Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C543EBCB21611EFABBC3395762E951A.roa
File: 9C543EBCB21611EFABBC3395762E951A.roa (raw, json)
Hash identifier: 4wXw5idmTsh/C2rx3LnDUjbdn+aS8phmaHe7j7CIWE0=
Subject key identifier: D4:49:85:43:70:BA:9C:98:77:0C:DB:14:AE:76:60:95:7D:B6:3C:40
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DF50
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C543EBCB21611EFABBC3395762E951A.roa
Signing time: Wed 04 Dec 2024 08:06:05 +0000
ROA not before: Wed 04 Dec 2024 08:06:02 +0000
ROA not after: Thu 23 Jan 2025 08:06:02 +0000
asID: 63139
IP address blocks: 156.229.2.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57168 (0xdf50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 4 08:06:02 2024 GMT
Not After : Jan 23 08:06:02 2025 GMT
Subject: CN=67500d6d-1594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:08:94:6e:42:51:06:32:da:39:72:06:3b:fb:
d5:61:df:20:0c:5d:14:db:cd:77:05:cf:50:bd:2a:
71:43:f6:91:38:58:d8:72:19:9a:a0:f8:88:ca:62:
68:1a:9b:cd:3b:ed:56:aa:9c:a4:4e:f0:8a:35:a3:
04:17:a6:b5:04:14:58:1e:42:83:a8:91:d9:95:e1:
f9:44:b1:16:30:13:a0:0e:8e:10:60:bc:e9:49:dc:
dd:31:0c:33:63:36:a3:01:15:ca:2c:17:80:70:91:
cc:6c:86:76:08:d3:21:f4:e7:f4:fa:00:32:ca:9a:
d9:c1:c7:5b:52:0c:e8:d1:ea:69:f8:5b:6a:72:4d:
ef:b5:64:13:dd:a5:27:c0:0f:d0:86:14:0a:c1:56:
03:c3:fd:c2:e5:91:99:7f:1a:81:47:18:4e:86:ad:
da:f5:cd:44:8e:63:ac:ac:f3:f7:0d:fc:d3:16:c8:
b9:9b:34:e5:43:43:8b:49:6a:1a:4b:8a:b7:f8:3f:
0f:e5:b1:8a:85:46:84:5d:d7:51:e4:3e:9a:e9:a2:
24:f8:33:05:ef:c3:f9:d7:76:e7:e0:55:20:2f:cd:
82:3c:cb:10:da:a8:29:99:a3:a0:02:7d:73:9f:a3:
b2:d1:cf:a7:21:66:b4:2b:10:48:27:ec:2e:90:7e:
40:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:49:85:43:70:BA:9C:98:77:0C:DB:14:AE:76:60:95:7D:B6:3C:40
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C543EBCB21611EFABBC3395762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.2.0/23
Signature Algorithm: sha256WithRSAEncryption
66:31:53:e2:eb:2c:d5:6e:82:4d:66:5b:aa:38:04:af:85:27:
93:3b:4d:5b:e6:9b:74:cd:86:94:31:b5:26:9b:4d:c3:72:fb:
84:6f:c6:22:46:04:d7:12:0a:ed:79:08:bb:e6:38:dd:eb:b2:
2e:16:d9:ea:9f:db:75:9f:dd:eb:91:dc:b5:4f:38:96:4d:0c:
b4:49:ac:a4:2c:16:09:ae:a8:8e:b7:1e:cf:ed:44:d8:54:b7:
a2:2a:98:02:4a:d2:8b:f1:25:e8:d9:e5:5a:d2:08:16:09:83:
60:30:8d:3d:0f:cb:e9:f5:6c:b2:2e:9a:11:e5:5e:9b:94:b9:
fc:ef:5b:3e:ae:e6:47:46:8f:26:eb:0e:6f:c8:24:e5:3d:63:
05:9c:dc:95:19:52:5b:62:84:52:5e:a9:e0:14:ba:00:e9:97:
2a:07:ab:1b:a1:ed:50:a5:70:d3:c3:38:36:44:9f:a2:be:12:
6e:b8:96:cd:1d:d2:ec:65:43:a2:24:59:3e:3f:48:84:18:1d:
74:16:70:06:6f:e0:11:2e:b9:e9:dd:fc:0c:73:df:80:eb:7f:
cd:ea:a8:fd:3b:ad:87:09:d7:00:44:4c:5f:29:24:52:fc:03:
fb:33:32:06:b8:c7:bc:35:e9:54:82:48:49:e7:ce:35:61:fa:
fd:24:9e:07
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAN9QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA0MDgwNjAyWhcNMjUwMTIzMDgwNjAyWjAYMRYw
FAYDVQQDEw02NzUwMGQ2ZC0xNTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwgiUbkJRBjLaOXIGO/vVYd8gDF0U2813Bc9QvSpxQ/aROFjYchmaoPiI
ymJoGpvNO+1WqpykTvCKNaMEF6a1BBRYHkKDqJHZleH5RLEWMBOgDo4QYLzpSdzd
MQwzYzajARXKLBeAcJHMbIZ2CNMh9Of0+gAyyprZwcdbUgzo0epp+Ftqck3vtWQT
3aUnwA/QhhQKwVYDw/3C5ZGZfxqBRxhOhq3a9c1EjmOsrPP3DfzTFsi5mzTlQ0OL
SWoaS4q3+D8P5bGKhUaEXddR5D6a6aIk+DMF78P513bn4FUgL82CPMsQ2qgpmaOg
An1zn6Oy0c+nIWa0KxBIJ+wukH5A0QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNRJ
hUNwupyYdwzbFK52YJV9tjxAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QzU0M0VCQ0IyMTYxMUVGQUJCQzMzOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOUCMA0GCSqGSIb3DQEBCwUA
A4IBAQBmMVPi6yzVboJNZluqOASvhSeTO01b5pt0zYaUMbUmm03DcvuEb8YiRgTX
EgrteQi75jjd67IuFtnqn9t1n93rkdy1TziWTQy0SaykLBYJrqiOtx7P7UTYVLei
KpgCStKL8SXo2eVa0ggWCYNgMI09D8vp9WyyLpoR5V6blLn871s+ruZHRo8m6w5v
yCTlPWMFnNyVGVJbYoRSXqngFLoA6ZcqB6sboe1QpXDTwzg2RJ+ivhJuuJbNHdLs
ZUOiJFk+P0iEGB10FnAGb+ARLrnp3fwMc9+A63/N6qj9O62HCdcARExfKSRS/AP7
MzIGuMe8NelUgkhJ5841Yfr9JJ4H
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:41 2025 by rpki-client