Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFA95A70CABB11EF841CADBE762E951A.roa
File: AFA95A70CABB11EF841CADBE762E951A.roa (raw, json)
Hash identifier: K28YEolg+TaA2cZlTuHto/10NNJcxRnLmdHfQ5gaZ5U=
Subject key identifier: 9B:32:DF:81:F6:5E:3B:07:12:4B:87:B4:D9:FB:0D:E0:89:E6:72:4A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6FC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFA95A70CABB11EF841CADBE762E951A.roa
Signing time: Sat 04 Jan 2025 16:48:13 +0000
ROA not before: Sun 05 Jan 2025 16:48:09 +0000
ROA not after: Wed 15 Jan 2025 16:48:09 +0000
asID: 39600
IP address blocks: 156.238.166.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63228 (0xf6fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 16:48:09 2025 GMT
Not After : Jan 15 16:48:09 2025 GMT
Subject: CN=6779664d-58a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:38:78:00:06:70:f4:ec:6b:32:ae:a4:41:a5:
05:32:eb:af:93:d5:24:1f:8f:09:d1:69:4f:34:83:
b2:1a:6d:24:b4:49:c9:b4:ab:d9:81:c4:13:c9:30:
3a:e9:71:c5:03:22:34:93:c9:3b:3e:1c:e7:30:4b:
48:af:08:47:19:ae:73:41:99:44:26:0b:5b:2b:a7:
7a:e3:f6:f4:8e:39:5a:3f:1f:8e:45:7a:bb:e7:e9:
49:23:3d:40:e2:4b:5b:7c:a0:fe:9c:32:2b:14:e7:
f0:92:e1:14:b2:7e:85:0f:7d:89:87:b0:9d:8e:cc:
28:70:87:30:da:84:d5:3a:9e:40:ab:de:10:05:9e:
09:71:3d:9a:d7:e3:0c:76:0e:28:33:9f:94:ff:98:
e1:ba:5b:0b:94:8a:c5:8e:6e:31:bd:47:6e:8d:dd:
5c:06:68:78:af:17:a9:2f:bb:5e:10:f1:e5:01:2d:
ae:a8:63:14:e0:42:38:44:81:1a:88:92:8e:2c:29:
15:cb:af:85:74:30:60:2d:60:96:ed:f9:27:60:b3:
0f:87:9b:9a:94:5a:48:bb:aa:2d:5d:19:a9:6b:b7:
c3:e1:19:6c:54:93:7b:43:7a:f5:81:83:85:3a:ae:
c2:6e:91:76:08:c4:14:cf:b7:8a:37:80:fe:b6:df:
83:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:32:DF:81:F6:5E:3B:07:12:4B:87:B4:D9:FB:0D:E0:89:E6:72:4A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFA95A70CABB11EF841CADBE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.166.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:d6:cd:d5:69:b3:f9:3c:ae:79:cb:73:27:af:42:b1:0a:96:
31:aa:cb:83:2e:ad:9e:57:74:48:55:47:bc:4a:90:df:75:16:
99:bb:01:f8:5e:cc:fb:38:36:c1:38:03:e3:b4:8a:e0:d1:7c:
ad:37:53:17:47:c9:4e:69:a2:58:6f:8f:f4:6c:5f:ac:17:11:
c4:3e:15:bb:3c:92:5b:4e:91:01:99:c0:b4:56:97:83:df:29:
50:8e:9b:96:64:32:4f:26:10:df:d2:23:89:82:cb:5f:77:60:
dc:a2:c9:b5:04:8b:ca:b6:86:0b:c3:8e:2a:78:73:3b:ae:2c:
89:2f:60:44:bb:b4:9f:3a:e4:24:2c:68:c4:8c:11:ff:0c:19:
77:6e:bd:09:ad:cc:d4:40:64:7b:8a:42:b0:ea:a7:eb:8e:39:
74:c8:d2:4a:20:33:da:b9:90:a3:77:2b:1d:f1:01:a1:f8:f3:
a8:e9:39:45:c0:15:02:0b:05:12:64:05:dd:21:86:ba:8e:ce:
77:70:4e:07:ac:80:2a:81:75:6a:15:34:75:2f:e2:96:45:1b:
23:d7:c9:87:3d:2e:6e:6c:9a:0f:bb:d2:d0:68:68:67:18:05:
fb:36:d1:59:0f:4f:0b:0c:ce:76:d8:09:c5:32:68:37:f2:d3:
7e:20:74:69
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPb8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTY0ODA5WhcNMjUwMTE1MTY0ODA5WjAYMRYw
FAYDVQQDEw02Nzc5NjY0ZC01OGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAljh4AAZw9OxrMq6kQaUFMuuvk9UkH48J0WlPNIOyGm0ktEnJtKvZgcQT
yTA66XHFAyI0k8k7PhznMEtIrwhHGa5zQZlEJgtbK6d64/b0jjlaPx+ORXq75+lJ
Iz1A4ktbfKD+nDIrFOfwkuEUsn6FD32Jh7CdjswocIcw2oTVOp5Aq94QBZ4JcT2a
1+MMdg4oM5+U/5jhulsLlIrFjm4xvUdujd1cBmh4rxepL7teEPHlAS2uqGMU4EI4
RIEaiJKOLCkVy6+FdDBgLWCW7fknYLMPh5ualFpIu6otXRmpa7fD4RlsVJN7Q3r1
gYOFOq7CbpF2CMQUz7eKN4D+tt+DjQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJsy
34H2XjsHEkuHtNn7DeCJ5nJKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRkE5NUE3MENBQkIxMUVGODQxQ0FEQkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO6mMA0GCSqGSIb3DQEBCwUA
A4IBAQBL1s3VabP5PK55y3Mnr0KxCpYxqsuDLq2eV3RIVUe8SpDfdRaZuwH4Xsz7
ODbBOAPjtIrg0XytN1MXR8lOaaJYb4/0bF+sFxHEPhW7PJJbTpEBmcC0VpeD3ylQ
jpuWZDJPJhDf0iOJgstfd2Dcosm1BIvKtoYLw44qeHM7riyJL2BEu7SfOuQkLGjE
jBH/DBl3br0JrczUQGR7ikKw6qfrjjl0yNJKIDPauZCjdysd8QGh+POo6TlFwBUC
CwUSZAXdIYa6js53cE4HrIAqgXVqFTR1L+KWRRsj18mHPS5ubJoPu9LQaGhnGAX7
NtFZD08LDM522AnFMmg38tN+IHRp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:01 2025 by rpki-client