Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C99253A4CE7811EFB1AFF395762E951A.roa
File: C99253A4CE7811EFB1AFF395762E951A.roa (raw, json)
Hash identifier: DvI4RC0sZ6rnqNAaqJ5tlbPKFWKsPlhO2BEwbkp3Dck=
Subject key identifier: D9:B0:F9:DD:D4:2E:19:70:80:28:DE:0D:00:1C:96:DD:7B:41:96:CC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01032E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C99253A4CE7811EFB1AFF395762E951A.roa
Signing time: Thu 09 Jan 2025 10:59:24 +0000
ROA not before: Thu 09 Jan 2025 10:59:21 +0000
ROA not after: Wed 22 Jan 2025 10:59:21 +0000
asID: 22773
IP address blocks: 156.235.56.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66350 (0x1032e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 10:59:21 2025 GMT
Not After : Jan 22 10:59:21 2025 GMT
Subject: CN=677fac0c-7f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:87:5a:73:0c:52:90:23:fb:3d:25:4d:ce:21:
b9:1e:0c:37:0d:78:a1:78:c3:b3:a8:2b:a0:d1:cf:
76:5b:3d:cf:9e:be:f3:da:08:28:e6:0f:2a:16:88:
d6:ee:f5:42:07:8f:41:5f:23:72:3a:d8:b3:d8:e0:
4c:b7:98:18:1c:7b:8f:9d:ee:94:a0:4d:9f:25:90:
07:ff:bc:4b:7d:68:f5:bb:6d:a3:ab:d6:02:79:73:
73:b1:d7:79:89:2a:8b:50:c7:53:d6:89:bc:0d:ae:
57:da:44:03:90:d7:5b:d9:88:a0:9d:f0:d6:b6:1e:
c9:09:2d:37:82:4c:fe:0f:ef:6a:83:0b:12:ec:1f:
43:ef:b0:93:ac:15:6d:93:df:1c:7a:91:2c:57:61:
8e:dd:08:10:eb:b9:ad:7a:f7:66:f0:c0:73:33:2f:
b0:65:2d:7c:f9:82:ec:b3:5b:ff:d6:c9:12:70:41:
60:bc:8f:06:8f:f9:25:07:48:be:b8:e4:3b:37:c7:
b3:7d:4c:16:2e:64:ae:dd:1b:d5:80:64:1f:d7:d8:
9a:cb:92:6d:b5:00:40:c1:bb:f9:38:77:f1:40:50:
85:a9:39:1c:19:aa:3a:cd:86:80:ae:96:96:ca:96:
76:d3:c2:02:91:9b:54:f4:17:02:0a:0c:d8:2a:a9:
56:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B0:F9:DD:D4:2E:19:70:80:28:DE:0D:00:1C:96:DD:7B:41:96:CC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C99253A4CE7811EFB1AFF395762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.56.0/21
Signature Algorithm: sha256WithRSAEncryption
61:71:6c:6f:c3:e0:91:63:51:12:fc:63:b3:18:13:c7:0d:65:
a3:5a:f6:eb:57:13:f3:3c:b6:98:63:5c:fb:1e:56:ec:54:7e:
0c:02:79:06:c0:bc:b5:76:4b:ba:87:5a:9e:9d:3e:2e:ca:cc:
c6:c5:21:72:26:41:5d:eb:90:f0:98:c9:bf:b1:24:08:44:b5:
01:b9:19:7e:c8:ff:16:ba:15:e0:9d:72:31:d8:88:2c:84:89:
b9:7f:3a:dc:49:e2:cc:4a:b3:19:9f:c5:2a:82:b1:a8:ae:48:
92:7f:45:49:06:27:b7:e4:c5:aa:ac:68:6a:b2:49:ae:c8:31:
ff:63:68:66:5a:ec:b1:7a:9d:e9:85:7f:17:4f:cb:8d:28:1b:
1b:32:7d:3c:2d:0b:8d:90:b1:81:a7:0f:77:7e:db:33:e7:ea:
e7:91:78:a9:1b:b7:64:19:2c:b2:1c:1e:46:90:7d:32:7d:fe:
05:e0:a5:f7:ca:27:5c:12:fd:96:49:f3:6f:26:96:ae:d6:60:
3e:3c:cd:2a:18:bc:5a:69:4e:37:23:90:59:b7:3b:20:40:93:
6a:56:fa:f4:9c:c5:e2:4e:b1:15:f6:02:8e:58:9b:a4:cd:38:
84:0b:a8:e3:ed:76:22:1c:83:ec:85:18:b1:9f:07:62:2c:f4:
15:31:11:e8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQMuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTA1OTIxWhcNMjUwMTIyMTA1OTIxWjAYMRYw
FAYDVQQDEw02NzdmYWMwYy03ZjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwodacwxSkCP7PSVNziG5Hgw3DXiheMOzqCug0c92Wz3Pnr7z2ggo5g8q
FojW7vVCB49BXyNyOtiz2OBMt5gYHHuPne6UoE2fJZAH/7xLfWj1u22jq9YCeXNz
sdd5iSqLUMdT1om8Da5X2kQDkNdb2YignfDWth7JCS03gkz+D+9qgwsS7B9D77CT
rBVtk98cepEsV2GO3QgQ67mtevdm8MBzMy+wZS18+YLss1v/1skScEFgvI8Gj/kl
B0i+uOQ7N8ezfUwWLmSu3RvVgGQf19iay5JttQBAwbv5OHfxQFCFqTkcGao6zYaA
rpaWypZ208ICkZtU9BcCCgzYKqlWDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNmw
+d3ULhlwgCjeDQAclt17QZbMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOTkyNTNBNENFNzgxMUVGQjFBRkYzOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOs4MA0GCSqGSIb3DQEBCwUA
A4IBAQBhcWxvw+CRY1ES/GOzGBPHDWWjWvbrVxPzPLaYY1z7HlbsVH4MAnkGwLy1
dku6h1qenT4uyszGxSFyJkFd65DwmMm/sSQIRLUBuRl+yP8WuhXgnXIx2IgshIm5
fzrcSeLMSrMZn8UqgrGorkiSf0VJBie35MWqrGhqskmuyDH/Y2hmWuyxep3phX8X
T8uNKBsbMn08LQuNkLGBpw93ftsz5+rnkXipG7dkGSyyHB5GkH0yff4F4KX3yidc
Ev2WSfNvJpau1mA+PM0qGLxaaU43I5BZtzsgQJNqVvr0nMXiTrEV9gKOWJukzTiE
C6jj7XYiHIPshRixnwdiLPQVMRHo
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:00 2025 by rpki-client