Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7EDD1F0CF0011EFAFB3807B762E951A.roa
File: A7EDD1F0CF0011EFAFB3807B762E951A.roa (raw, json)
Hash identifier: JjaMMZLdFhNyre37XSMrnZDqw6tCAB0qh0L1Tr/bU2s=
Subject key identifier: 44:27:4A:31:B8:3E:F8:A1:3E:E3:03:FD:F7:DE:B2:1B:58:30:35:AD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0104D1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7EDD1F0CF0011EFAFB3807B762E951A.roa
Signing time: Fri 10 Jan 2025 03:12:00 +0000
ROA not before: Fri 10 Jan 2025 03:11:56 +0000
ROA not after: Mon 27 Jan 2025 03:11:56 +0000
asID: 62468
IP address blocks: 156.245.198.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66769 (0x104d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 03:11:56 2025 GMT
Not After : Jan 27 03:11:56 2025 GMT
Subject: CN=67808fff-d99d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b0:a9:4d:1b:41:bf:96:06:1a:e6:87:19:32:
36:f7:e0:92:04:f6:83:5b:b2:23:e2:8e:b7:b4:97:
32:3c:96:75:86:c7:ab:c1:0b:c3:e4:9a:f9:fb:f3:
f8:e8:c9:bc:08:47:d1:94:dd:fd:f9:f0:80:0d:a5:
4f:5e:d3:4b:0f:17:7a:d7:a1:b3:0e:85:b5:73:76:
a8:ea:10:3b:ba:fe:fd:cd:49:79:1a:58:85:a3:e0:
57:cb:d1:f6:79:09:81:2e:33:74:a4:ee:4e:c9:63:
12:bd:52:6f:d3:15:a4:3f:55:97:21:7f:e9:3e:be:
f4:61:42:38:38:b2:1e:ea:24:5f:ed:f3:b9:c1:21:
c0:a8:f2:6d:81:5c:63:45:8a:a8:5e:36:d6:ba:48:
62:f4:52:f7:62:60:95:b3:03:f3:da:72:cb:96:74:
eb:49:31:5c:03:be:80:c2:7f:9f:57:2a:ae:79:bf:
a0:6c:0e:2d:6d:18:15:39:09:55:40:23:79:da:f7:
93:46:45:c6:08:59:d5:87:ec:90:61:57:8c:88:b6:
e8:07:2d:19:af:f3:10:f4:60:f4:e7:bf:2a:17:86:
e5:95:7f:31:d1:51:2b:76:78:90:56:14:21:2c:fe:
d0:7d:43:11:04:a3:ba:75:16:cd:85:7d:46:8d:69:
45:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:27:4A:31:B8:3E:F8:A1:3E:E3:03:FD:F7:DE:B2:1B:58:30:35:AD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7EDD1F0CF0011EFAFB3807B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.198.0/23
Signature Algorithm: sha256WithRSAEncryption
63:ea:86:f9:d9:ab:43:ce:77:ab:e5:68:28:93:b0:ab:c6:a7:
ed:9f:86:7f:82:08:e3:ef:a4:fe:06:c4:11:44:71:2d:18:c3:
72:69:54:4f:2b:8f:33:3d:4e:bf:dd:8c:e7:b6:6b:3f:d5:a8:
38:09:d5:58:88:c2:56:87:59:a0:eb:f1:72:85:54:e1:42:af:
78:b5:ea:84:34:be:b9:e5:86:dc:13:91:4c:2d:f9:ff:f6:00:
f7:c4:07:15:00:78:9a:5e:c3:f2:a9:b0:a0:bb:98:2f:16:7f:
d9:11:c7:2b:dd:43:49:d3:ba:a0:db:b9:e0:67:06:10:05:b7:
46:bc:11:fa:4f:52:c1:aa:43:db:60:75:cf:15:a3:2e:98:66:
10:66:a3:18:6e:b9:0c:6a:b9:0d:e5:6e:95:2f:73:80:19:50:
e3:2a:36:f8:fb:e4:3b:56:b3:78:5f:d2:f6:be:2d:92:db:e2:
ae:bc:3c:a4:55:b2:a7:b9:50:4a:aa:38:39:bc:df:02:77:33:
0b:a5:a4:50:8a:91:88:52:bc:0f:ea:00:94:cc:ed:00:3d:5e:
de:10:59:56:24:cf:4e:c4:24:38:20:8e:16:5c:52:6f:ec:c4:
6a:93:3b:9d:3b:b1:18:74:e7:f8:18:1a:0e:62:d4:b5:57:11:
a7:68:af:aa
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQTRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDMxMTU2WhcNMjUwMTI3MDMxMTU2WjAYMRYw
FAYDVQQDEw02NzgwOGZmZi1kOTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4LCpTRtBv5YGGuaHGTI29+CSBPaDW7Ij4o63tJcyPJZ1hserwQvD5Jr5
+/P46Mm8CEfRlN39+fCADaVPXtNLDxd616GzDoW1c3ao6hA7uv79zUl5GliFo+BX
y9H2eQmBLjN0pO5OyWMSvVJv0xWkP1WXIX/pPr70YUI4OLIe6iRf7fO5wSHAqPJt
gVxjRYqoXjbWukhi9FL3YmCVswPz2nLLlnTrSTFcA76Awn+fVyqueb+gbA4tbRgV
OQlVQCN52veTRkXGCFnVh+yQYVeMiLboBy0Zr/MQ9GD0578qF4bllX8x0VErdniQ
VhQhLP7QfUMRBKO6dRbNhX1GjWlFXwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEQn
SjG4PvihPuMD/ffeshtYMDWtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BN0VERDFGMENGMDAxMUVGQUZCMzgwN0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPXGMA0GCSqGSIb3DQEBCwUA
A4IBAQBj6ob52atDzner5Wgok7Crxqftn4Z/ggjj76T+BsQRRHEtGMNyaVRPK48z
PU6/3Yzntms/1ag4CdVYiMJWh1mg6/FyhVThQq94teqENL655YbcE5FMLfn/9gD3
xAcVAHiaXsPyqbCgu5gvFn/ZEccr3UNJ07qg27ngZwYQBbdGvBH6T1LBqkPbYHXP
FaMumGYQZqMYbrkMarkN5W6VL3OAGVDjKjb4++Q7VrN4X9L2vi2S2+KuvDykVbKn
uVBKqjg5vN8CdzMLpaRQipGIUrwP6gCUzO0APV7eEFlWJM9OxCQ4II4WXFJv7MRq
kzudO7EYdOf4GBoOYtS1VxGnaK+q
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:36 2025 by rpki-client