Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3F9DBF6C29811EFB07D828F762E951A.roa
File: C3F9DBF6C29811EFB07D828F762E951A.roa (raw, json)
Hash identifier: 2YbiRiuOGa+7vZMJYZ8Ipxwsy9WhT7p7PfEObdwOWxs=
Subject key identifier: 6A:F5:BD:76:70:20:4E:11:A4:4F:11:40:43:79:8C:A2:28:80:28:C4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E9D5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3F9DBF6C29811EFB07D828F762E951A.roa
Signing time: Wed 25 Dec 2024 08:18:05 +0000
ROA not before: Wed 25 Dec 2024 08:18:01 +0000
ROA not after: Wed 29 Jan 2025 08:18:01 +0000
asID: 398993
IP address blocks: 156.229.176.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59861 (0xe9d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 08:18:01 2024 GMT
Not After : Jan 29 08:18:01 2025 GMT
Subject: CN=676bbfbd-6ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:69:71:be:0f:47:74:eb:aa:00:50:b5:a7:7d:
62:54:75:db:08:9b:94:8d:99:10:fb:32:0a:75:fe:
dc:44:54:f0:12:f5:6a:f5:fc:b6:f5:4c:66:a3:a1:
a0:72:11:27:61:a5:72:52:24:61:28:da:c7:2b:ec:
0a:6c:f4:24:85:7d:fd:40:63:71:17:08:93:0f:38:
4c:4a:e3:4a:36:98:6e:4e:a1:84:72:b2:69:e4:df:
83:e6:8f:13:da:d8:aa:44:38:36:e9:a9:34:85:8c:
ca:0a:c6:c5:48:98:2e:0d:69:f3:d2:aa:0a:ac:61:
47:07:ff:49:56:25:fb:e5:64:13:ef:e4:ea:2c:f1:
0a:7c:59:40:77:88:7c:18:3a:a7:cf:7d:28:0e:17:
69:fe:67:06:be:42:9d:67:e4:26:89:93:a8:ff:53:
1a:83:0e:15:13:48:e1:82:f7:35:7e:57:77:6b:02:
9d:45:6f:e6:b4:9b:94:55:c1:a4:22:c8:61:42:f7:
82:dd:14:00:f3:4b:cb:eb:fe:dd:7f:f7:45:c0:97:
22:ec:62:59:e2:e6:4b:fa:7d:23:a5:d5:2e:f4:6a:
d2:c5:13:9f:75:4a:8b:dd:c6:54:00:1d:d1:ff:aa:
fd:d4:a9:81:5b:f6:65:53:d5:02:2e:1f:8b:68:1f:
d4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F5:BD:76:70:20:4E:11:A4:4F:11:40:43:79:8C:A2:28:80:28:C4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3F9DBF6C29811EFB07D828F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.176.0/20
Signature Algorithm: sha256WithRSAEncryption
70:90:d9:40:a0:64:34:2c:ad:7d:53:5b:a5:bd:7f:c1:8e:c9:
49:45:40:0e:62:d3:3e:e5:e3:2d:90:36:f8:92:ff:0d:32:d8:
c2:d5:43:33:5b:78:b3:bf:25:4f:5d:cd:38:64:5a:c6:58:08:
3f:2e:29:d8:67:cd:41:be:a0:4c:9d:38:da:d3:b3:d5:29:d0:
c7:8c:e3:06:95:c8:e5:e1:cd:c2:90:75:37:e3:22:36:ce:be:
45:c5:5d:35:9b:e4:04:de:40:16:79:5e:3b:13:3b:1d:34:09:
a0:37:ee:4b:93:6c:da:c5:82:12:a0:38:be:08:c5:b4:d7:4b:
6a:3a:dc:a6:41:4d:96:d5:bd:d7:1f:64:1c:ea:a1:eb:5f:8b:
fc:4d:f2:f9:12:d3:21:f8:0e:3c:95:c1:c6:9b:89:d8:e4:66:
fa:84:34:e6:6f:d1:51:fd:5a:22:e1:be:27:70:92:a5:dc:87:
0d:0d:02:8c:ad:d1:2f:80:6b:bf:00:e5:e4:e8:19:fc:cd:3d:
24:d9:d9:ca:56:65:64:ba:55:84:21:63:9e:5e:a4:98:ba:f4:
95:05:e1:ee:04:87:df:79:a9:01:95:ae:1d:52:dd:7d:1e:17:
cc:dc:59:3c:f7:3f:05:a8:36:2a:87:2d:6a:c4:75:e6:90:b4:
fd:89:56:cc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOnVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDgxODAxWhcNMjUwMTI5MDgxODAxWjAYMRYw
FAYDVQQDEw02NzZiYmZiZC02Y2E0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqmlxvg9HdOuqAFC1p31iVHXbCJuUjZkQ+zIKdf7cRFTwEvVq9fy29Uxm
o6GgchEnYaVyUiRhKNrHK+wKbPQkhX39QGNxFwiTDzhMSuNKNphuTqGEcrJp5N+D
5o8T2tiqRDg26ak0hYzKCsbFSJguDWnz0qoKrGFHB/9JViX75WQT7+TqLPEKfFlA
d4h8GDqnz30oDhdp/mcGvkKdZ+QmiZOo/1Magw4VE0jhgvc1fld3awKdRW/mtJuU
VcGkIshhQveC3RQA80vL6/7df/dFwJci7GJZ4uZL+n0jpdUu9GrSxROfdUqL3cZU
AB3R/6r91KmBW/ZlU9UCLh+LaB/URQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGr1
vXZwIE4RpE8RQEN5jKIogCjEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DM0Y5REJGNkMyOTgxMUVGQjA3RDgyOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOWwMA0GCSqGSIb3DQEBCwUA
A4IBAQBwkNlAoGQ0LK19U1ulvX/BjslJRUAOYtM+5eMtkDb4kv8NMtjC1UMzW3iz
vyVPXc04ZFrGWAg/LinYZ81BvqBMnTja07PVKdDHjOMGlcjl4c3CkHU34yI2zr5F
xV01m+QE3kAWeV47EzsdNAmgN+5Lk2zaxYISoDi+CMW010tqOtymQU2W1b3XH2Qc
6qHrX4v8TfL5EtMh+A48lcHGm4nY5Gb6hDTmb9FR/Voi4b4ncJKl3IcNDQKMrdEv
gGu/AOXk6Bn8zT0k2dnKVmVkulWEIWOeXqSYuvSVBeHuBIffeakBla4dUt19HhfM
3Fk89z8FqDYqhy1qxHXmkLT9iVbM
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:45 2025 by rpki-client