY+K2FMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MUNBMzY0OEY1Q0YxMUVGOTc4M0JBOEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPygMA0GCSqGSIb3DQEBCwUA
A4IBAQCbHEpxcWM+i1rDGc3nYE1MmTBcdZkxwC1Mj+JVpvuagSOA/stj2zAwjACJ
TKQNaKFiVL61qVwsGtcQElreq/7pX3G/1n5I9EPcJvUrZxymCkUIy/VWX6mJsgtt
TExCwoLjuB0aZdZWjl7UcteC0jYvAXe9Wuo6yvoexx0NWaa+Dv4RI0yh6CwSHjDG
vglLwpILB0OVOukAHddFgEUjjKTzE0FT6xYmXTu+KtZLcK3DpiU/mngYudGa3tj/
q443jNlYERLFncHgko35E1BWW+xGcuQQPZlEA3FiBWwdZNESUcqqs4g992Aq6L2O
HEoHNxZtKM4qxZ8vGIalteBAMf0i
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:03:39 2025 by rpki-client