Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5E8AB42C47611EFA004DC6A762E951A.roa
File: C5E8AB42C47611EFA004DC6A762E951A.roa (raw, json)
Hash identifier: PL/44VYiQa8m59wUipeGmc+vt5sQOkCOn+sfrgrOYR8=
Subject key identifier: FA:9D:36:47:C2:28:E2:17:B7:7A:08:9B:13:95:27:41:8D:DF:2B:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F0E4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5E8AB42C47611EFA004DC6A762E951A.roa
Signing time: Fri 27 Dec 2024 17:19:48 +0000
ROA not before: Fri 27 Dec 2024 17:19:44 +0000
ROA not after: Mon 03 Feb 2025 17:19:44 +0000
asID: 7018
IP address blocks: 156.248.112.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61668 (0xf0e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 17:19:44 2024 GMT
Not After : Feb 3 17:19:44 2025 GMT
Subject: CN=676ee1b4-1cdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d1:34:c4:79:3d:2f:a0:9f:8f:80:89:72:55:
7f:3e:a4:8b:60:af:b7:2b:2e:d3:79:d1:53:4f:83:
66:2a:bd:57:ee:be:f6:b3:0d:51:65:f0:0d:d4:0f:
e7:31:3d:80:be:d6:0d:28:7a:20:4a:06:d3:58:ec:
18:be:cf:3d:20:19:e4:bc:a6:4f:9b:8c:db:8e:b2:
c7:73:a4:f9:62:42:8d:6e:fe:3a:5e:e9:2f:af:6f:
d8:3b:61:4b:9f:37:35:83:aa:7b:5c:b4:3d:a6:35:
57:c4:4b:4c:20:d1:d7:3d:1f:72:98:1b:c7:97:7a:
56:66:b2:92:f2:fa:fa:fa:0a:4b:8f:e7:4d:13:ec:
d3:1f:6b:66:7f:7b:ac:0d:90:78:03:66:f0:ff:45:
db:ee:3c:12:e5:97:b1:44:ef:af:11:d5:93:db:dd:
48:1f:c2:40:a0:6a:14:67:f9:ca:fb:b2:8e:21:92:
eb:a0:50:2c:d5:67:50:ce:5e:00:f3:48:db:80:48:
3b:cc:58:2d:fb:80:66:8c:db:17:f1:6b:07:cf:29:
14:7b:5c:e8:d0:3f:7a:d3:73:3c:9d:2a:8b:8b:51:
6c:e7:f4:b5:99:6d:ba:e3:b8:4b:df:21:f2:af:e1:
1c:39:28:74:2d:5d:c6:a5:1c:12:63:77:1c:d6:98:
fe:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9D:36:47:C2:28:E2:17:B7:7A:08:9B:13:95:27:41:8D:DF:2B:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5E8AB42C47611EFA004DC6A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.112.0/20
Signature Algorithm: sha256WithRSAEncryption
04:ab:fb:72:cc:19:93:c1:b2:a8:dd:a5:7b:76:08:de:85:7f:
2b:83:87:4e:58:73:5b:b0:06:8a:57:ea:e3:2d:71:87:de:da:
c3:5e:67:4a:b1:51:b1:16:79:eb:cd:6e:93:22:13:4f:6e:29:
cb:75:98:41:32:61:c3:3d:7b:8b:85:1d:ac:21:67:74:b1:86:
84:5d:57:13:33:cd:37:13:ba:b5:f9:76:eb:e4:eb:8f:1c:67:
21:59:b8:aa:93:21:7f:b0:aa:be:5d:6c:55:f8:ae:c4:98:51:
24:b4:96:3a:60:af:5c:1a:e8:89:b9:32:ef:25:84:0a:14:a9:
52:92:7e:80:27:7c:92:cb:b9:7d:d0:d1:d2:e2:7d:4a:8c:5b:
b0:f0:e2:85:b1:92:a2:cd:d6:b7:82:8d:c9:16:ac:db:2c:04:
a5:60:37:86:9c:14:b8:27:da:aa:85:ea:d3:ed:a2:10:59:89:
18:46:70:2c:ab:ee:83:a7:d0:8b:84:42:87:ad:59:07:cc:a2:
57:08:1a:14:8a:c6:75:b1:e6:58:03:f7:4a:e8:39:1a:48:23:
1e:d2:b9:d5:0a:fb:9c:e7:9a:37:ea:b5:f1:c2:fd:3e:36:89:
d5:ec:f0:69:5e:24:3f:44:da:77:42:cc:6f:05:55:4c:02:20:
1c:21:be:f3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPDkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MTcxOTQ0WhcNMjUwMjAzMTcxOTQ0WjAYMRYw
FAYDVQQDEw02NzZlZTFiNC0xY2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyNE0xHk9L6Cfj4CJclV/PqSLYK+3Ky7TedFTT4NmKr1X7r72sw1RZfAN
1A/nMT2AvtYNKHogSgbTWOwYvs89IBnkvKZPm4zbjrLHc6T5YkKNbv46Xukvr2/Y
O2FLnzc1g6p7XLQ9pjVXxEtMINHXPR9ymBvHl3pWZrKS8vr6+gpLj+dNE+zTH2tm
f3usDZB4A2bw/0Xb7jwS5ZexRO+vEdWT291IH8JAoGoUZ/nK+7KOIZLroFAs1WdQ
zl4A80jbgEg7zFgt+4BmjNsX8WsHzykUe1zo0D9603M8nSqLi1Fs5/S1mW2647hL
3yHyr+EcOSh0LV3GpRwSY3cc1pj+CwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPqd
NkfCKOIXt3oImxOVJ0GN3ys3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNUU4QUI0MkM0NzYxMUVGQTAwNERDNkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPhwMA0GCSqGSIb3DQEBCwUA
A4IBAQAEq/tyzBmTwbKo3aV7dgjehX8rg4dOWHNbsAaKV+rjLXGH3trDXmdKsVGx
FnnrzW6TIhNPbinLdZhBMmHDPXuLhR2sIWd0sYaEXVcTM803E7q1+Xbr5OuPHGch
WbiqkyF/sKq+XWxV+K7EmFEktJY6YK9cGuiJuTLvJYQKFKlSkn6AJ3ySy7l90NHS
4n1KjFuw8OKFsZKizda3go3JFqzbLASlYDeGnBS4J9qqherT7aIQWYkYRnAsq+6D
p9CLhEKHrVkHzKJXCBoUisZ1seZYA/dK6DkaSCMe0rnVCvuc55o36rXxwv0+NonV
7PBpXiQ/RNp3QsxvBVVMAiAcIb7z
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:15 2025 by rpki-client