Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D0065C9CBF9D11EF9A9CCDA3762E951A.roa
File: D0065C9CBF9D11EF9A9CCDA3762E951A.roa (raw, json)
Hash identifier: NudIBQGSvcn4ZyyhH+RjcdEY0XLowON1yxaxUHko5bc=
Subject key identifier: 24:B4:76:7A:A1:BE:95:91:6F:D3:B6:57:B9:C0:94:59:0A:E3:55:60
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E7BA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D0065C9CBF9D11EF9A9CCDA3762E951A.roa
Signing time: Sat 21 Dec 2024 13:16:39 +0000
ROA not before: Sat 21 Dec 2024 13:16:36 +0000
ROA not after: Fri 31 Jan 2025 13:16:36 +0000
asID: 398704
IP address blocks: 156.245.192.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59322 (0xe7ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 21 13:16:36 2024 GMT
Not After : Jan 31 13:16:36 2025 GMT
Subject: CN=6766bfb7-7bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:85:91:15:cf:a9:d0:16:c7:25:d6:38:03:84:
62:8a:cf:36:86:24:ca:68:66:75:06:fb:2e:66:7d:
ac:8e:53:f5:fb:fc:90:7c:0c:f6:39:63:1c:4a:91:
a9:2f:0d:8f:14:c0:f9:0d:ab:7b:1a:26:15:69:b9:
b2:f8:3e:00:3d:5d:1c:61:73:a2:6b:26:44:74:55:
db:e1:30:31:cb:8c:ce:a7:0a:58:20:fb:39:ff:5a:
39:b5:0c:fb:c1:25:c7:14:5c:4f:99:ab:42:7d:91:
c7:3e:44:e0:db:71:ed:c2:2e:6e:8e:55:08:a8:11:
cb:85:3f:1b:d9:e8:74:ce:de:34:8e:aa:5b:e4:70:
94:fa:25:ae:40:67:3d:0e:84:fc:80:ef:8b:87:fb:
6d:42:9f:cf:2b:c8:26:14:4e:7c:54:e7:c7:f6:b1:
9d:d1:79:0c:9d:b2:9a:c5:9a:41:73:b6:56:b9:86:
4c:69:c3:96:a9:7b:55:e7:a5:fa:2c:fb:34:76:97:
cd:32:e4:5f:d7:04:e5:32:e2:b8:4b:84:7c:1b:76:
80:66:2a:11:1a:f9:e9:be:69:5e:d4:af:c6:bb:4a:
1d:fb:b4:95:8a:4c:49:bb:97:5a:07:69:44:60:3f:
d3:8f:d9:47:e3:db:a2:17:43:fc:71:9a:6a:2f:34:
ff:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B4:76:7A:A1:BE:95:91:6F:D3:B6:57:B9:C0:94:59:0A:E3:55:60
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D0065C9CBF9D11EF9A9CCDA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.192.0/23
Signature Algorithm: sha256WithRSAEncryption
94:bb:e6:30:92:f6:bc:36:17:57:5d:e4:76:49:f1:3c:89:41:
4a:0c:9f:68:21:0f:55:f4:9a:90:e4:8a:44:c8:2e:dd:1e:ef:
d4:96:12:e0:d7:d8:cc:92:4c:f2:46:e3:86:2d:29:52:da:c7:
27:4b:c0:36:d0:35:a4:58:40:41:5c:03:1d:e5:46:2a:27:6d:
a2:48:89:ef:d2:9e:37:28:2c:ae:8e:a7:3a:ed:9d:71:67:9b:
3e:32:61:9e:3b:30:3a:9e:78:16:bd:49:ee:a2:72:9a:29:b3:
24:5a:2b:cb:53:fc:5f:0e:08:25:0a:be:15:fa:b4:71:0c:a9:
1e:1f:15:b4:be:d5:d7:4a:77:9b:8d:21:f8:97:ad:f8:13:42:
14:ac:cd:13:73:2b:43:3a:3e:4c:d8:22:20:18:3d:32:37:5e:
b6:d5:8e:dc:a3:cd:07:55:4b:80:94:e8:b4:fd:d6:c5:bc:15:
cb:23:68:66:4b:f0:b4:dd:ff:42:bc:13:99:f1:fe:b4:a5:3a:
df:0d:0f:f0:31:9d:cd:34:13:ed:bb:58:d1:90:b7:89:87:46:
55:e7:1d:a6:ca:6c:f9:6a:22:18:a5:3d:a9:8a:fb:d3:45:a7:
90:ee:69:b3:d1:ee:d7:bc:da:5c:0b:87:16:8b:6a:e3:80:ce:
58:7c:0d:5e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOe6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIxMTMxNjM2WhcNMjUwMTMxMTMxNjM2WjAYMRYw
FAYDVQQDEw02NzY2YmZiNy03YmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn4WRFc+p0BbHJdY4A4Riis82hiTKaGZ1BvsuZn2sjlP1+/yQfAz2OWMc
SpGpLw2PFMD5Dat7GiYVabmy+D4APV0cYXOiayZEdFXb4TAxy4zOpwpYIPs5/1o5
tQz7wSXHFFxPmatCfZHHPkTg23Htwi5ujlUIqBHLhT8b2eh0zt40jqpb5HCU+iWu
QGc9DoT8gO+Lh/ttQp/PK8gmFE58VOfH9rGd0XkMnbKaxZpBc7ZWuYZMacOWqXtV
56X6LPs0dpfNMuRf1wTlMuK4S4R8G3aAZioRGvnpvmle1K/Gu0od+7SVikxJu5da
B2lEYD/Tj9lH49uiF0P8cZpqLzT/cQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCS0
dnqhvpWRb9O2V7nAlFkK41VgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMDA2NUM5Q0JGOUQxMUVGOUE5Q0NEQTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPXAMA0GCSqGSIb3DQEBCwUA
A4IBAQCUu+Ywkva8NhdXXeR2SfE8iUFKDJ9oIQ9V9JqQ5IpEyC7dHu/UlhLg19jM
kkzyRuOGLSlS2scnS8A20DWkWEBBXAMd5UYqJ22iSInv0p43KCyujqc67Z1xZ5s+
MmGeOzA6nngWvUnuonKaKbMkWivLU/xfDgglCr4V+rRxDKkeHxW0vtXXSnebjSH4
l634E0IUrM0TcytDOj5M2CIgGD0yN1621Y7co80HVUuAlOi0/dbFvBXLI2hmS/C0
3f9CvBOZ8f60pTrfDQ/wMZ3NNBPtu1jRkLeJh0ZV5x2mymz5aiIYpT2pivvTRaeQ
7mmz0e7XvNpcC4cWi2rjgM5YfA1e
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:43 2025 by rpki-client