Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3F899D8C4F411EFB4E7DA8C762E951A.roa
File: A3F899D8C4F411EFB4E7DA8C762E951A.roa (raw, json)
Hash identifier: 5ee4xfhbveB64qLU4ckPEmxi/O9n9ClJs2FYeRT2bEs=
Subject key identifier: 5F:43:07:50:AE:31:0D:4F:3F:9A:D2:FD:6A:89:6B:BB:C9:77:9E:7F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F115
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3F899D8C4F411EFB4E7DA8C762E951A.roa
Signing time: Sat 28 Dec 2024 08:20:47 +0000
ROA not before: Sat 28 Dec 2024 08:20:44 +0000
ROA not after: Wed 22 Jan 2025 08:20:44 +0000
asID: 55714
IP address blocks: 156.238.72.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61717 (0xf115)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 28 08:20:44 2024 GMT
Not After : Jan 22 08:20:44 2025 GMT
Subject: CN=676fb4df-f37f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:cd:99:9f:46:1e:87:5c:a3:a8:8d:82:e5:ff:
07:6a:e1:d4:d7:31:83:27:08:37:00:1c:2d:45:f4:
c0:91:c7:4f:39:93:b6:7b:f7:70:a7:31:f4:af:66:
b6:eb:e8:01:46:a0:eb:f9:8f:e5:46:bc:48:13:79:
7d:36:de:98:b7:72:82:90:19:41:b6:81:95:98:99:
7f:8f:ce:a9:11:59:e8:04:cf:ce:40:e4:86:04:e1:
00:13:bb:1b:2f:3f:d4:b7:99:94:64:03:05:90:d1:
76:1c:0f:b0:49:31:14:0c:81:d2:40:2c:be:5c:34:
a6:b8:7c:5f:25:98:09:59:35:76:9a:6d:83:66:41:
db:4b:04:2d:14:f9:ef:95:5e:44:e3:ae:f6:ed:30:
22:9a:d2:4b:87:c3:db:54:4c:0f:c7:3a:d7:d0:5a:
7a:97:af:be:8a:3f:b1:ec:00:39:0e:9a:b4:43:35:
ae:62:d7:22:a5:28:42:63:67:dd:f7:eb:23:b0:2a:
20:b5:01:e3:7e:96:82:e3:82:b6:e7:40:f2:f5:23:
a2:4f:f9:4b:e9:4e:55:9b:a1:f0:51:ad:44:55:08:
3a:ea:56:c6:e3:cb:76:cb:c8:f0:87:0f:ea:7e:02:
53:ce:7c:ac:6c:53:1a:7e:7f:c0:37:21:cc:b9:a2:
d6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:43:07:50:AE:31:0D:4F:3F:9A:D2:FD:6A:89:6B:BB:C9:77:9E:7F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3F899D8C4F411EFB4E7DA8C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.72.0/21
Signature Algorithm: sha256WithRSAEncryption
0c:79:7e:a4:2c:9a:09:08:df:c1:7e:d5:02:b3:bb:5e:74:11:
29:15:41:16:20:26:39:a4:4f:6b:be:b1:35:46:b8:fe:e5:95:
58:41:e3:0e:e7:2e:b9:c4:9f:57:b4:e8:0b:71:cb:d4:08:31:
e2:15:6a:d3:d2:29:d6:33:f4:17:24:76:78:17:e6:2d:10:d8:
e6:8c:11:1c:73:4b:2e:57:aa:01:bf:ba:28:03:99:ff:12:9b:
fd:78:d2:b0:bd:b7:33:7c:15:e0:9f:f4:0b:db:89:f4:e5:ce:
e8:02:a6:f8:f0:31:76:8b:87:03:f0:c3:08:1e:8f:20:8d:d7:
34:16:b0:68:e7:b0:ca:a0:bb:09:cd:67:76:c8:7c:be:fa:d2:
79:c0:12:d3:4b:24:20:89:da:8d:26:6a:9d:e9:62:f8:47:e5:
c5:d9:8d:ed:2f:d1:4e:7b:0a:38:1e:62:c9:a2:59:fb:e7:32:
20:38:57:a4:08:33:5e:10:ba:87:1e:ca:80:ab:76:a2:76:90:
7c:1c:fa:17:41:53:c4:94:59:8a:49:8b:e7:b4:43:a3:2f:18:
0a:6e:ed:62:db:55:67:80:41:a0:11:4b:2f:cd:a1:98:c5:e1:
f1:4c:15:af:ff:d0:8b:24:52:e5:73:b3:f0:33:25:c2:88:4c:
d3:84:75:ea
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPEVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI4MDgyMDQ0WhcNMjUwMTIyMDgyMDQ0WjAYMRYw
FAYDVQQDEw02NzZmYjRkZi1mMzdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA582Zn0Yeh1yjqI2C5f8HauHU1zGDJwg3ABwtRfTAkcdPOZO2e/dwpzH0
r2a26+gBRqDr+Y/lRrxIE3l9Nt6Yt3KCkBlBtoGVmJl/j86pEVnoBM/OQOSGBOEA
E7sbLz/Ut5mUZAMFkNF2HA+wSTEUDIHSQCy+XDSmuHxfJZgJWTV2mm2DZkHbSwQt
FPnvlV5E46727TAimtJLh8PbVEwPxzrX0Fp6l6++ij+x7AA5Dpq0QzWuYtcipShC
Y2fd9+sjsCogtQHjfpaC44K250Dy9SOiT/lL6U5Vm6HwUa1EVQg66lbG48t2y8jw
hw/qfgJTznysbFMafn/ANyHMuaLWLQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF9D
B1CuMQ1PP5rS/WqJa7vJd55/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BM0Y4OTlEOEM0RjQxMUVGQjRFN0RBOEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnO5IMA0GCSqGSIb3DQEBCwUA
A4IBAQAMeX6kLJoJCN/BftUCs7tedBEpFUEWICY5pE9rvrE1Rrj+5ZVYQeMO5y65
xJ9XtOgLccvUCDHiFWrT0inWM/QXJHZ4F+YtENjmjBEcc0suV6oBv7ooA5n/Epv9
eNKwvbczfBXgn/QL24n05c7oAqb48DF2i4cD8MMIHo8gjdc0FrBo57DKoLsJzWd2
yHy++tJ5wBLTSyQgidqNJmqd6WL4R+XF2Y3tL9FOewo4HmLJoln75zIgOFekCDNe
ELqHHsqAq3aidpB8HPoXQVPElFmKSYvntEOjLxgKbu1i21VngEGgEUsvzaGYxeHx
TBWv/9CLJFLlc7PwMyXCiEzThHXq
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:14 2025 by rpki-client