Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B259E5B6F5CA11EFB230AF6A762E951A.roa
File: B259E5B6F5CA11EFB230AF6A762E951A.roa (raw, json)
Hash identifier: VBijgRkbzy7BI+LXgzINpfU6G20w+okzJMUMzrjNlmQ=
Subject key identifier: E3:35:E9:15:DA:2F:4A:DD:C4:2B:32:B3:3A:B4:D2:18:9A:E6:07:21
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013D50
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B259E5B6F5CA11EFB230AF6A762E951A.roa
Signing time: Fri 28 Feb 2025 11:54:00 +0000
ROA not before: Fri 28 Feb 2025 11:53:56 +0000
ROA not after: Mon 31 Mar 2025 11:53:56 +0000
asID: 398478
IP address blocks: 156.252.144.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81232 (0x13d50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 11:53:56 2025 GMT
Not After : Mar 31 11:53:56 2025 GMT
Subject: CN=67c1a3d7-97f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:aa:c3:42:14:7d:a2:94:8d:3e:25:84:97:c5:
41:1f:ce:a5:71:89:e4:ef:6e:a9:f5:9d:ff:a9:e5:
fe:1c:ae:09:d0:8f:d3:34:9e:58:24:be:ba:0c:ad:
17:44:90:f3:13:46:0b:8a:9c:4c:a4:7e:48:d7:aa:
5d:a7:0a:85:6e:ac:99:82:78:86:18:71:26:4e:a3:
eb:49:e6:d7:af:61:7f:3c:a6:0e:a5:04:94:c0:79:
bb:76:21:78:4f:ce:83:36:b1:63:be:63:ea:90:6c:
3c:8c:e0:be:06:e8:6c:90:78:fb:2d:b5:78:c8:63:
04:63:23:48:7d:6f:92:1a:24:f2:e3:49:1d:c7:81:
6a:59:3b:9a:9a:f3:d8:b2:a2:01:b5:36:6f:4f:05:
67:5d:72:c7:84:36:de:4e:7e:b1:1a:69:70:4a:46:
2e:cc:df:3b:55:48:73:1d:f0:34:a3:3c:e5:c9:23:
5e:b2:8b:3f:b2:ea:3b:d0:2b:82:b0:c9:b1:eb:af:
69:6a:cd:49:d0:c6:23:34:ef:1b:5b:31:0a:ed:10:
c8:ca:5c:6a:8b:34:df:2a:fc:34:b9:1e:eb:69:98:
61:4e:06:b9:da:e1:b3:c6:eb:89:a3:0d:10:4e:b3:
94:10:a7:e3:8c:6b:70:3f:e6:e2:00:db:8b:af:05:
8f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:35:E9:15:DA:2F:4A:DD:C4:2B:32:B3:3A:B4:D2:18:9A:E6:07:21
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B259E5B6F5CA11EFB230AF6A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.144.0/20
Signature Algorithm: sha256WithRSAEncryption
68:31:ed:97:30:24:4c:fc:a7:0f:d6:7f:b8:fe:98:35:f5:86:
90:a9:be:a1:cb:7e:10:fb:d5:30:7f:d3:11:c0:b9:cb:c5:c0:
cb:70:60:e9:c5:64:06:42:91:3d:b0:f5:d8:56:ad:e4:f5:da:
7b:95:0a:1d:41:9c:52:63:37:15:2a:1f:11:42:eb:87:5d:14:
09:ba:d5:57:86:f8:e7:3f:c3:9e:d6:74:45:d8:86:c9:91:2a:
1e:e6:3b:8f:e8:cd:ab:df:b4:64:4f:e1:28:8b:38:50:6f:a4:
1c:62:eb:32:34:e4:7a:0d:1b:0e:68:72:7c:75:c0:6e:67:e9:
c9:87:12:b6:eb:de:ac:64:19:d7:31:47:76:f7:1b:ec:3b:bf:
16:c8:9c:42:5b:36:d3:29:e6:d2:76:ae:e4:8a:09:c5:ba:bb:
b1:31:f4:9b:c0:f8:69:a1:bd:23:3b:48:ab:a7:2b:1f:a8:3a:
1c:d9:fb:75:30:a0:c1:c9:da:d6:d1:8b:21:de:d4:8b:48:02:
6d:a6:9f:96:d0:39:5e:85:0e:48:cf:12:ff:eb:5c:d7:8a:02:
3b:26:1c:ae:4f:46:3c:57:7d:47:fb:a9:7a:85:74:32:e8:df:
16:cf:72:a3:71:cb:32:2b:ad:4d:ca:f9:ac:f3:49:fa:8a:32:
c5:69:c9:27
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT1QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTE1MzU2WhcNMjUwMzMxMTE1MzU2WjAYMRYw
FAYDVQQDEw02N2MxYTNkNy05N2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzqrDQhR9opSNPiWEl8VBH86lcYnk726p9Z3/qeX+HK4J0I/TNJ5YJL66
DK0XRJDzE0YLipxMpH5I16pdpwqFbqyZgniGGHEmTqPrSebXr2F/PKYOpQSUwHm7
diF4T86DNrFjvmPqkGw8jOC+BuhskHj7LbV4yGMEYyNIfW+SGiTy40kdx4FqWTua
mvPYsqIBtTZvTwVnXXLHhDbeTn6xGmlwSkYuzN87VUhzHfA0ozzlySNesos/suo7
0CuCsMmx669pas1J0MYjNO8bWzEK7RDIylxqizTfKvw0uR7raZhhTga52uGzxuuJ
ow0QTrOUEKfjjGtwP+biANuLrwWPNQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOM1
6RXaL0rdxCsyszq00hia5gchMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMjU5RTVCNkY1Q0ExMUVGQjIzMEFGNkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPyQMA0GCSqGSIb3DQEBCwUA
A4IBAQBoMe2XMCRM/KcP1n+4/pg19YaQqb6hy34Q+9Uwf9MRwLnLxcDLcGDpxWQG
QpE9sPXYVq3k9dp7lQodQZxSYzcVKh8RQuuHXRQJutVXhvjnP8Oe1nRF2IbJkSoe
5juP6M2r37RkT+EoizhQb6QcYusyNOR6DRsOaHJ8dcBuZ+nJhxK2696sZBnXMUd2
9xvsO78WyJxCWzbTKebSdq7kignFuruxMfSbwPhpob0jO0irpysfqDoc2ft1MKDB
ydrW0Ysh3tSLSAJtpp+W0DlehQ5IzxL/61zXigI7JhyuT0Y8V31H+6l6hXQy6N8W
z3KjccsyK61Nyvms80n6ijLFackn
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:45:32 2025 by rpki-client