Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/976E1A96CBDC11EF8340B56F762E951A.roa
File: 976E1A96CBDC11EF8340B56F762E951A.roa (raw, json)
Hash identifier: PyApJActOSd9M/7euJIXlGmgJ/IoVwGK4MktDtVZdJk=
Subject key identifier: 4E:92:74:40:94:68:8D:8B:8E:4A:5B:87:D7:D3:78:7D:90:0C:A8:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7F2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/976E1A96CBDC11EF8340B56F762E951A.roa
Signing time: Mon 06 Jan 2025 03:16:17 +0000
ROA not before: Mon 06 Jan 2025 03:16:13 +0000
ROA not after: Tue 04 Feb 2025 03:16:13 +0000
asID: 269070
IP address blocks: 156.249.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63474 (0xf7f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 03:16:13 2025 GMT
Not After : Feb 4 03:16:13 2025 GMT
Subject: CN=677b4b00-cb63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:53:27:39:26:a4:00:a0:5f:39:04:26:58:00:
0a:be:d2:68:9a:da:e7:e7:e9:7b:17:7a:d5:b6:3c:
ff:6f:9d:d1:9a:56:0a:a4:4e:0e:ab:6e:3b:f2:62:
10:a0:9c:ec:43:fd:e5:c7:b5:1b:7d:93:2f:4f:11:
ac:10:7f:44:73:22:32:7b:ea:5d:e5:e1:51:de:da:
45:00:49:2d:b8:75:70:80:8c:4f:f9:7f:1c:8d:43:
05:bf:08:d6:df:e9:7a:4f:fa:c6:9c:0b:78:d9:a0:
5b:62:ec:4b:73:c4:3b:63:cf:75:e4:78:f1:da:9e:
c0:e4:2c:e4:8c:62:22:a3:61:34:fc:69:4d:1b:82:
99:6f:be:ec:19:29:85:c8:de:09:8a:f9:60:10:b5:
79:cd:f6:be:39:82:64:0a:09:10:b5:90:30:fd:ee:
ed:9d:ca:d2:31:02:34:e0:bf:d9:7d:a6:a8:2d:9a:
8c:0a:35:3a:d4:a7:d2:9f:26:10:57:e4:21:f4:67:
9a:d2:43:12:6c:c2:32:cd:cf:e6:64:c2:d9:38:84:
68:8a:7e:4c:b3:b6:04:da:83:9c:1a:9d:b5:79:56:
5b:1c:0c:ff:5c:3f:c3:75:79:a1:66:70:9f:8d:80:
de:d1:fb:17:fb:01:8b:94:27:85:bc:e2:4b:72:ce:
81:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:92:74:40:94:68:8D:8B:8E:4A:5B:87:D7:D3:78:7D:90:0C:A8:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/976E1A96CBDC11EF8340B56F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.66.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:87:5b:31:6d:7a:0e:42:e4:af:43:8f:83:38:cd:32:d7:b8:
00:c1:9a:6d:fe:5b:8d:1b:46:0a:4e:b5:1f:d2:4d:15:8f:75:
39:53:bb:a4:17:54:a9:7d:bc:2a:3b:6d:a4:d9:5a:b7:1c:5c:
77:ea:9d:a9:f3:99:06:e8:26:c4:33:7e:fe:ad:32:99:2b:ad:
bc:6b:fa:ec:41:43:1e:a4:dd:df:5b:47:4b:4b:06:74:ab:7f:
a2:e9:87:f0:63:c0:4d:fa:23:d3:3e:dd:31:94:6a:95:98:32:
ca:cd:c3:21:c0:54:d6:3a:9a:42:db:29:ab:92:c8:0f:d1:77:
40:84:09:90:b7:0d:bc:b4:9a:5a:31:56:b1:3a:99:57:21:e4:
6c:3c:37:7e:5f:50:83:c1:de:7b:64:e1:97:f2:9a:5a:fb:a3:
6e:07:8a:17:e9:74:01:af:b2:d5:6e:86:85:41:3f:6e:31:e5:
3c:71:6f:9d:4d:7e:1b:9e:78:c9:fc:00:44:3d:ba:74:6c:ca:
76:80:c6:9c:59:62:35:b4:bf:2e:23:2b:f0:4d:5a:12:86:ab:
87:41:55:5c:11:7e:95:5d:24:79:d1:22:8c:91:32:50:29:31:
05:da:07:fc:bc:0a:f8:7f:1b:0f:e4:d4:83:b9:ec:fe:1c:3e:
86:5a:23:c1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPfyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDMxNjEzWhcNMjUwMjA0MDMxNjEzWjAYMRYw
FAYDVQQDEw02NzdiNGIwMC1jYjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr1MnOSakAKBfOQQmWAAKvtJomtrn5+l7F3rVtjz/b53RmlYKpE4Oq247
8mIQoJzsQ/3lx7UbfZMvTxGsEH9EcyIye+pd5eFR3tpFAEktuHVwgIxP+X8cjUMF
vwjW3+l6T/rGnAt42aBbYuxLc8Q7Y8915Hjx2p7A5CzkjGIio2E0/GlNG4KZb77s
GSmFyN4JivlgELV5zfa+OYJkCgkQtZAw/e7tncrSMQI04L/ZfaaoLZqMCjU61KfS
nyYQV+Qh9Gea0kMSbMIyzc/mZMLZOIRoin5Ms7YE2oOcGp21eVZbHAz/XD/DdXmh
ZnCfjYDe0fsX+wGLlCeFvOJLcs6BvQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE6S
dECUaI2Ljkpbh9fTeH2QDKjlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NzZFMUE5NkNCREMxMUVGODM0MEI1NkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlCMA0GCSqGSIb3DQEBCwUA
A4IBAQB+h1sxbXoOQuSvQ4+DOM0y17gAwZpt/luNG0YKTrUf0k0Vj3U5U7ukF1Sp
fbwqO22k2Vq3HFx36p2p85kG6CbEM37+rTKZK628a/rsQUMepN3fW0dLSwZ0q3+i
6YfwY8BN+iPTPt0xlGqVmDLKzcMhwFTWOppC2ymrksgP0XdAhAmQtw28tJpaMVax
OplXIeRsPDd+X1CDwd57ZOGX8ppa+6NuB4oX6XQBr7LVboaFQT9uMeU8cW+dTX4b
nnjJ/ABEPbp0bMp2gMacWWI1tL8uIyvwTVoShquHQVVcEX6VXSR50SKMkTJQKTEF
2gf8vAr4fxsP5NSDuez+HD6GWiPB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:37 2025 by rpki-client