Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2C770C0C9B511EFB2253C4E762E951A.roa
File: D2C770C0C9B511EFB2253C4E762E951A.roa (raw, json)
Hash identifier: o/qNXbFNgH/TI6FSNM52gFFCmA3lV2Anr9ZA5CxBdQ4=
Subject key identifier: 12:35:60:1F:49:CC:B5:B0:39:FC:C0:E1:AC:6A:EC:49:72:9F:6F:4C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6D1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2C770C0C9B511EFB2253C4E762E951A.roa
Signing time: Fri 03 Jan 2025 09:33:43 +0000
ROA not before: Fri 03 Jan 2025 09:33:40 +0000
ROA not after: Sat 18 Jan 2025 09:33:40 +0000
asID: 139646
IP address blocks: 156.249.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63185 (0xf6d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 09:33:40 2025 GMT
Not After : Jan 18 09:33:40 2025 GMT
Subject: CN=6777aef7-1ab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:55:16:b4:e3:f2:af:74:fc:ea:3d:92:be:c3:
51:a7:ba:f1:c1:37:3e:dd:83:43:dc:61:d7:82:26:
81:20:3c:63:71:e7:74:3a:d5:43:f0:e1:ae:96:90:
23:4a:1d:d5:3a:f6:35:26:d4:0a:6b:31:4e:fe:bd:
bb:aa:ee:9b:3a:d2:0a:91:20:23:59:d6:45:70:60:
87:c1:db:5d:b8:8a:c8:c6:41:bc:79:18:d8:22:ac:
bf:ca:90:d5:04:9f:a4:33:79:87:5d:71:d7:22:f3:
41:37:2b:a4:ee:d4:24:d6:93:01:6a:e7:ee:8e:6e:
a0:bc:3c:ad:b2:20:4f:90:0b:69:57:b9:a4:d2:aa:
48:10:56:e7:77:a8:5a:72:ab:f9:11:45:14:05:15:
c7:4a:c7:ab:bc:71:bf:01:a1:e6:66:30:8b:4d:43:
36:cd:c5:4f:91:65:27:27:b1:37:21:4f:2a:e0:d4:
b6:38:30:7d:09:8f:a1:df:1a:70:46:97:a3:0c:82:
e4:a0:67:3c:6c:ef:8d:18:63:c3:58:f2:13:ce:d6:
aa:f3:aa:36:0e:12:b5:34:cf:20:87:1d:d6:be:c9:
10:ef:62:87:cf:21:2c:f3:f3:fe:cf:89:bb:ef:fc:
c2:06:af:a9:bb:ee:c0:8c:19:64:30:ad:1a:16:c9:
4a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:35:60:1F:49:CC:B5:B0:39:FC:C0:E1:AC:6A:EC:49:72:9F:6F:4C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2C770C0C9B511EFB2253C4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.28.0/22
Signature Algorithm: sha256WithRSAEncryption
41:7d:b7:4d:d9:4f:3d:c3:53:5c:25:8f:ca:d1:30:27:57:0e:
6a:94:b0:d4:51:1c:ea:01:ce:22:1c:03:72:78:30:ae:65:ca:
7e:0a:ab:89:8e:f5:26:23:61:a9:e6:13:86:8d:1a:7a:9e:8c:
f0:45:68:72:be:2c:d8:31:55:56:59:ef:86:c8:56:f8:30:fc:
ce:fa:ba:71:61:e8:ff:25:ac:9e:b8:9c:45:81:5a:eb:fa:93:
ff:a4:c2:15:d4:49:17:9b:a6:4e:b2:e4:55:9f:52:56:23:94:
94:41:f7:cc:0d:97:84:dc:a6:cd:94:4f:5b:ae:09:b9:8a:21:
e6:f0:5b:90:9c:90:86:a8:de:94:c4:ed:33:e3:56:e4:90:79:
ca:3b:8c:b2:b7:a9:d6:b7:c9:cb:60:1e:67:27:1b:ca:cc:d9:
ba:b1:38:51:ec:7d:7b:7a:be:fc:83:f8:8c:68:f9:0a:cb:4e:
c3:f1:3a:78:e1:07:89:c7:1c:6e:55:12:b9:71:04:a2:81:19:
cb:e0:a0:31:d3:77:53:68:c8:bf:c6:fb:58:9e:41:61:72:39:
70:a6:23:78:02:14:be:bd:bc:00:10:a2:bf:cb:dd:09:48:c3:
64:4d:98:b1:e4:f6:f8:b5:f1:2d:aa:76:f6:50:3e:3e:46:1d:
af:ba:83:58
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPbRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDkzMzQwWhcNMjUwMTE4MDkzMzQwWjAYMRYw
FAYDVQQDEw02Nzc3YWVmNy0xYWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwFUWtOPyr3T86j2SvsNRp7rxwTc+3YND3GHXgiaBIDxjced0OtVD8OGu
lpAjSh3VOvY1JtQKazFO/r27qu6bOtIKkSAjWdZFcGCHwdtduIrIxkG8eRjYIqy/
ypDVBJ+kM3mHXXHXIvNBNyuk7tQk1pMBaufujm6gvDytsiBPkAtpV7mk0qpIEFbn
d6hacqv5EUUUBRXHSservHG/AaHmZjCLTUM2zcVPkWUnJ7E3IU8q4NS2ODB9CY+h
3xpwRpejDILkoGc8bO+NGGPDWPITztaq86o2DhK1NM8ghx3WvskQ72KHzyEs8/P+
z4m77/zCBq+pu+7AjBlkMK0aFslKlwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBI1
YB9JzLWwOfzA4axq7Elyn29MMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMkM3NzBDMEM5QjUxMUVGQjIyNTNDNEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPkcMA0GCSqGSIb3DQEBCwUA
A4IBAQBBfbdN2U89w1NcJY/K0TAnVw5qlLDUURzqAc4iHANyeDCuZcp+CquJjvUm
I2Gp5hOGjRp6nozwRWhyvizYMVVWWe+GyFb4MPzO+rpxYej/JayeuJxFgVrr+pP/
pMIV1EkXm6ZOsuRVn1JWI5SUQffMDZeE3KbNlE9brgm5iiHm8FuQnJCGqN6UxO0z
41bkkHnKO4yyt6nWt8nLYB5nJxvKzNm6sThR7H17er78g/iMaPkKy07D8Tp44QeJ
xxxuVRK5cQSigRnL4KAx03dTaMi/xvtYnkFhcjlwpiN4AhS+vbwAEKK/y90JSMNk
TZix5Pb4tfEtqnb2UD4+Rh2vuoNY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:23 2025 by rpki-client