Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D56470D4CE7A11EF9B4BEEA2762E951A.roa
File: D56470D4CE7A11EF9B4BEEA2762E951A.roa (raw, json)
Hash identifier: pHgcgHOlFIDuOk/FUVp9aImD64c2SEJSxlVSu2Q94r0=
Subject key identifier: E8:B4:8B:DF:3E:CB:74:35:7A:B2:C9:48:22:99:B8:04:AB:C8:CA:1A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01034A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D56470D4CE7A11EF9B4BEEA2762E951A.roa
Signing time: Thu 09 Jan 2025 11:14:03 +0000
ROA not before: Thu 09 Jan 2025 11:14:00 +0000
ROA not after: Sat 01 Feb 2025 11:14:00 +0000
asID: 17561
IP address blocks: 156.236.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66378 (0x1034a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 11:14:00 2025 GMT
Not After : Feb 1 11:14:00 2025 GMT
Subject: CN=677faf7b-25d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c4:ac:e9:11:0a:00:b0:59:8a:7e:c4:d2:11:
06:f2:48:50:71:31:2f:f1:75:72:46:ed:6f:a0:9d:
aa:75:a8:d1:7a:08:d3:3e:85:db:8c:14:d2:a8:8c:
03:4a:f4:cb:19:a4:c9:e1:44:1e:7c:aa:90:39:83:
c9:d9:54:55:af:bb:39:00:45:b2:ec:c5:1b:04:83:
fb:94:47:e6:a2:76:1d:26:f0:32:6e:97:06:1b:88:
c2:39:0d:1d:c8:32:cb:b1:e8:4f:f8:1f:79:45:39:
a2:86:79:78:f7:d1:47:09:63:03:04:18:95:80:45:
36:a5:98:15:de:6c:40:3f:9f:e5:c6:4c:4f:01:c4:
7a:fe:ba:bf:09:f8:e7:63:93:e6:43:0d:46:c3:d8:
0c:88:1d:6e:10:86:f5:60:7c:ef:9e:8c:14:5d:da:
35:ce:20:ec:aa:f9:71:35:88:21:64:15:68:bb:f6:
fa:06:c9:af:e9:6a:9e:82:ba:f0:e5:c9:df:eb:50:
a9:1a:5a:42:7e:72:df:f2:02:e2:81:8d:f6:03:51:
17:aa:19:09:a3:74:7b:13:94:33:27:e2:f5:bf:4c:
35:9b:26:0e:75:3c:33:b8:91:c4:fe:e7:01:cc:36:
33:85:48:e2:33:ac:c2:31:6f:70:c9:aa:c0:4a:59:
32:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B4:8B:DF:3E:CB:74:35:7A:B2:C9:48:22:99:B8:04:AB:C8:CA:1A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D56470D4CE7A11EF9B4BEEA2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.45.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:58:ce:36:3d:a3:be:d1:eb:a1:a4:94:ae:9d:30:ad:02:a2:
67:7a:0a:18:5d:fb:d6:a3:d7:58:8e:c4:a3:a0:f2:f9:2c:8b:
9a:e6:aa:07:dc:1f:b3:29:23:73:f4:73:6e:71:9c:ea:d0:15:
d7:c0:3a:d5:9c:32:5d:fb:d0:35:e9:2b:9c:19:33:63:c4:01:
c8:c4:30:4b:1e:59:9c:8b:4e:07:e6:bf:fd:de:7c:97:95:14:
7f:b2:c8:9f:11:cc:9b:b6:96:db:7e:ea:c8:86:b5:19:76:dc:
9f:ad:43:b5:dd:6d:80:66:8a:12:eb:a2:4b:87:f1:e6:50:2b:
9d:c8:b7:65:e4:0e:e4:2d:1d:47:b6:69:81:26:03:f9:b2:e9:
e6:2d:13:d3:b6:4e:93:28:05:ac:40:23:40:76:a8:4f:96:08:
5d:73:bd:15:99:d1:5b:47:3c:53:89:25:59:22:55:f1:ea:3e:
ba:6e:9d:44:2a:45:96:09:10:63:41:ee:1d:05:9a:2d:1d:c7:
f8:28:0b:91:61:cb:34:06:1e:a7:b1:3a:f1:59:f7:6a:44:a6:
31:5b:cc:fa:28:4f:fd:84:ac:ba:f2:b7:61:d4:06:e4:68:90:
6c:a0:28:e4:47:70:92:74:73:ce:89:86:f6:b3:dd:85:ae:74:
08:d9:d4:7a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQNKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTExNDAwWhcNMjUwMjAxMTExNDAwWjAYMRYw
FAYDVQQDEw02NzdmYWY3Yi0yNWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1cSs6REKALBZin7E0hEG8khQcTEv8XVyRu1voJ2qdajRegjTPoXbjBTS
qIwDSvTLGaTJ4UQefKqQOYPJ2VRVr7s5AEWy7MUbBIP7lEfmonYdJvAybpcGG4jC
OQ0dyDLLsehP+B95RTmihnl499FHCWMDBBiVgEU2pZgV3mxAP5/lxkxPAcR6/rq/
CfjnY5PmQw1Gw9gMiB1uEIb1YHzvnowUXdo1ziDsqvlxNYghZBVou/b6Bsmv6Wqe
grrw5cnf61CpGlpCfnLf8gLigY32A1EXqhkJo3R7E5QzJ+L1v0w1myYOdTwzuJHE
/ucBzDYzhUjiM6zCMW9wyarASlkyfQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOi0
i98+y3Q1erLJSCKZuASryMoaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENTY0NzBENENFN0ExMUVGOUI0QkVFQTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwtMA0GCSqGSIb3DQEBCwUA
A4IBAQCLWM42PaO+0euhpJSunTCtAqJnegoYXfvWo9dYjsSjoPL5LIua5qoH3B+z
KSNz9HNucZzq0BXXwDrVnDJd+9A16SucGTNjxAHIxDBLHlmci04H5r/93nyXlRR/
ssifEcybtpbbfurIhrUZdtyfrUO13W2AZooS66JLh/HmUCudyLdl5A7kLR1HtmmB
JgP5sunmLRPTtk6TKAWsQCNAdqhPlghdc70VmdFbRzxTiSVZIlXx6j66bp1EKkWW
CRBjQe4dBZotHcf4KAuRYcs0Bh6nsTrxWfdqRKYxW8z6KE/9hKy68rdh1AbkaJBs
oCjkR3CSdHPOiYb2s92FrnQI2dR6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:55 2025 by rpki-client