Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D102B7A8CF0111EF8D924084762E951A.roa
File: D102B7A8CF0111EF8D924084762E951A.roa (raw, json)
Hash identifier: fpezfxylFi0XSPmY4qbGQ3fZoW1a87YM+TL+X4rXERM=
Subject key identifier: F9:CB:E1:24:0B:E8:9F:2C:60:B5:1C:07:B9:6D:B7:C9:51:D7:45:C6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0104D9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D102B7A8CF0111EF8D924084762E951A.roa
Signing time: Fri 10 Jan 2025 03:20:18 +0000
ROA not before: Fri 10 Jan 2025 03:20:14 +0000
ROA not after: Mon 27 Jan 2025 03:20:14 +0000
asID: 62468
IP address blocks: 156.245.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66777 (0x104d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 03:20:14 2025 GMT
Not After : Jan 27 03:20:14 2025 GMT
Subject: CN=678091f2-d94b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c9:0c:a9:74:9d:ad:d4:65:68:81:4c:29:49:
a1:66:45:b2:48:14:97:ad:b1:52:33:eb:99:eb:d2:
58:41:3f:a7:40:68:a4:dc:6e:23:b3:5f:90:8f:5d:
75:fb:71:25:ae:dd:02:ee:9c:8e:3d:ab:b4:7b:ce:
c3:f3:d7:6b:3e:78:3a:f6:c4:ae:c5:5d:fd:50:48:
4d:22:00:81:28:a6:9d:3c:cf:0d:cc:f0:82:ec:c0:
6b:77:6d:90:9e:03:1b:f7:32:a3:1c:b1:8d:91:0e:
63:09:e2:3d:a3:f2:68:9b:7f:65:70:89:e1:70:48:
73:d6:01:ec:0d:3c:a1:45:d4:13:f5:a9:37:dc:eb:
0c:29:0d:5b:e0:08:4c:8a:6c:e3:e1:ca:dc:b6:d0:
9a:09:78:a9:55:d8:37:40:5d:80:57:e0:e5:df:ea:
c0:aa:1f:39:d4:ae:47:00:0d:df:ec:64:8c:60:49:
82:39:2c:da:0d:0c:e8:ce:3e:fd:5f:e7:bb:81:49:
b0:04:d4:b9:1c:0c:2a:85:a9:56:22:0a:8e:01:9d:
21:74:f2:cd:57:e7:19:fa:9f:33:32:ba:3a:b2:3e:
04:0d:28:09:a3:88:38:db:ef:51:56:f8:63:1b:8a:
e5:e0:2a:c6:a8:a1:c4:6f:bd:6b:35:4e:55:6d:27:
22:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:CB:E1:24:0B:E8:9F:2C:60:B5:1C:07:B9:6D:B7:C9:51:D7:45:C6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D102B7A8CF0111EF8D924084762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.128.0/21
Signature Algorithm: sha256WithRSAEncryption
75:47:1a:c2:51:f6:fc:a5:c3:51:33:34:7a:e2:9a:06:15:8e:
ca:99:39:6d:b5:ee:63:a5:34:7f:90:44:59:06:a1:77:3b:95:
67:fc:9d:58:b0:e8:ae:8e:c8:1f:d7:a9:4b:d3:17:e2:83:f1:
1b:11:50:76:b4:0c:8a:4a:2f:5d:e4:3f:31:0c:e5:9c:50:15:
7a:8a:df:92:94:3e:54:4d:07:7d:90:bc:d1:24:38:99:0a:81:
aa:a2:c7:dd:14:90:37:48:9a:8a:1b:b7:49:fd:f7:f3:18:a5:
e0:05:d6:b0:49:89:3d:98:df:75:a6:98:3b:6c:80:33:56:ec:
b4:48:ac:d3:3c:66:1e:42:5d:77:26:8c:d2:dd:39:d2:d5:65:
ad:5d:8e:a3:f2:02:cd:92:6c:3b:e6:c0:85:5d:32:55:82:4b:
eb:7e:01:c0:f5:bf:5e:99:04:08:c3:78:99:66:5b:a9:15:18:
0a:31:56:a8:51:f6:ac:11:71:f9:26:26:50:67:c6:96:a4:f1:
2b:2e:02:cf:55:ae:05:97:ee:b3:32:72:73:97:1b:33:19:f2:
f5:c5:d0:5f:e8:44:61:e6:07:5e:43:8e:31:45:70:65:4d:ca:
3d:7d:6f:1f:5b:3d:f1:b1:a5:2c:eb:7e:4c:d2:ba:c6:f0:40:
69:a4:5e:6b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQTZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDMyMDE0WhcNMjUwMTI3MDMyMDE0WjAYMRYw
FAYDVQQDEw02NzgwOTFmMi1kOTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1ckMqXSdrdRlaIFMKUmhZkWySBSXrbFSM+uZ69JYQT+nQGik3G4js1+Q
j111+3Elrt0C7pyOPau0e87D89drPng69sSuxV39UEhNIgCBKKadPM8NzPCC7MBr
d22QngMb9zKjHLGNkQ5jCeI9o/Jom39lcInhcEhz1gHsDTyhRdQT9ak33OsMKQ1b
4AhMimzj4crcttCaCXipVdg3QF2AV+Dl3+rAqh851K5HAA3f7GSMYEmCOSzaDQzo
zj79X+e7gUmwBNS5HAwqhalWIgqOAZ0hdPLNV+cZ+p8zMro6sj4EDSgJo4g42+9R
VvhjG4rl4CrGqKHEb71rNU5VbScikwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPnL
4SQL6J8sYLUcB7ltt8lR10XGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMTAyQjdBOENGMDExMUVGOEQ5MjQwODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPWAMA0GCSqGSIb3DQEBCwUA
A4IBAQB1RxrCUfb8pcNRMzR64poGFY7KmTltte5jpTR/kERZBqF3O5Vn/J1YsOiu
jsgf16lL0xfig/EbEVB2tAyKSi9d5D8xDOWcUBV6it+SlD5UTQd9kLzRJDiZCoGq
osfdFJA3SJqKG7dJ/ffzGKXgBdawSYk9mN91ppg7bIAzVuy0SKzTPGYeQl13JozS
3TnS1WWtXY6j8gLNkmw75sCFXTJVgkvrfgHA9b9emQQIw3iZZlupFRgKMVaoUfas
EXH5JiZQZ8aWpPErLgLPVa4Fl+6zMnJzlxszGfL1xdBf6ERh5gdeQ44xRXBlTco9
fW8fWz3xsaUs635M0rrG8EBppF5r
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:31 2025 by rpki-client