Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A13EB602CC2711EFB63CFE48762E951A.roa
File: A13EB602CC2711EFB63CFE48762E951A.roa (raw, json)
Hash identifier: Tthog2Swdi09Jh3x15wmuC4MG7hRDWbZH3YWDmws8Rk=
Subject key identifier: 9F:54:97:3C:45:71:1B:1A:4A:EF:21:41:C6:25:2A:5E:40:3F:60:27
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F8DB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A13EB602CC2711EFB63CFE48762E951A.roa
Signing time: Mon 06 Jan 2025 12:13:25 +0000
ROA not before: Mon 06 Jan 2025 12:13:22 +0000
ROA not after: Sat 18 Jan 2025 12:13:22 +0000
asID: 44559
IP address blocks: 156.233.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63707 (0xf8db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 12:13:22 2025 GMT
Not After : Jan 18 12:13:22 2025 GMT
Subject: CN=677bc8e5-d520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b2:9d:9c:a4:80:63:43:ad:12:32:1f:a8:9e:
cd:51:45:c8:63:ff:4f:2e:22:57:b5:88:0e:80:a5:
84:0c:84:cc:4f:5c:08:13:cd:26:d9:0b:d1:14:b0:
7e:0e:9b:34:28:b8:a0:fd:b0:9b:3d:a3:1e:a1:52:
20:95:05:ab:c3:fc:dc:fd:d9:5d:55:b3:87:c2:50:
61:91:27:9b:9a:c2:77:69:c2:07:d0:98:0e:8b:aa:
1b:5f:e4:b5:3e:13:77:22:74:cb:de:98:8e:01:ad:
c4:7a:71:b6:c8:ed:e2:29:59:e9:d9:d6:6b:6c:bf:
70:9d:f5:5d:bf:2b:b5:81:14:60:c1:d5:35:65:76:
fe:88:71:c1:29:b0:e7:f2:8d:be:32:84:55:01:58:
1c:f5:04:71:e9:d7:23:90:ac:c1:bb:42:43:38:70:
c3:e5:c9:14:ec:ae:fe:65:e4:ee:5e:08:f7:6b:b9:
e9:3e:93:52:1b:c9:32:64:41:19:87:4e:28:66:bf:
0a:cb:b2:92:15:dc:21:79:ab:d5:ba:53:62:52:3d:
d4:d8:96:cd:7f:f8:b2:d6:4b:84:6c:97:ab:fd:e2:
45:3f:0d:43:80:f5:73:76:e9:c8:23:c7:81:8c:e5:
aa:2e:d6:5b:43:5c:8a:a5:0c:d6:ed:c8:b2:7d:06:
47:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:54:97:3C:45:71:1B:1A:4A:EF:21:41:C6:25:2A:5E:40:3F:60:27
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A13EB602CC2711EFB63CFE48762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.208.0/24
Signature Algorithm: sha256WithRSAEncryption
82:6c:d6:24:03:de:29:6b:21:9e:8d:98:9d:24:38:3b:ee:16:
6a:a1:58:3a:8b:0e:7f:69:fb:8d:18:b8:70:98:f3:27:76:f9:
4a:48:dc:ae:53:73:18:d3:5f:27:1a:38:1c:7d:aa:a9:38:ea:
ed:8a:d2:09:dd:bb:35:3a:01:54:45:71:fc:a1:45:25:14:26:
64:ab:b2:22:06:31:35:1d:47:9b:24:db:14:0b:f3:f5:37:bf:
5c:97:e1:c5:33:87:72:25:12:92:24:1c:65:a8:f7:b4:34:57:
cf:cf:7f:93:9c:6a:f0:4a:e8:40:5b:41:1e:0f:a7:20:cd:6a:
46:13:11:21:9c:e9:03:63:6b:cd:ff:89:ef:c3:42:f9:fd:16:
16:ce:fe:b2:a2:52:8b:a5:70:17:13:f3:69:f8:bd:17:c2:7f:
3d:e2:f6:6e:3b:53:b2:a2:6a:94:13:33:f4:a5:51:e2:9a:27:
db:0d:d4:ed:09:5a:dd:df:e7:3d:ff:1d:0c:80:72:e3:1e:28:
7b:7e:34:05:88:c9:e4:97:1e:a0:87:3a:14:85:57:3e:8f:77:
c9:03:fa:df:24:2b:0d:19:52:4d:81:04:12:a2:23:9d:29:44:
a7:22:b1:a0:2e:57:c1:be:40:d0:0e:f5:df:97:2e:18:1b:e2:
e4:04:bc:d4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPjbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MTIxMzIyWhcNMjUwMTE4MTIxMzIyWjAYMRYw
FAYDVQQDEw02NzdiYzhlNS1kNTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmLKdnKSAY0OtEjIfqJ7NUUXIY/9PLiJXtYgOgKWEDITMT1wIE80m2QvR
FLB+Dps0KLig/bCbPaMeoVIglQWrw/zc/dldVbOHwlBhkSebmsJ3acIH0JgOi6ob
X+S1PhN3InTL3piOAa3EenG2yO3iKVnp2dZrbL9wnfVdvyu1gRRgwdU1ZXb+iHHB
KbDn8o2+MoRVAVgc9QRx6dcjkKzBu0JDOHDD5ckU7K7+ZeTuXgj3a7npPpNSG8ky
ZEEZh04oZr8Ky7KSFdwheavVulNiUj3U2JbNf/iy1kuEbJer/eJFPw1DgPVzdunI
I8eBjOWqLtZbQ1yKpQzW7ciyfQZH0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ9U
lzxFcRsaSu8hQcYlKl5AP2AnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMTNFQjYwMkNDMjcxMUVGQjYzQ0ZFNDg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnQMA0GCSqGSIb3DQEBCwUA
A4IBAQCCbNYkA94payGejZidJDg77hZqoVg6iw5/afuNGLhwmPMndvlKSNyuU3MY
018nGjgcfaqpOOrtitIJ3bs1OgFURXH8oUUlFCZkq7IiBjE1HUebJNsUC/P1N79c
l+HFM4dyJRKSJBxlqPe0NFfPz3+TnGrwSuhAW0EeD6cgzWpGExEhnOkDY2vN/4nv
w0L5/RYWzv6yolKLpXAXE/Np+L0Xwn894vZuO1OyomqUEzP0pVHimifbDdTtCVrd
3+c9/x0MgHLjHih7fjQFiMnklx6ghzoUhVc+j3fJA/rfJCsNGVJNgQQSoiOdKUSn
IrGgLlfBvkDQDvXfly4YG+LkBLzU
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:30 2025 by rpki-client