Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF409688CEFE11EFA966586E762E951A.roa
File: AF409688CEFE11EFA966586E762E951A.roa (raw, json)
Hash identifier: O6yhHUhCztGXQbFI5m62dTvn3kBHAJW+pBFk5alowDk=
Subject key identifier: 4A:85:69:BE:06:9E:9E:76:12:A7:60:C6:5B:D2:DB:78:02:C5:31:77
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0104C3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF409688CEFE11EFA966586E762E951A.roa
Signing time: Fri 10 Jan 2025 02:57:53 +0000
ROA not before: Fri 10 Jan 2025 02:57:49 +0000
ROA not after: Mon 27 Jan 2025 02:57:49 +0000
asID: 398704
IP address blocks: 156.245.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66755 (0x104c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 02:57:49 2025 GMT
Not After : Jan 27 02:57:49 2025 GMT
Subject: CN=67808cb1-4e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:01:f6:66:57:d6:8b:fb:fc:32:37:47:14:9f:
2a:9f:7d:37:3f:47:4b:59:fb:01:0e:23:8c:9e:71:
43:fb:80:86:2c:bf:8f:27:a1:33:b6:cd:c7:af:15:
34:b4:39:1d:82:a2:15:fc:e1:f7:60:ff:eb:ce:b7:
51:23:b5:8f:b7:b9:45:c0:38:22:4c:29:ba:0a:81:
64:d6:04:ce:32:7f:df:1c:c9:5e:69:47:c1:5d:60:
e9:26:8e:13:b1:75:7e:bf:df:16:98:8d:a7:38:ce:
18:9d:1b:2b:f1:86:4d:64:25:3f:bc:17:bf:29:5d:
aa:56:4a:19:79:41:a6:21:5a:06:d6:e4:e0:17:f9:
88:32:26:15:1c:8e:b2:0f:45:dd:12:6b:39:18:22:
1e:ff:fc:86:4d:a8:90:cd:10:86:b6:4e:71:8a:e3:
7d:9d:8f:cd:8d:6c:b5:90:d3:3b:0d:25:be:bb:e0:
86:eb:ff:ef:fb:e5:c9:32:f0:f3:35:1f:42:eb:15:
da:14:af:4e:72:0b:5a:bc:0f:15:ce:3e:2b:84:5f:
f5:a3:a2:00:34:84:01:69:74:aa:53:6f:df:7b:1c:
1d:ce:23:2f:86:2e:9c:d3:8f:3f:d0:d6:b2:30:2f:
81:01:7e:f1:e7:f9:6e:bb:6b:5a:97:b6:36:d1:8e:
03:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:85:69:BE:06:9E:9E:76:12:A7:60:C6:5B:D2:DB:78:02:C5:31:77
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF409688CEFE11EFA966586E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.244.0/22
Signature Algorithm: sha256WithRSAEncryption
19:61:8c:b2:d7:56:ed:b1:b0:06:92:41:48:95:3b:ef:fe:44:
d2:03:fd:31:fc:d4:13:cc:03:66:25:49:5a:64:15:5b:03:5b:
87:8a:5d:ae:b2:25:3a:ac:fe:35:e6:39:d6:6c:74:df:92:a2:
b6:8a:a6:34:2a:1e:45:d6:72:0c:c3:69:59:d4:a2:aa:26:de:
e5:83:e3:c5:f7:d5:e4:00:47:29:8b:d7:e8:55:f6:00:b0:8c:
30:ff:e0:8d:01:5d:80:f0:4a:ac:92:8f:68:72:a0:00:1c:80:
7a:43:b1:16:2a:28:47:2d:bc:b7:dd:d1:31:f6:f4:45:8b:bd:
c8:43:db:a2:5a:65:74:59:6a:52:a2:e6:2f:5d:98:3c:92:0f:
05:b2:98:10:1c:98:fd:60:22:3f:6d:6d:ed:b3:1d:c5:14:11:
1f:d3:8b:73:42:07:ab:84:8c:10:88:a1:4b:02:05:46:82:99:
bf:ab:34:ca:e3:aa:72:cd:a7:4a:70:e2:52:f0:27:49:ef:a6:
1f:29:a0:a1:a9:af:46:52:c7:f1:82:b0:1a:45:60:30:71:cb:
9a:0b:fd:95:3c:9b:79:61:5f:e9:76:ec:3f:c4:3a:3d:de:f4:
35:28:cb:a6:69:30:ae:de:9c:78:74:f8:f8:af:c6:d8:03:d3:
2b:4a:40:88
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQTDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDI1NzQ5WhcNMjUwMTI3MDI1NzQ5WjAYMRYw
FAYDVQQDEw02NzgwOGNiMS00ZTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzwH2ZlfWi/v8MjdHFJ8qn303P0dLWfsBDiOMnnFD+4CGLL+PJ6Ezts3H
rxU0tDkdgqIV/OH3YP/rzrdRI7WPt7lFwDgiTCm6CoFk1gTOMn/fHMleaUfBXWDp
Jo4TsXV+v98WmI2nOM4YnRsr8YZNZCU/vBe/KV2qVkoZeUGmIVoG1uTgF/mIMiYV
HI6yD0XdEms5GCIe//yGTaiQzRCGtk5xiuN9nY/NjWy1kNM7DSW+u+CG6//v++XJ
MvDzNR9C6xXaFK9OcgtavA8Vzj4rhF/1o6IANIQBaXSqU2/fexwdziMvhi6c048/
0NayMC+BAX7x5/luu2tal7Y20Y4DNQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEqF
ab4Gnp52EqdgxlvS23gCxTF3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRjQwOTY4OENFRkUxMUVGQTk2NjU4NkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPX0MA0GCSqGSIb3DQEBCwUA
A4IBAQAZYYyy11btsbAGkkFIlTvv/kTSA/0x/NQTzANmJUlaZBVbA1uHil2usiU6
rP415jnWbHTfkqK2iqY0Kh5F1nIMw2lZ1KKqJt7lg+PF99XkAEcpi9foVfYAsIww
/+CNAV2A8Eqsko9ocqAAHIB6Q7EWKihHLby33dEx9vRFi73IQ9uiWmV0WWpSouYv
XZg8kg8FspgQHJj9YCI/bW3tsx3FFBEf04tzQgerhIwQiKFLAgVGgpm/qzTK46py
zadKcOJS8CdJ76YfKaChqa9GUsfxgrAaRWAwccuaC/2VPJt5YV/pduw/xDo93vQ1
KMumaTCu3px4dPj4r8bYA9MrSkCI
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:37 2025 by rpki-client