Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6592FF6BD0F11EFAE81089A762E951A.roa
File: D6592FF6BD0F11EFAE81089A762E951A.roa (raw, json)
Hash identifier: 7m+0t8lXeNlrguKlmat5Qhwbrn9zuaZDAsQdXOY8+sU=
Subject key identifier: 1E:52:4F:93:E6:23:9D:BE:F4:E9:D8:84:E9:DF:9F:FF:21:35:FB:D5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E474
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6592FF6BD0F11EFAE81089A762E951A.roa
Signing time: Wed 18 Dec 2024 07:15:19 +0000
ROA not before: Wed 18 Dec 2024 07:15:15 +0000
ROA not after: Thu 23 Jan 2025 07:15:15 +0000
asID: 203020
IP address blocks: 156.243.184.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58484 (0xe474)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 18 07:15:15 2024 GMT
Not After : Jan 23 07:15:15 2025 GMT
Subject: CN=67627687-6875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4e:33:0b:fe:db:da:a4:73:f3:d2:0e:b2:21:
6e:74:a4:63:d6:c8:1e:2a:c0:5c:63:b4:5e:23:07:
2e:b7:da:aa:d8:4f:09:d5:d7:d7:6a:50:d7:8a:75:
f7:8b:38:30:e3:0a:78:65:eb:c6:75:87:6d:fa:d0:
cc:5f:02:5d:cc:59:74:01:e3:b2:a4:01:85:65:77:
a7:5f:c0:a0:81:91:a8:55:53:c4:24:cf:6b:d0:38:
5c:6d:5b:5f:47:b6:8f:6b:d1:7e:6e:36:37:e5:71:
68:d2:d1:9c:cf:20:71:73:44:8d:3a:08:4a:b8:47:
85:81:f3:1d:f8:91:01:0b:9b:32:20:ff:dd:53:71:
e1:39:81:6f:71:4b:ed:2d:2b:7e:b0:b2:11:c9:89:
1e:81:57:b5:ef:13:a6:1d:c2:35:70:c6:50:e7:2c:
03:6a:78:b1:80:9b:75:80:60:fb:5b:c9:47:1e:e8:
6e:3f:c3:22:83:f7:d0:78:f8:18:90:0e:e5:fd:e3:
e2:be:95:5a:c3:55:d6:9f:32:01:e8:6f:43:ca:9c:
a8:31:0a:18:e9:34:55:0b:f7:75:79:27:b4:cf:fc:
a1:91:77:3a:f6:9a:c4:b8:3b:81:68:8a:4f:2b:74:
83:c6:b5:d7:67:eb:d4:dc:22:e5:c1:fa:76:27:ef:
4f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:52:4F:93:E6:23:9D:BE:F4:E9:D8:84:E9:DF:9F:FF:21:35:FB:D5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6592FF6BD0F11EFAE81089A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.184.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:38:3c:8d:6e:72:66:32:f3:2c:2b:e9:88:b7:ac:ea:3b:c5:
27:7b:9f:fd:7d:b6:76:50:2d:41:94:74:91:92:dc:bd:82:c2:
0b:10:1c:7d:5c:54:02:c8:36:52:05:7d:8e:f2:7f:56:33:d0:
d8:69:9d:76:47:0b:62:a2:03:5f:74:81:63:ab:f8:b0:da:4b:
9e:31:ae:a0:0c:59:df:b6:46:a6:b5:63:24:4b:0a:6f:d1:2a:
17:02:52:c6:18:72:97:fc:2b:9a:da:8d:51:82:9a:d8:54:30:
cb:ee:67:8e:81:70:66:ef:3c:31:db:60:93:ee:ae:62:c7:3d:
40:54:15:48:87:01:a6:ff:68:f6:4f:ce:c7:4b:d6:68:b2:dc:
34:59:05:3e:db:12:24:8d:b0:74:c1:2c:44:36:1a:64:d7:5d:
06:88:79:00:98:f2:35:0f:33:c8:69:ab:93:e8:67:13:1a:43:
6f:67:bf:c2:90:26:ad:1e:2f:3a:f6:1d:06:2f:17:2a:7c:28:
1b:f7:a1:00:24:7c:83:45:19:f6:04:79:7b:f3:8f:d6:ac:90:
94:96:c0:dd:12:9b:a7:32:93:18:57:91:62:ab:c2:1a:71:07:
fc:ee:33:05:ff:75:a5:55:9d:36:d6:d3:76:29:83:a4:9a:f5:
b2:bd:d2:d3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOR0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE4MDcxNTE1WhcNMjUwMTIzMDcxNTE1WjAYMRYw
FAYDVQQDEw02NzYyNzY4Ny02ODc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApE4zC/7b2qRz89IOsiFudKRj1sgeKsBcY7ReIwcut9qq2E8J1dfXalDX
inX3izgw4wp4ZevGdYdt+tDMXwJdzFl0AeOypAGFZXenX8CggZGoVVPEJM9r0Dhc
bVtfR7aPa9F+bjY35XFo0tGczyBxc0SNOghKuEeFgfMd+JEBC5syIP/dU3HhOYFv
cUvtLSt+sLIRyYkegVe17xOmHcI1cMZQ5ywDanixgJt1gGD7W8lHHuhuP8Mig/fQ
ePgYkA7l/ePivpVaw1XWnzIB6G9DypyoMQoY6TRVC/d1eSe0z/yhkXc69prEuDuB
aIpPK3SDxrXXZ+vU3CLlwfp2J+9PUQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB5S
T5PmI52+9OnYhOnfn/8hNfvVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENjU5MkZGNkJEMEYxMUVGQUU4MTA4OUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPO4MA0GCSqGSIb3DQEBCwUA
A4IBAQCxODyNbnJmMvMsK+mIt6zqO8Une5/9fbZ2UC1BlHSRkty9gsILEBx9XFQC
yDZSBX2O8n9WM9DYaZ12RwtiogNfdIFjq/iw2kueMa6gDFnftkamtWMkSwpv0SoX
AlLGGHKX/Cua2o1RgprYVDDL7meOgXBm7zwx22CT7q5ixz1AVBVIhwGm/2j2T87H
S9Zostw0WQU+2xIkjbB0wSxENhpk110GiHkAmPI1DzPIaauT6GcTGkNvZ7/CkCat
Hi869h0GLxcqfCgb96EAJHyDRRn2BHl784/WrJCUlsDdEpunMpMYV5Fiq8IacQf8
7jMF/3WlVZ021tN2KYOkmvWyvdLT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:55 2025 by rpki-client