Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2F39980D00311EFA7E71866762E951A.roa
File: D2F39980D00311EFA7E71866762E951A.roa (raw, json)
Hash identifier: BOzOHhNBK45Af8Adc+ny78LomU6pVvg+2Ze/Q2xNQ9Q=
Subject key identifier: D6:F7:C6:34:56:8E:51:95:EA:5F:BD:F8:0D:19:53:7D:66:6C:46:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01059E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2F39980D00311EFA7E71866762E951A.roa
Signing time: Sat 11 Jan 2025 10:07:11 +0000
ROA not before: Sat 11 Jan 2025 10:07:08 +0000
ROA not after: Sat 25 Jan 2025 10:07:08 +0000
asID: 54801
IP address blocks: 156.255.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66974 (0x1059e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 10:07:08 2025 GMT
Not After : Jan 25 10:07:08 2025 GMT
Subject: CN=678242cf-d7e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:58:1d:f8:40:42:b4:9d:bd:1b:ca:1e:d8:10:
0c:ab:68:82:f1:3e:2c:57:2b:27:b8:71:ee:b6:cd:
91:7c:cf:8f:7d:a0:4b:ce:e7:76:e4:36:45:87:53:
de:04:53:28:3b:a7:85:08:70:fb:08:78:31:2f:ac:
c4:e4:f9:0a:57:66:46:26:71:3e:f9:9d:15:f9:d2:
2a:42:63:88:2b:35:39:00:06:27:c6:96:de:9f:c3:
a5:71:be:e7:c6:01:06:bf:b1:cc:8f:53:ed:2d:b4:
54:aa:3e:03:d9:30:ce:12:21:e9:a6:c0:73:6b:ce:
86:0b:3b:d0:6b:07:1b:2c:0a:27:2c:ac:67:e0:4f:
d4:1e:0c:41:4d:a4:a1:1a:1e:a4:36:5b:c1:79:a6:
59:2d:24:18:ba:ee:9e:e0:58:28:ac:82:ab:7f:6a:
e8:38:ad:0e:8b:9c:85:c0:a3:59:e3:0e:2e:b2:57:
0a:a8:8c:31:c8:4e:f3:83:5e:b3:a7:95:86:0a:d5:
37:17:5a:f5:3e:92:11:f1:4a:f8:19:f1:59:f8:79:
df:2f:30:39:90:1d:75:c2:2e:97:af:c3:8c:2a:90:
b7:15:e8:17:fd:01:ce:37:ae:81:22:ac:c5:14:33:
25:68:8b:43:6e:e8:7c:41:7f:bc:35:0b:32:c6:02:
a0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:F7:C6:34:56:8E:51:95:EA:5F:BD:F8:0D:19:53:7D:66:6C:46:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2F39980D00311EFA7E71866762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.0.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:83:9c:ee:84:c8:6a:d7:71:ac:5c:7f:cc:3e:16:d7:8a:c0:
d3:2a:78:a0:7f:01:c0:38:4d:3d:cd:36:8d:68:7f:ca:d8:83:
01:28:d8:2f:50:5c:da:4c:c5:61:7c:87:2d:dc:2e:e7:20:7e:
a9:57:dd:f6:b3:8a:4a:b1:fc:9c:58:a4:b7:a2:fc:c4:ff:03:
53:cf:af:53:ad:df:77:4f:86:85:4e:58:0b:e7:a3:03:ee:7f:
89:83:a2:82:49:43:0e:0b:d3:23:4a:cf:e4:94:7c:f1:76:81:
ab:0a:6a:07:b5:44:ac:00:86:c0:ce:b9:3e:f2:45:c5:4f:41:
a5:24:f1:96:64:af:8e:85:c8:f8:49:83:29:2e:97:ef:13:a1:
d7:7c:f5:f4:df:f8:2d:c0:85:9f:b9:a7:ef:2b:6b:e1:29:d7:
64:38:9d:01:b6:19:07:bb:b1:aa:a1:f2:9c:37:09:5f:7d:4e:
74:d3:ca:0b:47:8b:f5:d0:54:ea:23:85:6d:61:4f:dd:a2:54:
1e:f4:e1:88:90:0e:77:32:ad:c5:7c:bf:1a:cc:54:50:14:95:
cc:c0:ba:56:5e:f9:21:04:e1:4c:08:2d:51:49:29:0c:c0:d4:
07:01:76:fe:63:5c:18:87:08:2b:b5:f1:d1:ef:f2:75:9c:bb:
63:74:1c:0c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQWeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTAwNzA4WhcNMjUwMTI1MTAwNzA4WjAYMRYw
FAYDVQQDEw02NzgyNDJjZi1kN2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Vgd+EBCtJ29G8oe2BAMq2iC8T4sVysnuHHuts2RfM+PfaBLzud25DZF
h1PeBFMoO6eFCHD7CHgxL6zE5PkKV2ZGJnE++Z0V+dIqQmOIKzU5AAYnxpben8Ol
cb7nxgEGv7HMj1PtLbRUqj4D2TDOEiHppsBza86GCzvQawcbLAonLKxn4E/UHgxB
TaShGh6kNlvBeaZZLSQYuu6e4FgorIKrf2roOK0Oi5yFwKNZ4w4uslcKqIwxyE7z
g16zp5WGCtU3F1r1PpIR8Ur4GfFZ+HnfLzA5kB11wi6Xr8OMKpC3FegX/QHON66B
IqzFFDMlaItDbuh8QX+8NQsyxgKgwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNb3
xjRWjlGV6l+9+A0ZU31mbEaMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMkYzOTk4MEQwMDMxMUVGQTdFNzE4NjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8AMA0GCSqGSIb3DQEBCwUA
A4IBAQC1g5zuhMhq13GsXH/MPhbXisDTKnigfwHAOE09zTaNaH/K2IMBKNgvUFza
TMVhfIct3C7nIH6pV932s4pKsfycWKS3ovzE/wNTz69Trd93T4aFTlgL56MD7n+J
g6KCSUMOC9MjSs/klHzxdoGrCmoHtUSsAIbAzrk+8kXFT0GlJPGWZK+Ohcj4SYMp
LpfvE6HXfPX03/gtwIWfuafvK2vhKddkOJ0BthkHu7GqofKcNwlffU5008oLR4v1
0FTqI4VtYU/dolQe9OGIkA53Mq3FfL8azFRQFJXMwLpWXvkhBOFMCC1RSSkMwNQH
AXb+Y1wYhwgrtfHR7/J1nLtjdBwM
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:14 2025 by rpki-client