Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/954DC1BECE7D11EFAAD166B4762E951A.roa
File: 954DC1BECE7D11EFAAD166B4762E951A.roa (raw, json)
Hash identifier: JEn/+TQEaIO6PHwaAeeBTKF14T1EnYbIQSNv+NcL1eI=
Subject key identifier: 39:BB:2A:00:95:99:AD:07:65:FB:1C:15:7B:FE:63:92:80:06:9A:B9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01036E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/954DC1BECE7D11EFAAD166B4762E951A.roa
Signing time: Thu 09 Jan 2025 11:33:44 +0000
ROA not before: Thu 09 Jan 2025 11:33:41 +0000
ROA not after: Wed 22 Jan 2025 11:33:41 +0000
asID: 22773
IP address blocks: 156.239.136.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66414 (0x1036e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 11:33:41 2025 GMT
Not After : Jan 22 11:33:41 2025 GMT
Subject: CN=677fb418-4db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:11:33:d8:d9:77:23:7b:af:1b:2d:cb:fe:b4:
61:19:92:e7:d0:ac:5f:2f:10:ea:bc:fc:18:24:fc:
fc:23:22:dc:68:d7:78:99:44:b7:75:15:e7:77:10:
99:e2:87:12:07:4d:3f:1b:3b:43:d9:39:2b:d2:c8:
ff:e1:58:9f:f0:d9:14:0f:2e:d9:e6:53:a3:e4:d6:
9a:d5:be:68:e0:5e:0f:79:11:ba:7a:c8:f8:8f:2b:
5d:ff:d8:83:2d:91:e4:74:a6:ae:c0:70:44:e9:b6:
01:0b:77:65:0b:88:1c:ad:18:c0:41:ad:d7:87:2d:
be:d7:90:e1:e1:65:76:c5:e9:d8:46:99:3a:60:ee:
b7:75:fc:91:5e:c3:3e:a8:73:c9:96:4e:3a:b3:8b:
e3:51:94:bb:51:ee:42:10:6e:77:d3:64:4b:ef:dc:
55:6b:72:06:f9:2e:45:18:4b:3b:f1:b7:eb:0a:a4:
f1:0b:2f:6a:f8:b2:08:a6:bc:be:d9:be:5e:56:5c:
d2:6f:da:0b:f4:2d:f0:62:c0:89:c5:f1:27:fa:47:
5f:85:27:89:a6:f5:8f:9c:b8:94:f2:ec:3f:94:22:
ff:23:c5:b1:2e:e4:e8:04:70:56:66:19:07:44:58:
2d:8a:a7:68:72:5b:99:eb:a3:e5:dd:c8:4a:0c:fc:
2a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:BB:2A:00:95:99:AD:07:65:FB:1C:15:7B:FE:63:92:80:06:9A:B9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/954DC1BECE7D11EFAAD166B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.136.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:f6:32:d8:82:04:9e:fb:ca:99:7a:7f:a0:27:f4:fb:1e:fc:
b7:05:c0:f0:2a:e9:fd:0e:9b:28:27:10:4c:4e:f8:c9:01:46:
2d:b0:ac:5e:fe:10:e1:4e:50:0c:63:b8:0e:f8:a4:a2:d4:81:
b0:24:a5:87:1f:55:b0:99:da:55:0e:fc:f0:6a:d7:18:5a:04:
74:32:a2:e5:64:1f:6f:a7:16:6b:d7:c2:21:8b:a5:64:c3:32:
6b:39:9a:df:d9:f2:44:df:77:d3:82:5d:d8:75:86:71:6d:5d:
c2:27:3c:f3:be:81:3c:3f:d8:91:87:dd:07:bb:67:33:f3:a9:
6a:23:cd:01:23:df:e4:6e:ec:b5:ea:31:72:ca:dd:32:92:44:
f8:bc:f0:35:24:02:0f:e0:19:4b:e1:90:1a:97:55:82:5d:58:
2f:98:db:c7:4b:af:a8:9d:df:51:35:c6:a1:75:1f:96:c4:62:
ce:71:a3:91:32:65:a5:3d:71:0f:3d:ed:0c:99:39:bd:ba:ef:
67:da:1c:77:31:a9:bd:09:7b:99:fb:60:c9:8e:8d:ba:16:4a:
b3:91:0d:26:44:e6:44:b7:ef:9d:0e:44:09:ff:48:eb:27:ae:
b5:76:ac:72:0c:2d:6a:0b:c1:a8:d4:25:5f:52:2a:73:56:5f:
86:0c:1d:84
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQNuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTEzMzQxWhcNMjUwMTIyMTEzMzQxWjAYMRYw
FAYDVQQDEw02NzdmYjQxOC00ZGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4xEz2Nl3I3uvGy3L/rRhGZLn0KxfLxDqvPwYJPz8IyLcaNd4mUS3dRXn
dxCZ4ocSB00/GztD2Tkr0sj/4Vif8NkUDy7Z5lOj5Naa1b5o4F4PeRG6esj4jytd
/9iDLZHkdKauwHBE6bYBC3dlC4gcrRjAQa3Xhy2+15Dh4WV2xenYRpk6YO63dfyR
XsM+qHPJlk46s4vjUZS7Ue5CEG5302RL79xVa3IG+S5FGEs78bfrCqTxCy9q+LII
pry+2b5eVlzSb9oL9C3wYsCJxfEn+kdfhSeJpvWPnLiU8uw/lCL/I8WxLuToBHBW
ZhkHRFgtiqdocluZ66Pl3chKDPwqPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDm7
KgCVma0HZfscFXv+Y5KABpq5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NTREQzFCRUNFN0QxMUVGQUFEMTY2QjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnO+IMA0GCSqGSIb3DQEBCwUA
A4IBAQCf9jLYggSe+8qZen+gJ/T7Hvy3BcDwKun9DpsoJxBMTvjJAUYtsKxe/hDh
TlAMY7gO+KSi1IGwJKWHH1WwmdpVDvzwatcYWgR0MqLlZB9vpxZr18Ihi6VkwzJr
OZrf2fJE33fTgl3YdYZxbV3CJzzzvoE8P9iRh90Hu2cz86lqI80BI9/kbuy16jFy
yt0ykkT4vPA1JAIP4BlL4ZAal1WCXVgvmNvHS6+ond9RNcahdR+WxGLOcaORMmWl
PXEPPe0MmTm9uu9n2hx3Mam9CXuZ+2DJjo26FkqzkQ0mROZEt++dDkQJ/0jrJ661
dqxyDC1qC8Go1CVfUipzVl+GDB2E
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:11 2025 by rpki-client