Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA365DA8C9B211EF89FB45B9762E951A.roa
File: BA365DA8C9B211EF89FB45B9762E951A.roa (raw, json)
Hash identifier: JN3clu+E81q+2Ij5a5qVF8vnP514L8hLckJRTfCIy0U=
Subject key identifier: 86:7C:1C:9F:6A:91:97:96:C4:B1:BE:41:26:60:55:C3:DD:D3:59:71
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6BF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA365DA8C9B211EF89FB45B9762E951A.roa
Signing time: Fri 03 Jan 2025 09:11:34 +0000
ROA not before: Fri 03 Jan 2025 09:11:30 +0000
ROA not after: Sat 18 Jan 2025 09:11:30 +0000
asID: 141883
IP address blocks: 156.240.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63167 (0xf6bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 09:11:30 2025 GMT
Not After : Jan 18 09:11:30 2025 GMT
Subject: CN=6777a9c6-ce09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f8:ad:cd:be:1e:69:30:70:d7:c5:9a:8f:05:
71:cc:a3:0e:7f:50:0b:ba:57:13:f9:38:4a:24:7f:
7c:7c:7f:c4:a1:d8:84:87:33:11:8c:2f:94:bc:c1:
19:3f:35:f8:ff:9b:82:84:b1:98:00:cf:c7:7b:28:
a1:14:af:b3:fc:94:cc:ee:57:c3:11:f2:8b:9f:f5:
50:01:2b:ac:6e:57:9f:56:5e:a5:71:88:58:75:1c:
4f:57:3c:af:f5:eb:b0:43:b7:0f:35:c6:36:cb:73:
65:3e:f3:e2:21:43:4c:76:d3:d1:c5:6c:c5:a2:96:
a3:c7:0f:c8:56:93:65:e7:d9:9f:70:63:0d:c5:86:
03:bc:d3:ec:fd:a0:2a:e7:67:1d:d7:e5:38:09:56:
86:c7:70:27:af:e0:a5:9d:8f:f0:ce:99:77:af:e8:
c4:a3:82:c7:ff:03:72:e6:33:be:d0:2b:72:00:26:
ba:3c:df:b8:3f:6d:24:de:52:f0:77:1a:58:0e:75:
bd:9a:1f:77:ef:c8:21:62:3e:45:45:74:5d:d2:cb:
4a:b5:c4:1a:66:52:ef:e7:ef:ba:58:a2:0e:80:f3:
fe:cb:3c:9d:dc:19:9a:45:67:47:c8:c2:cd:bd:bf:
8c:9a:51:d8:de:6f:0f:eb:f1:42:36:3d:c8:4f:2f:
17:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7C:1C:9F:6A:91:97:96:C4:B1:BE:41:26:60:55:C3:DD:D3:59:71
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA365DA8C9B211EF89FB45B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.48.0/21
Signature Algorithm: sha256WithRSAEncryption
7c:b4:35:c1:b6:a3:4f:cb:9a:ed:23:18:47:f7:5c:c2:7b:f1:
5e:d7:89:b7:69:26:2b:bb:e4:18:eb:f2:c3:6a:d1:91:13:5f:
eb:40:aa:53:2a:d6:a1:26:95:04:41:18:42:40:5d:54:13:d6:
2e:6b:1b:76:0e:74:93:1d:9a:09:15:c9:69:a8:16:16:f7:b5:
3c:fc:5d:c8:1c:6e:86:cc:05:c9:37:b6:04:c4:f5:a9:e2:95:
b0:e1:c3:bf:77:1d:43:7a:74:18:fa:c4:46:cf:5a:0e:60:04:
39:9c:8d:a5:69:3b:21:11:3f:41:d2:f7:22:3d:45:de:b3:8e:
2c:81:4c:17:42:88:12:26:85:a6:18:93:8c:9a:e0:0e:6a:9a:
48:57:0a:f4:03:05:62:f6:b5:95:b6:9e:0a:9e:17:51:61:7e:
9d:59:7e:62:03:28:69:70:92:25:79:0a:b8:b6:ea:45:51:59:
8a:99:c6:0d:52:59:09:0a:49:be:1c:49:74:59:b0:0d:8c:fc:
f4:a8:6d:f6:db:81:8c:b4:39:81:cd:d0:27:75:8a:53:b9:a0:
c6:ea:b6:1d:a9:71:4a:a7:69:66:f4:2b:0f:56:0d:39:88:94:
24:ae:9f:e0:29:df:30:c9:d8:a0:2d:1b:1a:8e:8a:91:2c:79:
a4:b3:48:e3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPa/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDkxMTMwWhcNMjUwMTE4MDkxMTMwWjAYMRYw
FAYDVQQDEw02Nzc3YTljNi1jZTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxvitzb4eaTBw18WajwVxzKMOf1ALulcT+ThKJH98fH/EodiEhzMRjC+U
vMEZPzX4/5uChLGYAM/HeyihFK+z/JTM7lfDEfKLn/VQASusblefVl6lcYhYdRxP
Vzyv9euwQ7cPNcY2y3NlPvPiIUNMdtPRxWzFopajxw/IVpNl59mfcGMNxYYDvNPs
/aAq52cd1+U4CVaGx3Anr+ClnY/wzpl3r+jEo4LH/wNy5jO+0CtyACa6PN+4P20k
3lLwdxpYDnW9mh9378ghYj5FRXRd0stKtcQaZlLv5++6WKIOgPP+yzyd3BmaRWdH
yMLNvb+MmlHY3m8P6/FCNj3ITy8XowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIZ8
HJ9qkZeWxLG+QSZgVcPd01lxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQTM2NURBOEM5QjIxMUVGODlGQjQ1Qjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPAwMA0GCSqGSIb3DQEBCwUA
A4IBAQB8tDXBtqNPy5rtIxhH91zCe/Fe14m3aSYru+QY6/LDatGRE1/rQKpTKtah
JpUEQRhCQF1UE9Yuaxt2DnSTHZoJFclpqBYW97U8/F3IHG6GzAXJN7YExPWp4pWw
4cO/dx1DenQY+sRGz1oOYAQ5nI2laTshET9B0vciPUXes44sgUwXQogSJoWmGJOM
muAOappIVwr0AwVi9rWVtp4KnhdRYX6dWX5iAyhpcJIleQq4tupFUVmKmcYNUlkJ
Ckm+HEl0WbANjPz0qG3224GMtDmBzdAndYpTuaDG6rYdqXFKp2lm9CsPVg05iJQk
rp/gKd8wydigLRsajoqRLHmks0jj
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:09 2025 by rpki-client