Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D95190F4D24A11EFA4A75947762E951A.roa
File: D95190F4D24A11EFA4A75947762E951A.roa (raw, json)
Hash identifier: 2+2RaZJRBVGyyFF3rEecQEc5sX1oyLSxVGmUbkO80vs=
Subject key identifier: F2:02:CC:41:5A:EC:52:87:4C:69:4D:3C:D3:3B:20:D1:F3:C2:DA:8D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0106F0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D95190F4D24A11EFA4A75947762E951A.roa
Signing time: Tue 14 Jan 2025 07:40:39 +0000
ROA not before: Tue 14 Jan 2025 07:40:35 +0000
ROA not after: Tue 04 Feb 2025 07:40:35 +0000
asID: 138195
IP address blocks: 156.234.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67312 (0x106f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 07:40:35 2025 GMT
Not After : Feb 4 07:40:35 2025 GMT
Subject: CN=678614f7-6e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:69:60:f7:d3:8e:8b:ee:4f:72:34:de:b5:7e:
c7:aa:c3:11:a3:d8:84:5c:15:14:76:3c:19:8b:ac:
32:48:53:92:9e:df:9d:a0:cb:36:96:98:b1:55:af:
bf:b9:40:2d:49:d7:59:58:62:c2:4f:f0:0b:84:d5:
e8:53:34:81:7c:ff:61:0e:79:0e:5d:d8:9b:5b:fb:
2d:20:c9:3c:57:a8:8e:45:bb:08:86:a2:6b:0d:68:
b3:34:89:0f:80:ba:1d:89:e6:f1:8a:2a:4b:81:df:
28:58:83:d7:ec:59:9b:e3:92:e1:66:93:77:43:17:
4b:38:f5:b6:b5:4c:08:57:c7:39:aa:5f:f0:3a:c5:
69:da:a7:ac:e1:da:a1:ac:2a:a6:ec:a0:94:0b:0c:
0d:19:51:d8:49:6c:c1:09:76:fd:0b:78:08:f7:50:
d6:8c:f8:02:d0:27:c0:17:f8:4b:0b:76:0d:e4:d1:
fa:15:d8:df:01:26:04:cf:ed:1b:03:3e:cd:29:11:
da:63:15:07:98:76:be:89:ea:6a:96:1c:ec:d1:f4:
43:b1:23:3b:9c:6e:01:15:cd:29:f6:57:6d:fc:69:
d7:c7:e0:ba:71:8f:11:3a:cd:be:7e:96:44:51:b8:
d3:29:2f:e0:62:e0:8e:88:3f:33:6c:64:e1:f0:3b:
28:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:02:CC:41:5A:EC:52:87:4C:69:4D:3C:D3:3B:20:D1:F3:C2:DA:8D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D95190F4D24A11EFA4A75947762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:de:ee:8b:64:a1:36:73:20:cf:db:1e:0c:5f:a4:55:a0:f9:
b6:dc:16:82:08:8f:13:88:5b:7f:9b:53:f6:5f:f6:85:46:33:
6e:a4:61:a7:45:3b:98:d1:bf:a0:3c:1f:f8:5f:d5:24:18:06:
5d:00:c7:30:8e:a5:3e:27:1e:1e:06:b9:77:fe:bf:77:b4:39:
47:44:35:d1:ff:35:9f:a9:2f:e7:f8:f0:97:65:f4:f7:06:81:
8c:52:41:d1:71:02:a7:90:c6:d8:5c:d7:76:5a:73:e3:6a:76:
0c:5f:71:46:4a:dd:ca:a0:c8:f0:54:d8:d4:56:60:0d:92:23:
bd:59:c2:18:bc:eb:12:43:3a:19:01:c5:4f:a4:c9:d1:50:19:
a8:4e:b0:ce:a6:1b:aa:48:03:0b:15:94:e1:43:36:20:b0:a2:
99:63:b7:98:da:b9:04:d5:c4:9f:62:fa:aa:54:3c:29:e8:2d:
fc:6b:df:69:e9:71:f4:a7:5c:c5:b2:4a:36:ab:e2:fe:72:88:
24:4b:fb:2d:6c:d5:fe:01:d9:96:67:02:b1:a7:69:03:2a:c7:
4d:97:d5:bb:a9:41:b4:78:4f:65:46:c3:72:84:b4:b1:de:ef:
5d:c8:c6:c3:1b:dd:57:41:f5:86:ae:0e:05:1a:67:22:8a:3a:
a1:38:a6:cc
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDAQbwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDc0MDM1WhcNMjUwMjA0MDc0MDM1WjAYMRYw
FAYDVQQDEw02Nzg2MTRmNy02ZTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw2lg99OOi+5PcjTetX7HqsMRo9iEXBUUdjwZi6wySFOSnt+doMs2lpix
Va+/uUAtSddZWGLCT/ALhNXoUzSBfP9hDnkOXdibW/stIMk8V6iORbsIhqJrDWiz
NIkPgLodiebxiipLgd8oWIPX7Fmb45LhZpN3QxdLOPW2tUwIV8c5ql/wOsVp2qes
4dqhrCqm7KCUCwwNGVHYSWzBCXb9C3gI91DWjPgC0CfAF/hLC3YN5NH6FdjfASYE
z+0bAz7NKRHaYxUHmHa+iepqlhzs0fRDsSM7nG4BFc0p9ldt/GnXx+C6cY8ROs2+
fpZEUbjTKS/gYuCOiD8zbGTh8DsovwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPIC
zEFa7FKHTGlNPNM7INHzwtqNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOTUxOTBGNEQyNEExMUVGQTRBNzU5NDc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnOowDQYJKoZIhvcNAQELBQAD
ggEBAJfe7otkoTZzIM/bHgxfpFWg+bbcFoIIjxOIW3+bU/Zf9oVGM26kYadFO5jR
v6A8H/hf1SQYBl0AxzCOpT4nHh4GuXf+v3e0OUdENdH/NZ+pL+f48Jdl9PcGgYxS
QdFxAqeQxthc13Zac+NqdgxfcUZK3cqgyPBU2NRWYA2SI71Zwhi86xJDOhkBxU+k
ydFQGahOsM6mG6pIAwsVlOFDNiCwopljt5jauQTVxJ9i+qpUPCnoLfxr32npcfSn
XMWySjar4v5yiCRL+y1s1f4B2ZZnArGnaQMqx02X1bupQbR4T2VGw3KEtLHe713I
xsMb3VdB9YauDgUaZyKKOqE4psw=
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:38 2025 by rpki-client