Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B70983F6CBE911EF89ED4546762E951A.roa
File: B70983F6CBE911EF89ED4546762E951A.roa (raw, json)
Hash identifier: 1m3lHuT4zvpBYguKBKt8sd/jKalPVPc0gBp4xbUwyT0=
Subject key identifier: 10:56:58:D5:C7:A1:81:8A:A4:11:2F:B0:40:0B:10:CF:51:C1:93:26
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F81E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B70983F6CBE911EF89ED4546762E951A.roa
Signing time: Mon 06 Jan 2025 04:50:13 +0000
ROA not before: Mon 06 Jan 2025 04:50:09 +0000
ROA not after: Thu 16 Jan 2025 04:50:09 +0000
asID: 5065
IP address blocks: 156.229.56.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63518 (0xf81e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 04:50:09 2025 GMT
Not After : Jan 16 04:50:09 2025 GMT
Subject: CN=677b6105-2f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:00:8d:d2:55:61:f0:1f:7d:4d:60:2d:1d:00:
37:e3:e5:a4:d5:c8:af:64:7e:ec:00:f8:ba:cf:a5:
4d:f5:83:a2:9f:27:89:56:00:6f:81:4d:d1:22:0e:
ce:ed:5c:b2:e8:b5:26:08:6b:d2:5f:65:f2:55:33:
5d:bf:d7:72:9e:6e:4c:e8:99:8b:0f:8e:e6:cd:13:
7a:4c:9b:d9:b7:8f:a2:5d:97:91:aa:6f:3e:17:fb:
3f:d4:fc:fe:7b:bd:e4:45:68:71:c9:99:87:1e:18:
54:f5:5d:ae:a3:de:c1:58:bc:33:7f:a4:f8:2a:cf:
04:0f:ad:04:91:fe:80:cc:fc:fa:3b:95:33:bf:8d:
de:51:4d:18:e3:e4:27:5b:e4:b2:b5:2c:a2:ad:bc:
33:2c:19:8b:70:76:bf:d8:1b:c9:f7:51:1b:37:98:
12:b2:b6:52:12:82:d7:f4:8d:1d:31:e4:62:7c:5c:
2e:9d:61:ee:43:ac:b9:ad:d1:28:d7:3b:65:27:c4:
a7:eb:90:5a:d2:e0:f7:db:a7:95:e5:b5:44:a4:45:
f7:6f:ec:75:c7:e7:47:7d:40:cc:f6:20:8f:4c:00:
80:02:b1:46:f1:86:09:ba:bb:f5:a3:cd:69:1a:dc:
5b:2a:a5:ab:ce:5a:44:35:fc:c1:97:b0:e1:56:ab:
82:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:56:58:D5:C7:A1:81:8A:A4:11:2F:B0:40:0B:10:CF:51:C1:93:26
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B70983F6CBE911EF89ED4546762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.56.0/21
Signature Algorithm: sha256WithRSAEncryption
90:7b:b1:90:bf:70:cd:0a:87:1b:a9:96:ff:06:11:1f:51:49:
50:05:31:52:a9:7a:3f:da:43:76:e4:0e:75:44:da:c6:94:34:
5c:55:4f:88:95:e3:d1:5b:50:9c:9e:88:3e:61:ca:ae:82:b2:
dc:42:3f:3f:39:d3:30:21:44:b1:65:43:43:ec:be:62:cd:6e:
ff:6c:c4:70:1b:2a:67:ac:05:53:97:02:b3:98:00:5d:6b:11:
89:8e:69:17:1b:0b:09:90:3c:2f:65:6a:86:15:41:e2:ff:ae:
f0:86:32:0e:df:99:b1:ac:97:fe:4d:7f:0e:7b:e7:1d:bc:4b:
b9:5e:6d:84:f6:2a:86:4a:8b:4e:c3:92:6d:7d:29:7c:ac:86:
e7:1a:0d:ab:d0:39:05:e6:e4:1e:0a:09:8a:2d:78:1f:36:d2:
15:8b:c7:50:4b:57:8c:37:6c:54:58:45:83:d9:75:1a:72:18:
be:8f:c9:0a:04:41:e9:b2:e3:b3:d4:73:a8:16:8c:78:ac:a1:
6d:00:7f:aa:5d:7c:de:c7:3d:ab:6e:e2:5e:43:92:f2:7d:bd:
e2:ef:34:7f:ef:7e:b2:42:82:4f:60:c6:8e:db:44:d6:80:ea:
0a:eb:45:68:1b:1f:0a:5c:eb:4f:af:05:39:c9:eb:b0:89:c1:
74:ae:bd:23
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPgeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDQ1MDA5WhcNMjUwMTE2MDQ1MDA5WjAYMRYw
FAYDVQQDEw02NzdiNjEwNS0yZjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwwCN0lVh8B99TWAtHQA34+Wk1civZH7sAPi6z6VN9YOinyeJVgBvgU3R
Ig7O7Vyy6LUmCGvSX2XyVTNdv9dynm5M6JmLD47mzRN6TJvZt4+iXZeRqm8+F/s/
1Pz+e73kRWhxyZmHHhhU9V2uo97BWLwzf6T4Ks8ED60Ekf6AzPz6O5Uzv43eUU0Y
4+QnW+SytSyirbwzLBmLcHa/2BvJ91EbN5gSsrZSEoLX9I0dMeRifFwunWHuQ6y5
rdEo1ztlJ8Sn65Ba0uD326eV5bVEpEX3b+x1x+dHfUDM9iCPTACAArFG8YYJurv1
o81pGtxbKqWrzlpENfzBl7DhVquCUwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBBW
WNXHoYGKpBEvsEALEM9RwZMmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNzA5ODNGNkNCRTkxMUVGODlFRDQ1NDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOU4MA0GCSqGSIb3DQEBCwUA
A4IBAQCQe7GQv3DNCocbqZb/BhEfUUlQBTFSqXo/2kN25A51RNrGlDRcVU+IlePR
W1Ccnog+YcqugrLcQj8/OdMwIUSxZUND7L5izW7/bMRwGypnrAVTlwKzmABdaxGJ
jmkXGwsJkDwvZWqGFUHi/67whjIO35mxrJf+TX8Oe+cdvEu5Xm2E9iqGSotOw5Jt
fSl8rIbnGg2r0DkF5uQeCgmKLXgfNtIVi8dQS1eMN2xUWEWD2XUachi+j8kKBEHp
suOz1HOoFox4rKFtAH+qXXzexz2rbuJeQ5Lyfb3i7zR/736yQoJPYMaO20TWgOoK
60VoGx8KXOtPrwU5yeuwicF0rr0j
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:37 2025 by rpki-client