Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D096916CF2C511EFB149D0A8762E951A.roa
File: D096916CF2C511EFB149D0A8762E951A.roa (raw, json)
Hash identifier: 1p2CvKzXrlhk29mnHuXIW7FmW55mt3XGe9aR3IALIm0=
Subject key identifier: 93:D2:5F:AC:9E:F8:51:3D:70:0F:46:83:46:4E:70:17:7A:2A:B4:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012C0D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D096916CF2C511EFB149D0A8762E951A.roa
Signing time: Mon 24 Feb 2025 15:41:29 +0000
ROA not before: Mon 24 Feb 2025 15:41:26 +0000
ROA not after: Sat 29 Mar 2025 15:41:26 +0000
asID: 203020
IP address blocks: 156.233.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76813 (0x12c0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 24 15:41:26 2025 GMT
Not After : Mar 29 15:41:26 2025 GMT
Subject: CN=67bc9329-6cff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:03:75:2e:e7:be:12:8d:a0:44:1c:0b:10:55:
00:e6:81:b2:3f:aa:bb:00:f2:d4:6d:6b:92:1f:52:
75:77:d6:7d:4e:89:11:5f:7e:33:82:11:1f:ad:9c:
5b:d7:2a:fd:c6:8f:ba:cb:81:d9:14:12:11:c7:d6:
19:f7:b3:ae:64:0e:4f:5e:fb:75:b3:ce:77:05:48:
2e:81:a8:03:59:4f:24:be:0a:00:4d:d9:c2:6a:12:
46:7b:f7:d3:ab:90:cc:d8:2f:f1:a2:78:1f:67:1f:
ba:08:0c:1b:5e:9a:d9:59:60:99:99:df:96:27:8f:
11:a1:ab:67:4f:78:cb:29:12:6c:79:1b:c2:88:5a:
5d:d7:5a:d1:31:e1:ef:1d:fe:5d:5a:1e:d6:b3:b1:
4a:da:d6:7f:52:7a:d7:8c:56:4b:d4:3e:23:ce:92:
d7:3e:dc:8f:c1:7c:74:b6:3a:5d:23:59:07:86:b5:
27:1c:e5:3e:81:fe:5e:3d:0b:77:c3:e8:3f:5b:d8:
22:7c:98:b4:76:d8:c9:41:be:82:39:af:5a:5d:39:
18:4b:68:a2:13:15:59:f6:6b:f4:bb:8b:0b:fb:49:
1c:2d:54:5a:d1:8d:b5:88:e7:10:fc:f4:ce:e5:4b:
bb:e2:e1:0a:b9:9a:fa:4f:32:79:0d:dd:76:4b:8f:
9b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:D2:5F:AC:9E:F8:51:3D:70:0F:46:83:46:4E:70:17:7A:2A:B4:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D096916CF2C511EFB149D0A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.24.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:98:c1:e7:60:94:e4:51:0a:b8:4c:a6:e3:29:d0:64:4c:22:
8d:bb:f2:17:05:07:a6:2f:f0:54:ff:64:04:da:4d:59:56:d2:
96:0d:c4:be:c4:9b:05:76:4b:5a:25:b1:db:60:71:e7:19:fc:
c8:53:45:5f:62:31:fa:e5:bf:72:34:08:41:a0:b3:73:56:96:
51:8e:a1:7e:52:e9:6d:f5:55:66:e2:89:b3:b3:81:c2:88:b9:
09:cf:ee:cf:4e:33:69:53:a1:3e:48:8d:ec:13:1b:f7:9a:73:
f5:43:9b:77:cf:bd:4d:c7:f0:1a:f1:85:e7:ad:84:60:43:69:
97:a3:8d:cf:6f:18:fb:dc:8a:d1:4d:c6:95:15:33:a8:d4:2f:
ca:30:1b:fb:26:47:d4:c4:5e:28:2d:d8:ce:1e:c7:a7:d1:57:
e5:a7:8e:b4:65:21:dc:8c:0a:76:df:e2:c9:5e:2a:bd:16:b5:
73:93:40:59:f6:b2:5f:8a:5b:4c:46:88:e1:3f:62:ec:df:d2:
71:ef:26:ad:b7:ea:0f:cb:c6:0f:ab:36:a0:9a:a2:68:ce:09:
b0:fe:7d:14:ed:fa:fe:1e:9e:5a:67:4e:8e:2b:ac:7f:01:ed:
91:9d:63:b8:3e:1e:43:e0:be:74:78:e1:12:43:50:e8:93:98:
24:3d:de:cb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASwNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI0MTU0MTI2WhcNMjUwMzI5MTU0MTI2WjAYMRYw
FAYDVQQDEw02N2JjOTMyOS02Y2ZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4QN1Lue+Eo2gRBwLEFUA5oGyP6q7APLUbWuSH1J1d9Z9TokRX34zghEf
rZxb1yr9xo+6y4HZFBIRx9YZ97OuZA5PXvt1s853BUgugagDWU8kvgoATdnCahJG
e/fTq5DM2C/xongfZx+6CAwbXprZWWCZmd+WJ48RoatnT3jLKRJseRvCiFpd11rR
MeHvHf5dWh7Ws7FK2tZ/UnrXjFZL1D4jzpLXPtyPwXx0tjpdI1kHhrUnHOU+gf5e
PQt3w+g/W9gifJi0dtjJQb6COa9aXTkYS2iiExVZ9mv0u4sL+0kcLVRa0Y21iOcQ
/PTO5Uu74uEKuZr6TzJ5Dd12S4+btQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJPS
X6ye+FE9cA9Gg0ZOcBd6KrTeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMDk2OTE2Q0YyQzUxMUVGQjE0OUQwQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOkYMA0GCSqGSIb3DQEBCwUA
A4IBAQCKmMHnYJTkUQq4TKbjKdBkTCKNu/IXBQemL/BU/2QE2k1ZVtKWDcS+xJsF
dktaJbHbYHHnGfzIU0VfYjH65b9yNAhBoLNzVpZRjqF+Uult9VVm4omzs4HCiLkJ
z+7PTjNpU6E+SI3sExv3mnP1Q5t3z71Nx/Aa8YXnrYRgQ2mXo43Pbxj73IrRTcaV
FTOo1C/KMBv7JkfUxF4oLdjOHsen0Vflp460ZSHcjAp23+LJXiq9FrVzk0BZ9rJf
iltMRojhP2Ls39Jx7yatt+oPy8YPqzagmqJozgmw/n0U7fr+Hp5aZ06OK6x/Ae2R
nWO4Ph5D4L50eOESQ1Dok5gkPd7L
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:02:43 2025 by rpki-client