Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4F3E11CCACF11EF962BF8BB762E951A.roa
File: B4F3E11CCACF11EF962BF8BB762E951A.roa (raw, json)
Hash identifier: b5qUBX0JlabeKrUpoRtaW5TnLZ/nnWJfZCUsYYwc4VQ=
Subject key identifier: 64:E6:71:52:E7:4F:13:71:48:F9:1F:2E:F7:35:41:FD:B5:77:7D:5E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F776
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4F3E11CCACF11EF962BF8BB762E951A.roa
Signing time: Sat 04 Jan 2025 19:11:32 +0000
ROA not before: Sun 05 Jan 2025 19:11:28 +0000
ROA not after: Sat 18 Jan 2025 19:11:28 +0000
asID: 135097
IP address blocks: 156.250.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63350 (0xf776)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 19:11:28 2025 GMT
Not After : Jan 18 19:11:28 2025 GMT
Subject: CN=677987e3-9045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3e:2f:b7:d7:dd:06:f4:72:2f:bc:fd:94:e2:
2c:64:b2:f5:75:64:26:98:4b:ad:28:fb:bb:cf:cb:
39:36:c0:85:6b:78:e2:5c:05:0d:a3:f2:1e:8a:34:
43:1a:bd:f9:53:cf:20:f3:1c:43:d3:7e:e0:01:3e:
fc:ea:b8:6d:cb:28:99:42:ed:73:86:3a:5b:34:0f:
91:24:b1:aa:77:bc:93:dc:6b:05:9c:98:b1:cf:78:
75:f4:af:fd:f2:40:de:4a:99:8b:24:03:bd:94:c0:
5e:d5:c3:80:73:1e:18:24:65:0f:53:33:f9:e6:c0:
72:48:9b:00:58:f8:e5:ff:a9:41:54:5d:cf:50:29:
f5:85:4c:26:f1:40:2c:3f:5f:4e:15:69:64:00:04:
5e:a8:91:1d:ea:fb:cb:9e:3c:47:15:c0:04:54:e4:
48:5d:24:e0:13:22:77:99:5a:5c:cf:25:a0:23:17:
59:9e:7b:a9:90:b5:df:ec:33:aa:7f:15:0e:02:b0:
2a:d8:e1:e0:df:57:1d:60:96:d8:c5:be:1a:96:42:
d7:7f:83:ab:13:f4:8c:c2:0a:8a:26:79:86:be:63:
50:e4:61:bf:b7:68:29:52:25:9c:2c:0f:d2:68:5f:
bc:bf:17:e7:47:46:17:a6:40:e1:e3:16:cd:cb:19:
c9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E6:71:52:E7:4F:13:71:48:F9:1F:2E:F7:35:41:FD:B5:77:7D:5E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4F3E11CCACF11EF962BF8BB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.8.0/21
Signature Algorithm: sha256WithRSAEncryption
71:86:95:ae:ec:11:71:78:a7:da:57:fe:cd:ac:4f:41:d7:96:
70:3c:18:22:c5:d5:37:c3:81:bb:87:bc:9b:40:df:31:a2:3b:
3e:0c:17:1a:0f:2b:ea:c4:46:14:52:c5:23:3c:ab:ff:17:a9:
1c:95:da:f1:1d:10:84:21:57:b7:c3:ba:39:c3:72:f6:35:4f:
a3:49:4e:2a:d3:6b:b0:3e:64:0a:32:f2:49:58:19:db:e2:93:
f3:15:68:86:de:0a:46:96:00:5f:90:06:85:11:28:f8:c1:83:
b9:c5:5e:ca:27:ad:a5:e8:85:ac:c5:b4:65:9b:44:4e:f4:03:
b1:da:e3:94:f4:71:e0:d7:a2:a0:60:f9:56:d7:ea:53:39:97:
93:e1:12:d1:9d:fe:ae:7d:b3:85:80:a2:14:32:6c:71:d8:a7:
56:f9:81:18:2b:6f:9a:52:69:62:93:d8:4c:5c:c2:ef:f4:a8:
84:77:af:66:2c:c9:5c:7b:c2:a3:78:cd:b0:e3:7d:e0:f3:36:
20:52:55:85:93:e3:16:9b:5a:55:ef:2c:b8:98:ae:e5:ef:3c:
c7:c9:c7:66:8f:69:97:0f:08:34:6e:7f:88:c4:78:de:aa:e0:
92:c3:0d:bb:86:ae:59:45:60:d8:c2:18:eb:ba:38:c9:09:72:
a1:fa:d4:96
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPd2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTkxMTI4WhcNMjUwMTE4MTkxMTI4WjAYMRYw
FAYDVQQDEw02Nzc5ODdlMy05MDQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvz4vt9fdBvRyL7z9lOIsZLL1dWQmmEutKPu7z8s5NsCFa3jiXAUNo/Ie
ijRDGr35U88g8xxD037gAT786rhtyyiZQu1zhjpbNA+RJLGqd7yT3GsFnJixz3h1
9K/98kDeSpmLJAO9lMBe1cOAcx4YJGUPUzP55sBySJsAWPjl/6lBVF3PUCn1hUwm
8UAsP19OFWlkAAReqJEd6vvLnjxHFcAEVORIXSTgEyJ3mVpczyWgIxdZnnupkLXf
7DOqfxUOArAq2OHg31cdYJbYxb4alkLXf4OrE/SMwgqKJnmGvmNQ5GG/t2gpUiWc
LA/SaF+8vxfnR0YXpkDh4xbNyxnJhwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGTm
cVLnTxNxSPkfLvc1Qf21d31eMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNEYzRTExQ0NBQ0YxMUVGOTYyQkY4QkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPoIMA0GCSqGSIb3DQEBCwUA
A4IBAQBxhpWu7BFxeKfaV/7NrE9B15ZwPBgixdU3w4G7h7ybQN8xojs+DBcaDyvq
xEYUUsUjPKv/F6kcldrxHRCEIVe3w7o5w3L2NU+jSU4q02uwPmQKMvJJWBnb4pPz
FWiG3gpGlgBfkAaFESj4wYO5xV7KJ62l6IWsxbRlm0RO9AOx2uOU9HHg16KgYPlW
1+pTOZeT4RLRnf6ufbOFgKIUMmxx2KdW+YEYK2+aUmlik9hMXMLv9KiEd69mLMlc
e8KjeM2w433g8zYgUlWFk+MWm1pV7yy4mK7l7zzHycdmj2mXDwg0bn+IxHjequCS
ww27hq5ZRWDYwhjrujjJCXKh+tSW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:48 2025 by rpki-client