Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3BE963CB21611EFBA643D95762E951A.roa
File: C3BE963CB21611EFBA643D95762E951A.roa (raw, json)
Hash identifier: 90V/9bKKTn8qnU2daOdmutuaeiS30VKl5nZXetmX8kc=
Subject key identifier: 9C:A7:85:AE:61:03:5D:4C:D2:48:4B:14:67:18:9E:1D:36:9F:FE:05
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DF52
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3BE963CB21611EFBA643D95762E951A.roa
Signing time: Wed 04 Dec 2024 08:07:12 +0000
ROA not before: Wed 04 Dec 2024 08:07:08 +0000
ROA not after: Thu 23 Jan 2025 08:07:08 +0000
asID: 138915
IP address blocks: 156.225.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57170 (0xdf52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 4 08:07:08 2024 GMT
Not After : Jan 23 08:07:08 2025 GMT
Subject: CN=67500daf-5af8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:29:f3:c3:c8:b5:5d:60:c6:64:1b:bc:22:9c:
51:fd:05:3a:ea:ba:03:73:26:27:f2:ea:41:b1:72:
7d:1c:da:8a:ef:5c:f6:87:77:f7:10:11:c9:4a:77:
31:3c:3b:8d:27:7e:83:33:d7:cd:c6:fd:ad:7c:83:
74:62:3a:7b:c0:05:0d:78:0c:0d:ac:64:fa:b5:98:
dd:c3:e8:6d:99:49:43:74:61:1b:32:2f:e1:30:77:
1f:28:a4:5a:f9:5b:ad:ac:af:8b:fe:8e:8b:bf:0e:
a6:84:25:8f:3a:16:00:27:f8:85:00:83:9d:0a:2f:
b1:e9:93:27:63:df:b8:d5:59:d8:aa:34:c6:99:b2:
48:c4:f5:c4:a1:25:0f:34:87:83:07:5e:bd:74:d0:
94:e6:19:08:77:04:27:93:6a:03:94:14:67:09:c2:
a0:d3:11:4f:65:e4:7b:a4:70:1c:bc:82:ea:47:7b:
30:99:f0:ed:fb:24:e5:31:65:4b:77:7b:1e:86:e1:
65:8b:16:38:29:f0:b5:98:fa:0f:6a:ce:d9:37:eb:
63:17:8f:6b:2f:54:29:e8:6b:67:aa:68:e5:63:9a:
9f:dc:d9:1e:30:96:0d:24:59:0f:70:81:ac:d7:eb:
b5:0a:dc:04:cb:4f:c5:e2:41:d1:96:34:95:2f:02:
90:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A7:85:AE:61:03:5D:4C:D2:48:4B:14:67:18:9E:1D:36:9F:FE:05
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3BE963CB21611EFBA643D95762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.117.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:32:e8:5f:eb:56:9b:36:dd:b0:87:82:fd:8c:9f:82:bf:1e:
3d:e7:bb:c1:b5:91:bc:11:66:81:2a:2c:2e:71:c9:25:c0:eb:
4d:03:63:ac:b5:fb:79:58:af:23:b1:d1:df:8b:69:c9:06:31:
b1:74:06:c8:d4:d4:7e:a1:de:f4:d7:b3:aa:a9:e0:62:b9:cc:
1d:28:e7:a9:3d:a3:4b:fe:8b:83:65:80:57:10:cd:f4:62:f7:
39:97:0e:24:e9:23:f2:43:e1:26:99:c4:8d:73:4a:b5:ac:3e:
28:30:fe:01:de:78:34:86:8d:9e:11:77:05:61:ed:61:f8:dd:
16:ae:d6:23:d6:64:2c:40:fd:8e:fb:4e:8d:88:a7:74:4f:53:
58:d8:05:cd:20:a8:3b:d3:1e:01:2c:f6:ff:d3:9a:1e:68:dd:
fc:87:01:f0:9d:f6:08:fc:e5:46:81:d7:b4:93:f0:f6:45:4f:
8d:35:b7:1a:af:63:29:de:84:3f:c1:96:ed:82:e2:f2:81:a3:
ad:36:17:1f:f0:a8:4c:fb:35:4d:b2:b1:c0:e4:7e:8d:bb:df:
10:58:54:a1:21:33:f7:36:40:c9:7a:e6:4f:49:3b:5f:c8:7a:
db:64:5e:93:00:57:d1:f8:b2:b3:2f:83:55:45:b0:8d:85:ad:
bb:02:cc:86
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAN9SMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA0MDgwNzA4WhcNMjUwMTIzMDgwNzA4WjAYMRYw
FAYDVQQDEw02NzUwMGRhZi01YWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Cnzw8i1XWDGZBu8IpxR/QU66roDcyYn8upBsXJ9HNqK71z2h3f3EBHJ
SncxPDuNJ36DM9fNxv2tfIN0Yjp7wAUNeAwNrGT6tZjdw+htmUlDdGEbMi/hMHcf
KKRa+VutrK+L/o6Lvw6mhCWPOhYAJ/iFAIOdCi+x6ZMnY9+41VnYqjTGmbJIxPXE
oSUPNIeDB169dNCU5hkIdwQnk2oDlBRnCcKg0xFPZeR7pHAcvILqR3swmfDt+yTl
MWVLd3sehuFlixY4KfC1mPoPas7ZN+tjF49rL1Qp6GtnqmjlY5qf3NkeMJYNJFkP
cIGs1+u1CtwEy0/F4kHRljSVLwKQpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJyn
ha5hA11M0khLFGcYnh02n/4FMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DM0JFOTYzQ0IyMTYxMUVGQkE2NDNEOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOF1MA0GCSqGSIb3DQEBCwUA
A4IBAQBNMuhf61abNt2wh4L9jJ+Cvx4957vBtZG8EWaBKiwuccklwOtNA2Ostft5
WK8jsdHfi2nJBjGxdAbI1NR+od7017OqqeBiucwdKOepPaNL/ouDZYBXEM30Yvc5
lw4k6SPyQ+EmmcSNc0q1rD4oMP4B3ng0ho2eEXcFYe1h+N0WrtYj1mQsQP2O+06N
iKd0T1NY2AXNIKg70x4BLPb/05oeaN38hwHwnfYI/OVGgde0k/D2RU+NNbcar2Mp
3oQ/wZbtguLygaOtNhcf8KhM+zVNsrHA5H6Nu98QWFShITP3NkDJeuZPSTtfyHrb
ZF6TAFfR+LKzL4NVRbCNha27AsyG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:36 2025 by rpki-client