Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA0D5BC2D68011EF9E848B85762E951A.roa
File: AA0D5BC2D68011EF9E848B85762E951A.roa (raw, json)
Hash identifier: Bglt+MWzKZlp79KAwfoEpUa7lH7iJ8mbp8MbuziKECA=
Subject key identifier: 59:40:44:72:E6:A8:F4:84:11:72:82:00:DB:DE:2E:3C:A6:1C:D8:E9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010BB4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA0D5BC2D68011EF9E848B85762E951A.roa
Signing time: Sun 19 Jan 2025 16:15:57 +0000
ROA not before: Sun 19 Jan 2025 16:15:53 +0000
ROA not after: Mon 24 Feb 2025 16:15:53 +0000
asID: 23470
IP address blocks: 156.252.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68532 (0x10bb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 19 16:15:53 2025 GMT
Not After : Feb 24 16:15:53 2025 GMT
Subject: CN=678d253d-73a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:20:e1:1d:4f:b2:92:ca:bd:e2:1f:c5:80:40:
ff:f0:75:3c:33:8d:79:d7:e8:08:82:d8:e4:b1:b3:
e8:3c:8d:ee:ef:b8:e0:ed:ac:58:25:4b:f9:ef:70:
04:af:31:8b:09:56:f0:88:23:4c:0c:7e:a2:f9:09:
e1:5f:90:41:c4:8a:b5:9c:34:7e:24:1d:fc:5b:9b:
c9:14:ed:e6:af:67:d4:d9:21:7e:95:30:24:5f:ce:
f3:f9:96:77:78:86:46:13:5e:09:1b:84:3a:68:51:
cb:5d:a7:4b:04:9b:df:b8:ba:6e:40:65:2f:cf:e8:
6f:6a:01:82:0d:29:e3:73:3b:da:2f:9c:5c:b7:15:
dc:ec:5a:f7:09:2a:04:99:67:71:4c:ad:fe:75:a9:
d0:7e:3d:b9:d8:25:3e:73:a4:25:51:ba:67:33:9a:
cc:6e:72:f2:e4:05:7c:09:ae:6b:e1:e7:51:63:23:
7d:5b:77:0e:4a:f8:0e:af:9b:a1:2b:19:51:8c:b2:
08:8c:7d:66:54:74:9b:63:68:3f:f1:48:bf:05:0b:
f7:b3:58:f7:2a:c4:6f:4a:28:0f:70:96:38:24:c7:
4e:8b:f9:ee:6e:77:96:e2:4c:35:fe:43:43:20:0c:
4f:0c:b8:ca:a5:72:29:d1:48:14:9a:8e:cf:32:74:
af:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:40:44:72:E6:A8:F4:84:11:72:82:00:DB:DE:2E:3C:A6:1C:D8:E9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA0D5BC2D68011EF9E848B85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.0.0/24
Signature Algorithm: sha256WithRSAEncryption
45:6a:68:a3:3a:9a:07:d4:8b:72:c0:a2:a5:40:3a:f1:f7:f0:
de:9e:af:82:5a:42:41:ef:1f:51:82:61:d1:b1:15:bb:ee:49:
6f:49:9f:21:68:32:a1:b0:80:32:47:31:86:3f:08:35:ac:be:
fa:11:05:17:4f:c4:9d:37:fd:9a:a1:e9:a5:2c:01:99:1b:18:
e0:29:52:da:c5:8f:eb:31:1e:13:e9:91:87:8a:da:2b:84:c8:
e9:cc:43:9c:b8:17:e7:05:e2:93:c2:91:b8:78:99:36:52:6a:
af:5f:38:d3:b8:7b:61:46:ca:69:6f:72:7e:c3:33:ab:be:05:
e8:f0:6b:ff:98:f2:88:43:d0:09:72:bb:bb:03:2e:d2:9c:d0:
77:1c:6f:38:9e:33:5b:e8:4d:1b:89:2d:21:ed:af:16:18:f1:
3f:65:14:28:ad:ea:cb:11:b4:76:05:47:13:1a:09:30:04:13:
99:c0:cf:f0:f9:80:df:60:88:40:ae:32:19:3b:b0:03:69:70:
44:07:b4:1d:0a:66:f4:e8:81:3f:79:c9:12:80:b2:ab:65:19:
dd:84:80:c2:51:c0:00:72:f8:0d:6f:75:d2:11:5a:78:5e:0a:
8a:cc:d2:2a:00:ab:46:34:ee:1a:1b:b9:eb:10:d2:1c:7a:d7:
85:a8:2d:d8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQu0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE5MTYxNTUzWhcNMjUwMjI0MTYxNTUzWjAYMRYw
FAYDVQQDEw02NzhkMjUzZC03M2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsSDhHU+yksq94h/FgED/8HU8M4151+gIgtjksbPoPI3u77jg7axYJUv5
73AErzGLCVbwiCNMDH6i+QnhX5BBxIq1nDR+JB38W5vJFO3mr2fU2SF+lTAkX87z
+ZZ3eIZGE14JG4Q6aFHLXadLBJvfuLpuQGUvz+hvagGCDSnjczvaL5xctxXc7Fr3
CSoEmWdxTK3+danQfj252CU+c6QlUbpnM5rMbnLy5AV8Ca5r4edRYyN9W3cOSvgO
r5uhKxlRjLIIjH1mVHSbY2g/8Ui/BQv3s1j3KsRvSigPcJY4JMdOi/nubneW4kw1
/kNDIAxPDLjKpXIp0UgUmo7PMnSvYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFlA
RHLmqPSEEXKCANveLjymHNjpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQTBENUJDMkQ2ODAxMUVGOUU4NDhCODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwAMA0GCSqGSIb3DQEBCwUA
A4IBAQBFamijOpoH1ItywKKlQDrx9/Denq+CWkJB7x9RgmHRsRW77klvSZ8haDKh
sIAyRzGGPwg1rL76EQUXT8SdN/2aoemlLAGZGxjgKVLaxY/rMR4T6ZGHitorhMjp
zEOcuBfnBeKTwpG4eJk2UmqvXzjTuHthRsppb3J+wzOrvgXo8Gv/mPKIQ9AJcru7
Ay7SnNB3HG84njNb6E0biS0h7a8WGPE/ZRQorerLEbR2BUcTGgkwBBOZwM/w+YDf
YIhArjIZO7ADaXBEB7QdCmb06IE/eckSgLKrZRndhIDCUcAAcvgNb3XSEVp4XgqK
zNIqAKtGNO4aG7nrENIceteFqC3Y
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:15:32 2025 by rpki-client