Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B1B0C86CC0FC11EFA3CD584E762E951A.roa
File: B1B0C86CC0FC11EFA3CD584E762E951A.roa (raw, json)
Hash identifier: BGSw1FDWxQncwOT7j/Td9ljRzkagZieiAPwT7zrAMso=
Subject key identifier: 0B:D1:C6:49:75:18:AB:90:C9:C2:DC:5C:A9:3A:F6:23:DF:6A:E8:54
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E7FC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B1B0C86CC0FC11EFA3CD584E762E951A.roa
Signing time: Mon 23 Dec 2024 07:08:22 +0000
ROA not before: Mon 23 Dec 2024 07:08:18 +0000
ROA not after: Fri 31 Jan 2025 07:08:18 +0000
asID: 203020
IP address blocks: 156.225.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59388 (0xe7fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 23 07:08:18 2024 GMT
Not After : Jan 31 07:08:18 2025 GMT
Subject: CN=67690c66-1a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c3:80:60:35:93:a4:57:92:92:fb:c0:61:d0:
b7:d2:ec:47:62:8f:20:b0:b6:1b:9d:4b:84:29:c2:
19:91:70:ae:00:54:81:db:a7:52:cf:14:a2:6e:8e:
09:02:ef:ea:16:c8:72:14:73:ee:e4:31:33:61:ee:
33:c8:c0:d9:4c:5e:c4:e1:e8:d3:dc:54:4e:92:eb:
26:10:67:26:ee:25:94:66:14:c4:eb:03:1b:ec:ad:
ce:4f:dc:2c:1e:07:ab:c5:e1:f3:b8:a8:c7:54:6b:
7b:27:b4:11:be:85:ca:89:5d:d6:56:81:45:45:73:
29:62:fd:6e:5d:2b:e4:e9:d3:92:57:f6:8f:13:0d:
61:19:42:d3:7a:ca:a6:9a:40:0a:20:90:65:ea:fb:
9d:5f:a8:42:a7:c9:3e:9c:d3:77:f6:f2:be:92:61:
5b:e5:75:d6:0d:f7:ff:ad:c6:50:6b:91:41:19:e2:
e1:7d:f2:d1:b4:10:1b:5b:28:64:9f:37:be:23:0a:
00:85:9c:ee:21:59:44:fb:3f:f6:e2:db:d4:fc:4f:
8f:d3:07:87:5a:b3:74:8f:89:d9:6c:8e:8b:54:fd:
ae:0e:3f:d7:ca:7c:8d:a4:d9:6d:1d:6e:b6:5c:a1:
5c:13:2d:ac:15:fe:2a:49:de:fa:19:80:bf:58:7f:
a0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D1:C6:49:75:18:AB:90:C9:C2:DC:5C:A9:3A:F6:23:DF:6A:E8:54
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B1B0C86CC0FC11EFA3CD584E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.69.0/24
Signature Algorithm: sha256WithRSAEncryption
16:18:1e:19:00:06:c7:3d:a3:7f:66:c9:7f:86:c6:30:23:30:
6a:36:0f:23:23:c8:d0:6e:4c:75:94:44:47:38:b9:0b:41:c2:
39:62:9f:d5:3d:88:6b:99:84:08:6a:68:c8:10:b5:34:c1:f3:
d8:14:e6:a7:21:db:8e:11:1a:0b:b4:8f:42:09:df:46:b3:5e:
73:cc:40:6b:3d:fe:38:f5:e6:79:0c:d0:81:31:f5:67:92:33:
08:3f:ab:05:58:2b:f3:08:31:15:be:41:e8:3e:56:08:d2:cb:
fd:e2:f4:b5:ec:3c:28:3c:68:4b:39:f2:f7:72:07:7f:20:76:
d3:1f:41:2e:1c:dc:61:fa:e2:6b:26:33:25:fd:23:3a:7f:01:
8a:19:f6:17:0d:d4:87:de:f8:f0:30:2e:bb:c9:02:39:db:0b:
a7:f3:cd:4b:68:a1:f7:69:f5:b0:b6:38:65:e4:37:4f:e6:16:
3e:64:6d:ae:6e:31:ed:6a:dc:e0:03:38:2e:07:e7:10:9e:1c:
ab:62:0e:2d:26:da:bb:12:1b:a8:4c:2a:74:7c:24:43:00:27:
e3:c1:03:fc:33:78:eb:60:6f:36:d3:f0:bc:4f:ae:26:8e:a5:
da:ff:bd:a5:20:fa:12:ad:60:da:33:32:bf:25:83:e0:f0:c8:
26:91:8d:6e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOf8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIzMDcwODE4WhcNMjUwMTMxMDcwODE4WjAYMRYw
FAYDVQQDEw02NzY5MGM2Ni0xYTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAucOAYDWTpFeSkvvAYdC30uxHYo8gsLYbnUuEKcIZkXCuAFSB26dSzxSi
bo4JAu/qFshyFHPu5DEzYe4zyMDZTF7E4ejT3FROkusmEGcm7iWUZhTE6wMb7K3O
T9wsHgerxeHzuKjHVGt7J7QRvoXKiV3WVoFFRXMpYv1uXSvk6dOSV/aPEw1hGULT
esqmmkAKIJBl6vudX6hCp8k+nNN39vK+kmFb5XXWDff/rcZQa5FBGeLhffLRtBAb
Wyhknze+IwoAhZzuIVlE+z/24tvU/E+P0weHWrN0j4nZbI6LVP2uDj/XynyNpNlt
HW62XKFcEy2sFf4qSd76GYC/WH+gZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAvR
xkl1GKuQycLcXKk69iPfauhUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMUIwQzg2Q0MwRkMxMUVGQTNDRDU4NEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOFFMA0GCSqGSIb3DQEBCwUA
A4IBAQAWGB4ZAAbHPaN/Zsl/hsYwIzBqNg8jI8jQbkx1lERHOLkLQcI5Yp/VPYhr
mYQIamjIELU0wfPYFOanIduOERoLtI9CCd9Gs15zzEBrPf449eZ5DNCBMfVnkjMI
P6sFWCvzCDEVvkHoPlYI0sv94vS17DwoPGhLOfL3cgd/IHbTH0EuHNxh+uJrJjMl
/SM6fwGKGfYXDdSH3vjwMC67yQI52wun881LaKH3afWwtjhl5DdP5hY+ZG2ubjHt
atzgAzguB+cQnhyrYg4tJtq7EhuoTCp0fCRDACfjwQP8M3jrYG820/C8T64mjqXa
/72lIPoSrWDaMzK/JYPg8MgmkY1u
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:49 2025 by rpki-client