Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB1113A8C9A311EFA540F35B762E951A.roa
File: BB1113A8C9A311EFA540F35B762E951A.roa (raw, json)
Hash identifier: 4hWL585fPZszYLQeqY7KrEDn6/4TX9/pf67F/mZcG4g=
Subject key identifier: B0:2B:83:9C:1A:DB:54:C3:E8:9D:B1:FE:7F:54:33:1D:F9:22:CD:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F679
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB1113A8C9A311EFA540F35B762E951A.roa
Signing time: Fri 03 Jan 2025 07:24:13 +0000
ROA not before: Fri 03 Jan 2025 07:24:09 +0000
ROA not after: Sat 18 Jan 2025 07:24:09 +0000
asID: 54801
IP address blocks: 156.246.16.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63097 (0xf679)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 07:24:09 2025 GMT
Not After : Jan 18 07:24:09 2025 GMT
Subject: CN=6777909d-b504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d9:f7:79:43:a0:eb:e7:36:48:15:1c:4e:78:
ae:33:99:a5:e7:ed:8b:be:f0:8a:84:c4:a2:1b:2e:
db:3f:fd:67:50:5a:7a:9c:65:9e:cb:28:34:ae:54:
84:bf:38:06:b8:2c:42:ce:b1:ff:a6:f5:6c:b7:21:
41:21:b9:1b:3a:54:fa:d2:bd:68:5c:ac:a5:6f:97:
f0:0e:16:2e:bb:d9:b3:4d:f2:ef:65:7e:db:d3:89:
73:33:47:76:d0:76:d3:c1:1d:b7:65:57:52:9d:57:
ca:16:9f:97:38:f4:bf:cc:cf:fe:99:25:96:d8:2b:
d6:37:81:7b:5a:e2:35:e6:40:86:6f:1b:12:15:62:
7d:fd:64:40:ff:54:24:71:f6:30:50:62:67:59:ee:
48:32:ba:26:bf:e4:e4:92:1c:5f:18:79:07:42:f2:
1b:b0:e1:d3:4c:5a:80:de:ed:ba:a0:b7:eb:cb:ef:
f3:dd:32:a4:3f:b5:64:7b:67:52:b7:a0:1c:8a:19:
88:1d:a0:27:04:25:b5:0c:e5:09:81:69:a9:ed:c7:
7f:8f:46:bd:aa:dc:91:59:d9:9a:79:de:30:bb:b0:
92:ed:7e:85:d5:8a:3e:c2:50:25:24:b1:c3:78:b3:
c7:2b:98:94:aa:a9:5f:e3:03:ac:0b:5b:51:c4:be:
53:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:2B:83:9C:1A:DB:54:C3:E8:9D:B1:FE:7F:54:33:1D:F9:22:CD:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB1113A8C9A311EFA540F35B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.16.0/23
Signature Algorithm: sha256WithRSAEncryption
32:05:95:18:69:5e:71:8d:09:c9:0f:7e:d1:fb:b7:81:d0:44:
f9:cf:19:8e:92:29:96:6b:0b:2e:e9:67:44:0e:6c:c3:e5:8d:
ef:d8:52:2f:58:80:28:06:82:df:e3:bb:a0:6f:a3:b8:99:77:
45:6c:94:c3:dc:52:47:7a:cc:82:89:67:86:41:71:8c:57:3b:
4d:2e:4c:7d:e9:ab:63:e0:85:97:2f:51:6d:8a:1f:4a:4d:94:
06:9f:f9:d5:b4:e1:0e:4f:61:05:bd:7e:cf:a5:5d:54:29:97:
b9:57:20:9b:8e:71:1d:ee:b2:4c:94:0d:14:b6:3e:9d:f2:4c:
82:60:cb:62:23:91:4e:4d:ca:fb:69:d4:c2:8f:04:8e:10:15:
9e:7a:8d:e7:29:20:0a:8a:f8:a5:8c:db:43:48:b8:ce:f2:88:
04:ad:8e:2c:3d:d5:ad:37:7a:58:98:69:59:21:23:ed:85:44:
6c:a7:a2:74:bb:ec:7a:66:8a:69:da:00:c2:25:a5:e5:81:a4:
7b:de:26:8a:9c:f5:4c:14:47:a8:bd:1e:98:08:67:84:c7:95:
cb:87:3b:24:51:c7:ee:0a:fd:b4:17:f6:87:dd:d5:7f:fb:3f:
7e:57:44:0c:bc:cc:a4:34:56:46:a3:3b:27:eb:e4:86:d0:16:
cb:76:98:1d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPZ5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDcyNDA5WhcNMjUwMTE4MDcyNDA5WjAYMRYw
FAYDVQQDEw02Nzc3OTA5ZC1iNTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAytn3eUOg6+c2SBUcTniuM5ml5+2LvvCKhMSiGy7bP/1nUFp6nGWeyyg0
rlSEvzgGuCxCzrH/pvVstyFBIbkbOlT60r1oXKylb5fwDhYuu9mzTfLvZX7b04lz
M0d20HbTwR23ZVdSnVfKFp+XOPS/zM/+mSWW2CvWN4F7WuI15kCGbxsSFWJ9/WRA
/1QkcfYwUGJnWe5IMromv+TkkhxfGHkHQvIbsOHTTFqA3u26oLfry+/z3TKkP7Vk
e2dSt6AcihmIHaAnBCW1DOUJgWmp7cd/j0a9qtyRWdmaed4wu7CS7X6F1Yo+wlAl
JLHDeLPHK5iUqqlf4wOsC1tRxL5T7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLAr
g5wa21TD6J2x/n9UMx35Is3vMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQjExMTNBOEM5QTMxMUVGQTU0MEYzNUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPYQMA0GCSqGSIb3DQEBCwUA
A4IBAQAyBZUYaV5xjQnJD37R+7eB0ET5zxmOkimWawsu6WdEDmzD5Y3v2FIvWIAo
BoLf47ugb6O4mXdFbJTD3FJHesyCiWeGQXGMVztNLkx96atj4IWXL1Ftih9KTZQG
n/nVtOEOT2EFvX7PpV1UKZe5VyCbjnEd7rJMlA0Utj6d8kyCYMtiI5FOTcr7adTC
jwSOEBWeeo3nKSAKiviljNtDSLjO8ogErY4sPdWtN3pYmGlZISPthURsp6J0u+x6
Zopp2gDCJaXlgaR73iaKnPVMFEeovR6YCGeEx5XLhzskUcfuCv20F/aH3dV/+z9+
V0QMvMykNFZGozsn6+SG0BbLdpgd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:51 2025 by rpki-client