Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7B318F8CF6311EFB4AF166A762E951A.roa
File: B7B318F8CF6311EFB4AF166A762E951A.roa (raw, json)
Hash identifier: 12pjY5bM5WuGUAGg/5dshaOc91R3NyAB/zbjgDyE+V0=
Subject key identifier: 28:AF:BE:79:61:4E:2B:1C:3D:2B:5F:88:BC:5C:03:E2:44:47:59:A4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010571
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7B318F8CF6311EFB4AF166A762E951A.roa
Signing time: Fri 10 Jan 2025 15:01:06 +0000
ROA not before: Fri 10 Jan 2025 15:01:03 +0000
ROA not after: Wed 22 Jan 2025 15:01:03 +0000
asID: 4766
IP address blocks: 156.239.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66929 (0x10571)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 15:01:03 2025 GMT
Not After : Jan 22 15:01:03 2025 GMT
Subject: CN=67813632-48eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:43:df:fb:5c:a1:8a:d9:40:3f:1c:db:91:8f:
3e:a6:e5:91:29:46:d2:55:83:35:b7:e7:14:06:4b:
1a:42:b3:d0:6f:58:e3:86:00:2a:5f:b7:f3:85:51:
a6:ec:7e:76:0b:b2:82:8f:5c:5a:20:16:a1:21:ca:
36:b3:fa:03:a7:bb:82:ec:a2:37:62:4f:cb:02:41:
01:ff:d2:4a:80:7d:14:ce:c2:b7:fd:dd:30:23:f9:
09:80:ff:9a:00:ec:a9:4d:b4:fe:9c:ae:6a:7a:47:
34:98:53:0e:68:ab:f0:7c:b2:f4:3b:a6:51:47:bd:
7d:1e:69:87:ea:68:8a:f3:f9:8e:dc:2a:83:98:f0:
63:22:e6:d9:42:90:5e:4c:75:44:49:66:e1:47:81:
30:60:2c:3d:b5:58:7d:15:49:4b:33:4d:16:ac:17:
e4:dc:08:0b:dc:87:de:f6:fe:4d:95:35:c6:99:02:
5d:74:f3:10:f0:db:05:27:3e:41:d8:ac:5b:65:a2:
02:57:42:82:4b:e6:10:ac:e4:76:2b:9a:d7:fc:60:
95:0a:6c:8e:f6:c7:36:e2:9c:cc:07:ea:82:21:17:
06:ae:d7:62:53:92:9b:cc:98:a0:f0:8d:dd:c2:24:
0f:7a:e2:48:f9:1e:a0:7a:eb:bc:c3:8b:10:d5:53:
f3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:AF:BE:79:61:4E:2B:1C:3D:2B:5F:88:BC:5C:03:E2:44:47:59:A4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B7B318F8CF6311EFB4AF166A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.19.0/24
Signature Algorithm: sha256WithRSAEncryption
93:d2:15:8b:23:0f:ca:eb:ef:32:61:d6:d0:fd:37:a1:c5:11:
d4:fc:ee:b8:fb:64:e3:20:a5:d0:4d:97:56:c7:a1:a4:b3:c0:
16:6a:20:63:99:70:a0:9c:30:b8:ca:3c:9b:d5:14:1b:46:33:
48:ec:1c:c6:75:c2:71:7a:99:4c:1f:b5:1d:ac:72:a9:3f:7e:
9c:f7:af:8a:b8:3e:be:58:fe:b4:76:97:3a:54:f2:9f:16:f6:
8c:e9:71:e9:de:72:51:b2:6d:4e:9c:7d:c8:47:66:2a:6b:41:
81:48:8b:24:f8:63:a5:4f:0e:ab:38:32:7f:4d:56:5a:cf:f2:
f7:2d:63:38:f9:89:f5:cf:47:93:ab:27:ba:fa:e3:cd:ad:3c:
91:32:f3:0c:21:51:e4:f1:66:5d:71:1b:e1:04:74:a8:9c:3e:
71:c5:e6:e1:a9:65:7a:7c:85:8c:9c:c0:04:cd:b8:53:dc:f1:
52:44:1b:9f:7d:f6:d3:ce:e2:9d:81:d1:89:3a:a1:bb:f2:1c:
f4:f8:f4:a1:70:36:ed:db:af:7b:12:7f:ad:bb:ee:f8:be:ee:
e1:76:b8:ca:11:0a:e1:78:39:44:aa:79:44:f0:f5:08:c9:59:
b3:65:52:77:69:82:2d:78:05:66:48:16:53:7c:5e:16:5b:44:
ca:c4:0f:98
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQVxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMTUwMTAzWhcNMjUwMTIyMTUwMTAzWjAYMRYw
FAYDVQQDEw02NzgxMzYzMi00OGViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArUPf+1yhitlAPxzbkY8+puWRKUbSVYM1t+cUBksaQrPQb1jjhgAqX7fz
hVGm7H52C7KCj1xaIBahIco2s/oDp7uC7KI3Yk/LAkEB/9JKgH0UzsK3/d0wI/kJ
gP+aAOypTbT+nK5qekc0mFMOaKvwfLL0O6ZRR719HmmH6miK8/mO3CqDmPBjIubZ
QpBeTHVESWbhR4EwYCw9tVh9FUlLM00WrBfk3AgL3Ife9v5NlTXGmQJddPMQ8NsF
Jz5B2KxbZaICV0KCS+YQrOR2K5rX/GCVCmyO9sc24pzMB+qCIRcGrtdiU5KbzJig
8I3dwiQPeuJI+R6geuu8w4sQ1VPzGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCiv
vnlhTiscPStfiLxcA+JER1mkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CN0IzMThGOENGNjMxMUVGQjRBRjE2NkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO8TMA0GCSqGSIb3DQEBCwUA
A4IBAQCT0hWLIw/K6+8yYdbQ/TehxRHU/O64+2TjIKXQTZdWx6Gks8AWaiBjmXCg
nDC4yjyb1RQbRjNI7BzGdcJxeplMH7UdrHKpP36c96+KuD6+WP60dpc6VPKfFvaM
6XHp3nJRsm1OnH3IR2Yqa0GBSIsk+GOlTw6rODJ/TVZaz/L3LWM4+Yn1z0eTqye6
+uPNrTyRMvMMIVHk8WZdcRvhBHSonD5xxebhqWV6fIWMnMAEzbhT3PFSRBufffbT
zuKdgdGJOqG78hz0+PShcDbt2697En+tu+74vu7hdrjKEQrheDlEqnlE8PUIyVmz
ZVJ3aYIteAVmSBZTfF4WW0TKxA+Y
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:05 2025 by rpki-client