Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF88992AC29A11EF84018B9A762E951A.roa
File: BF88992AC29A11EF84018B9A762E951A.roa (raw, json)
Hash identifier: hE0vFXk42ffNeyL5cNTw+iGlkXHseYmA7+O3kXBdjFI=
Subject key identifier: 53:67:B3:35:83:0C:55:57:4A:97:CD:66:95:4C:4E:32:E2:10:78:16
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E9E3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF88992AC29A11EF84018B9A762E951A.roa
Signing time: Wed 25 Dec 2024 08:32:17 +0000
ROA not before: Wed 25 Dec 2024 08:32:13 +0000
ROA not after: Mon 27 Jan 2025 08:32:13 +0000
asID: 5068
IP address blocks: 156.224.96.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59875 (0xe9e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 08:32:13 2024 GMT
Not After : Jan 27 08:32:13 2025 GMT
Subject: CN=676bc310-642b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:77:09:bd:f7:26:22:c6:29:12:9d:bf:73:44:
fe:bd:bf:6b:33:9f:eb:1e:f7:05:5e:2a:b6:0c:33:
8e:87:48:51:83:ba:87:f2:7b:6f:e1:cd:6b:99:2a:
74:6d:f5:13:59:9a:81:7b:67:81:ff:18:4c:6d:2f:
a1:02:9a:5e:41:89:94:de:e1:f2:b1:ef:05:4f:ca:
c9:98:fb:17:22:17:a6:cd:01:80:2f:58:1b:1d:9e:
d7:76:db:93:23:53:1f:dc:50:6d:c0:2a:a3:91:2e:
46:da:b4:02:85:9b:8c:a3:f1:49:bc:b9:a4:31:d8:
f9:94:b8:6d:e3:7e:2a:1d:87:98:84:d2:33:cd:ca:
9e:c3:bc:47:1b:5f:66:07:c2:17:f5:8d:e2:99:e5:
ee:7f:cf:e9:ac:7c:df:a6:c5:d6:fa:15:4c:8f:4c:
6c:b5:3c:c6:83:18:30:62:b4:18:ea:e8:b8:df:95:
76:1b:1e:5c:c0:58:52:f2:e9:a8:fb:0d:de:2b:0b:
57:a1:ba:02:a4:0f:26:66:6a:61:d5:94:03:6b:c9:
b8:6b:8d:99:56:e3:f6:20:e7:df:80:3f:72:ad:b4:
f4:93:21:e3:52:65:47:c8:9a:10:41:53:d7:83:73:
9d:1d:35:56:ad:03:ba:37:e3:20:5b:18:f1:10:85:
8c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:67:B3:35:83:0C:55:57:4A:97:CD:66:95:4C:4E:32:E2:10:78:16
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF88992AC29A11EF84018B9A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.96.0/19
Signature Algorithm: sha256WithRSAEncryption
1c:f3:fc:06:37:c2:1c:6d:c7:43:74:cb:99:4d:a4:a3:9d:61:
90:55:4f:9a:8f:1e:79:a0:cb:e2:f7:e8:e5:54:7a:5b:24:f7:
cb:4b:92:a0:46:3f:40:cc:7a:62:20:c4:d8:ce:df:14:27:f3:
de:14:4e:5e:5f:29:df:00:5d:d6:aa:31:4f:40:55:37:e6:a0:
b2:52:42:a0:b0:bf:24:1e:b0:28:ac:dd:bb:4c:c1:16:a5:29:
53:15:dd:1f:bc:03:9d:7f:9e:36:f0:ff:29:52:11:fb:14:89:
74:b8:9f:43:38:56:ed:96:e5:04:5a:28:33:34:e8:47:b8:6e:
7a:2f:1d:01:c3:c6:8f:80:f5:d3:53:fc:c6:fb:ed:6c:8e:0c:
ab:89:ac:8b:6b:17:92:5c:e6:e2:a5:ec:84:53:8f:7a:1a:a1:
f8:92:63:70:5d:c9:51:c1:17:b6:ab:b7:fc:56:5d:3b:56:b0:
f3:86:6f:72:82:27:4f:da:9c:43:52:4c:6f:ac:98:23:e7:75:
d0:4d:d2:58:be:b5:63:12:65:dd:7e:73:be:67:aa:f2:cf:fb:
5a:e0:31:5a:0f:c1:39:e2:e3:82:d9:82:a3:7b:8c:ee:16:10:
92:ce:89:87:a8:a4:e1:38:6a:48:85:59:ef:5f:71:fd:f3:27:
fe:d3:9a:33
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOnjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDgzMjEzWhcNMjUwMTI3MDgzMjEzWjAYMRYw
FAYDVQQDEw02NzZiYzMxMC02NDJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoncJvfcmIsYpEp2/c0T+vb9rM5/rHvcFXiq2DDOOh0hRg7qH8ntv4c1r
mSp0bfUTWZqBe2eB/xhMbS+hAppeQYmU3uHyse8FT8rJmPsXIhemzQGAL1gbHZ7X
dtuTI1Mf3FBtwCqjkS5G2rQChZuMo/FJvLmkMdj5lLht434qHYeYhNIzzcqew7xH
G19mB8IX9Y3imeXuf8/prHzfpsXW+hVMj0xstTzGgxgwYrQY6ui435V2Gx5cwFhS
8umo+w3eKwtXoboCpA8mZmph1ZQDa8m4a42ZVuP2IOffgD9yrbT0kyHjUmVHyJoQ
QVPXg3OdHTVWrQO6N+MgWxjxEIWM0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFNn
szWDDFVXSpfNZpVMTjLiEHgWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRjg4OTkyQUMyOUExMUVGODQwMThCOUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnOBgMA0GCSqGSIb3DQEBCwUA
A4IBAQAc8/wGN8IcbcdDdMuZTaSjnWGQVU+ajx55oMvi9+jlVHpbJPfLS5KgRj9A
zHpiIMTYzt8UJ/PeFE5eXynfAF3WqjFPQFU35qCyUkKgsL8kHrAorN27TMEWpSlT
Fd0fvAOdf5428P8pUhH7FIl0uJ9DOFbtluUEWigzNOhHuG56Lx0Bw8aPgPXTU/zG
++1sjgyriayLaxeSXObipeyEU496GqH4kmNwXclRwRe2q7f8Vl07VrDzhm9ygidP
2pxDUkxvrJgj53XQTdJYvrVjEmXdfnO+Z6ryz/ta4DFaD8E54uOC2YKje4zuFhCS
zomHqKThOGpIhVnvX3H98yf+05oz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:12 2025 by rpki-client