Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9852EDC4B92611EF8FE3DD83762E951A.roa
File: 9852EDC4B92611EF8FE3DD83762E951A.roa (raw, json)
Hash identifier: PPoAuC5LqdQ2Rw9RPtuJJgPdomBrRRH9k35dfzdpWMs=
Subject key identifier: C8:89:7D:CE:3A:79:D9:F4:01:19:A8:03:9E:28:13:0B:98:DE:D5:EA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E30F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9852EDC4B92611EF8FE3DD83762E951A.roa
Signing time: Fri 13 Dec 2024 07:48:09 +0000
ROA not before: Fri 13 Dec 2024 07:48:05 +0000
ROA not after: Sat 25 Jan 2025 07:48:05 +0000
asID: 48031
IP address blocks: 156.246.144.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58127 (0xe30f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 13 07:48:05 2024 GMT
Not After : Jan 25 07:48:05 2025 GMT
Subject: CN=675be6b9-2874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:38:15:77:84:1a:32:f0:be:8a:72:6b:f0:3d:
69:fb:11:25:ee:88:40:0e:5a:59:cc:9e:01:f5:cf:
25:5a:50:d7:6e:61:83:ff:15:10:fe:e6:86:3b:26:
e0:f3:36:19:84:d9:e5:61:fd:af:15:b8:a6:ff:9a:
8f:1f:73:7e:fc:b0:ca:79:11:5b:9f:9f:d2:22:64:
c9:23:3b:37:6d:90:cc:03:45:ba:fb:16:07:8d:da:
d5:32:ab:11:91:cb:4c:95:3e:14:70:d9:63:88:c4:
d9:1c:32:2b:6b:d6:04:96:91:d9:5b:71:4e:53:3e:
ea:57:91:c1:fe:0c:2e:21:6c:62:6d:ea:08:86:8e:
da:49:c9:15:62:19:95:6b:76:9c:cf:cb:1e:6b:37:
b7:5d:16:80:8d:ac:c5:bd:34:f2:17:c4:79:99:c4:
5c:00:3f:28:ec:86:2f:1e:68:93:4e:9c:b3:28:75:
61:04:71:85:10:3b:39:16:5d:2e:22:2e:82:eb:27:
e4:e0:00:f1:1d:a9:63:73:a9:2d:af:17:ca:68:83:
60:e0:82:86:da:e2:2e:b8:e6:11:26:de:72:24:fb:
4b:75:f8:38:db:34:98:26:35:a9:dc:37:ed:97:bc:
27:60:54:a3:a8:fc:31:c0:5c:d3:2e:9f:d2:fa:76:
c2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:89:7D:CE:3A:79:D9:F4:01:19:A8:03:9E:28:13:0B:98:DE:D5:EA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9852EDC4B92611EF8FE3DD83762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.144.0/23
Signature Algorithm: sha256WithRSAEncryption
34:a3:70:db:4e:68:f2:a7:01:19:ed:5b:58:cb:f1:aa:36:bc:
2f:35:cc:8b:67:b9:3c:ac:96:98:21:1f:e3:fb:ac:e6:b7:44:
0f:0c:94:02:9e:7e:08:4d:e3:50:16:8b:3b:f9:65:ef:45:05:
1e:51:a5:82:a0:f0:33:83:91:2a:5a:4f:94:1c:d3:fe:31:7e:
ac:8c:80:e6:ec:b6:40:91:60:fa:c5:3b:87:51:ed:47:8f:5f:
84:1b:92:cf:06:d6:4e:6c:5b:9e:ef:e5:1e:8c:7d:a0:1d:8f:
45:bd:80:8a:11:12:52:b0:3d:3b:75:cb:c4:46:e8:98:0e:94:
5f:f4:8a:12:75:4a:2a:ff:f5:45:09:9f:9f:e4:5f:5a:bd:3a:
ea:94:46:f8:02:70:5d:8b:ce:60:f0:53:00:0c:08:76:5d:bf:
4a:0d:b2:52:38:5b:89:a5:65:b4:ec:54:ba:23:36:ce:a4:32:
1e:38:2d:ff:eb:ff:70:8e:32:e5:09:e9:7d:35:9f:ec:33:1e:
07:77:f0:b0:d1:32:b7:e0:1d:a6:4f:b9:cd:f5:d7:35:af:4b:
7b:f5:2a:a0:16:27:9b:c2:9b:ea:87:ed:61:a8:ac:bc:e7:5e:
d9:95:f8:8e:e3:27:07:7a:96:4c:80:0f:7b:09:4e:38:d3:a4:
37:60:e1:ac
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOMPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjEzMDc0ODA1WhcNMjUwMTI1MDc0ODA1WjAYMRYw
FAYDVQQDEw02NzViZTZiOS0yODc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArTgVd4QaMvC+inJr8D1p+xEl7ohADlpZzJ4B9c8lWlDXbmGD/xUQ/uaG
Oybg8zYZhNnlYf2vFbim/5qPH3N+/LDKeRFbn5/SImTJIzs3bZDMA0W6+xYHjdrV
MqsRkctMlT4UcNljiMTZHDIra9YElpHZW3FOUz7qV5HB/gwuIWxibeoIho7aSckV
YhmVa3acz8seaze3XRaAjazFvTTyF8R5mcRcAD8o7IYvHmiTTpyzKHVhBHGFEDs5
Fl0uIi6C6yfk4ADxHaljc6ktrxfKaINg4IKG2uIuuOYRJt5yJPtLdfg42zSYJjWp
3Dftl7wnYFSjqPwxwFzTLp/S+nbCnwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMiJ
fc46edn0ARmoA54oEwuY3tXqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85ODUyRURDNEI5MjYxMUVGOEZFM0REODM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPaQMA0GCSqGSIb3DQEBCwUA
A4IBAQA0o3DbTmjypwEZ7VtYy/GqNrwvNcyLZ7k8rJaYIR/j+6zmt0QPDJQCnn4I
TeNQFos7+WXvRQUeUaWCoPAzg5EqWk+UHNP+MX6sjIDm7LZAkWD6xTuHUe1Hj1+E
G5LPBtZObFue7+UejH2gHY9FvYCKERJSsD07dcvERuiYDpRf9IoSdUoq//VFCZ+f
5F9avTrqlEb4AnBdi85g8FMADAh2Xb9KDbJSOFuJpWW07FS6IzbOpDIeOC3/6/9w
jjLlCel9NZ/sMx4Hd/Cw0TK34B2mT7nN9dc1r0t79SqgFiebwpvqh+1hqKy8517Z
lfiO4ycHepZMgA97CU4406Q3YOGs
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:40 2025 by rpki-client