Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD5B30B6CCF111EFB6882151762E951A.roa
File: BD5B30B6CCF111EFB6882151762E951A.roa (raw, json)
Hash identifier: SmuLSQ+6yYqU9ZU3ohfMSrQFVpupojdVu2P788jd3Y4=
Subject key identifier: 6C:A3:EA:3E:B7:09:44:01:55:25:21:FD:EC:2F:A3:49:14:8F:F6:E7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC15
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD5B30B6CCF111EFB6882151762E951A.roa
Signing time: Tue 07 Jan 2025 12:20:11 +0000
ROA not before: Tue 07 Jan 2025 12:20:07 +0000
ROA not after: Sat 18 Jan 2025 12:20:07 +0000
asID: 11331
IP address blocks: 156.227.48.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64533 (0xfc15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 12:20:07 2025 GMT
Not After : Jan 18 12:20:07 2025 GMT
Subject: CN=677d1bfb-f515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f0:30:8b:61:60:7a:02:86:6c:76:f2:6e:af:
a4:fc:67:65:76:3e:fc:80:13:e9:76:12:79:97:15:
b6:bd:5a:e0:9a:07:80:77:97:8f:f7:3a:be:b0:a5:
d8:35:16:bb:d0:46:6d:c1:ef:f3:78:6a:cf:f1:36:
1f:b5:3e:b7:28:90:a1:3f:56:77:46:8e:21:c7:29:
21:12:c3:6b:c7:f4:b1:2e:85:ba:39:42:8d:60:e6:
a9:5d:de:49:5c:b3:29:23:df:f7:6f:53:5b:25:3e:
f1:c1:c5:76:07:d0:e9:90:58:10:65:43:73:36:b8:
de:01:da:56:27:3b:03:47:d0:ad:fb:09:33:b8:f6:
82:24:23:49:01:31:2a:e2:24:5c:d3:56:6a:bf:bf:
ca:3c:56:ee:1b:28:a9:9f:88:45:c7:6b:a0:73:74:
58:a1:83:c1:b5:d4:7b:45:13:43:7e:33:20:0d:8f:
8d:bf:c5:e3:67:da:75:81:5f:00:f3:c2:1a:ad:4f:
9d:d4:70:62:ca:0d:07:ef:1e:27:38:49:87:1c:22:
f9:ea:f8:6e:48:a9:87:4e:d2:56:91:20:3c:c2:b1:
a9:78:9e:54:c2:87:8a:0b:cf:62:dc:1f:00:73:1d:
a3:5c:61:d0:d6:97:56:75:72:0f:1b:ad:f3:87:63:
e8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A3:EA:3E:B7:09:44:01:55:25:21:FD:EC:2F:A3:49:14:8F:F6:E7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD5B30B6CCF111EFB6882151762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.48.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:bf:70:6c:f8:44:54:83:ce:33:d5:1a:f7:54:76:0e:99:87:
10:fa:bd:b2:4e:5f:ce:16:63:cb:b3:bf:e7:c2:87:ce:6b:2a:
c4:36:56:40:28:3c:b1:98:86:1b:a8:1a:10:f6:4e:bf:6a:b2:
77:de:bb:87:a1:ef:6c:18:13:f8:95:f6:73:f7:8c:37:b1:91:
bd:ba:87:5b:cb:81:66:75:49:53:49:a8:04:4d:8f:f4:77:26:
14:d6:d5:12:49:a1:2b:56:20:99:bb:3a:c0:69:d3:37:d7:0a:
28:d0:35:a9:dd:41:fe:98:88:18:0d:2f:e6:d8:a5:d7:64:00:
23:63:89:fd:89:e2:37:53:51:6c:e0:7d:a0:a9:5d:6d:62:99:
b6:4c:80:b1:a1:71:7b:74:2d:50:c9:4f:a0:a8:ff:45:4f:61:
28:5c:7c:06:78:06:d7:84:50:76:8c:36:3d:44:a3:9d:35:65:
ca:dd:eb:aa:9a:f6:25:f3:40:57:07:5f:ad:f1:63:d0:bd:52:
83:af:a5:f0:7a:aa:29:94:ba:eb:0c:36:cc:13:24:ea:86:0f:
bc:c7:06:d7:ab:0b:e4:e4:e0:83:40:07:2b:ae:65:fb:d8:c0:
77:2e:06:92:b4:be:a5:87:e7:31:50:50:c1:82:1b:23:96:8d:
23:a6:01:a5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPwVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTIyMDA3WhcNMjUwMTE4MTIyMDA3WjAYMRYw
FAYDVQQDEw02NzdkMWJmYi1mNTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxPAwi2FgegKGbHbybq+k/Gdldj78gBPpdhJ5lxW2vVrgmgeAd5eP9zq+
sKXYNRa70EZtwe/zeGrP8TYftT63KJChP1Z3Ro4hxykhEsNrx/SxLoW6OUKNYOap
Xd5JXLMpI9/3b1NbJT7xwcV2B9DpkFgQZUNzNrjeAdpWJzsDR9Ct+wkzuPaCJCNJ
ATEq4iRc01Zqv7/KPFbuGyipn4hFx2ugc3RYoYPBtdR7RRNDfjMgDY+Nv8XjZ9p1
gV8A88IarU+d1HBiyg0H7x4nOEmHHCL56vhuSKmHTtJWkSA8wrGpeJ5UwoeKC89i
3B8Acx2jXGHQ1pdWdXIPG63zh2PomQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGyj
6j63CUQBVSUh/ewvo0kUj/bnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRDVCMzBCNkNDRjExMUVGQjY4ODIxNTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOMwMA0GCSqGSIb3DQEBCwUA
A4IBAQA+v3Bs+ERUg84z1Rr3VHYOmYcQ+r2yTl/OFmPLs7/nwofOayrENlZAKDyx
mIYbqBoQ9k6/arJ33ruHoe9sGBP4lfZz94w3sZG9uodby4FmdUlTSagETY/0dyYU
1tUSSaErViCZuzrAadM31woo0DWp3UH+mIgYDS/m2KXXZAAjY4n9ieI3U1Fs4H2g
qV1tYpm2TICxoXF7dC1QyU+gqP9FT2EoXHwGeAbXhFB2jDY9RKOdNWXK3euqmvYl
80BXB1+t8WPQvVKDr6XweqoplLrrDDbMEyTqhg+8xwbXqwvk5OCDQAcrrmX72MB3
LgaStL6lh+cxUFDBghsjlo0jpgGl
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:26 2025 by rpki-client