Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBFB8126C51511EF92C7005D762E951A.roa
File: DBFB8126C51511EF92C7005D762E951A.roa (raw, json)
Hash identifier: 5WMETC12wPWUAuW/Y2nJ8BPVyM7xHugBZ4HdEPZb9/I=
Subject key identifier: 1E:13:FF:95:0A:B4:AE:D9:41:EB:21:CE:E9:B2:DF:F0:65:FB:67:7A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F1AB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBFB8126C51511EF92C7005D762E951A.roa
Signing time: Sat 28 Dec 2024 12:18:35 +0000
ROA not before: Sat 28 Dec 2024 12:18:31 +0000
ROA not after: Sun 02 Feb 2025 12:18:31 +0000
asID: 328722
IP address blocks: 156.226.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61867 (0xf1ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 28 12:18:31 2024 GMT
Not After : Feb 2 12:18:31 2025 GMT
Subject: CN=676fec9b-7e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c3:56:3a:99:9f:33:24:28:8c:06:00:5b:49:
bc:9d:6e:3f:d6:f9:fa:75:64:5c:0f:9e:b6:25:b1:
80:1f:7e:67:e6:e8:82:8d:d7:27:96:ad:9b:e0:87:
e1:6d:31:87:61:7c:d0:cb:b9:57:97:da:39:13:ee:
1e:08:fc:5d:cb:87:86:94:3a:a9:f5:0d:5e:80:3d:
c7:ce:3b:8b:08:23:66:28:aa:b2:47:ca:a9:5c:14:
2f:7e:88:f1:5c:6b:2d:b4:35:b3:58:ee:36:75:ca:
34:0e:71:30:48:a0:63:4b:8d:75:99:b0:71:20:27:
20:1c:1a:18:51:b1:a1:fe:69:0a:64:5c:08:f9:fa:
4b:87:ea:1d:69:26:2c:a3:37:f5:72:ca:a2:24:16:
cd:70:c8:fa:5c:49:6c:fb:2a:e7:96:0e:4c:2e:83:
3b:4a:6c:ae:1c:75:df:20:59:3b:da:7c:c2:6b:b1:
9d:16:53:f3:35:99:7e:2d:19:ca:9a:59:14:fa:55:
e2:89:df:6b:ba:f9:a1:9e:34:71:22:12:f4:16:21:
f7:76:01:76:6d:72:e1:c3:c2:88:fd:b3:ef:2f:35:
b2:95:2c:53:d6:c5:a3:e9:41:f5:19:10:38:ce:68:
f7:3f:0b:31:af:e5:8a:54:d3:61:3d:27:f3:2c:06:
69:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:13:FF:95:0A:B4:AE:D9:41:EB:21:CE:E9:B2:DF:F0:65:FB:67:7A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBFB8126C51511EF92C7005D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.2.0/24
Signature Algorithm: sha256WithRSAEncryption
13:dc:94:94:d3:f8:63:7e:d9:f9:83:5f:31:39:7f:4e:3e:c4:
4d:88:1a:4a:34:4a:d5:e9:5b:49:bb:99:63:2c:ad:6d:dc:d2:
9d:f1:c4:d5:8c:3f:d5:e9:b4:4e:54:af:4a:d3:78:a5:ea:91:
14:84:fb:26:02:e4:eb:1c:29:b9:aa:83:ea:dc:e2:24:f7:de:
2b:43:b8:56:ed:e9:bf:2b:2b:9b:8d:68:a8:2b:2e:e6:8c:82:
a9:42:f7:50:bd:2c:b1:11:74:84:de:00:a2:31:98:2a:07:94:
c9:ec:c5:7d:37:25:22:5d:8f:5c:df:11:ba:a2:19:1f:7a:68:
98:31:58:74:19:50:b1:e6:bc:0b:51:45:5a:68:45:5a:7c:81:
db:74:38:24:3f:93:a2:2e:88:47:f8:9e:b8:87:f9:b0:f0:34:
c1:3e:07:60:84:a9:ac:60:83:68:96:84:fa:61:69:03:94:1c:
06:ef:75:6e:67:6e:eb:73:2b:89:ce:4b:7f:31:f8:b5:96:80:
0c:f0:a0:dd:51:b4:62:ba:84:2a:d3:55:ec:38:f3:8c:b5:04:
4b:2e:b8:2d:dc:af:78:73:60:04:7d:c5:33:3d:53:d4:4c:b4:
e4:13:9b:9c:d7:db:e4:ec:96:db:7a:11:7a:d4:a5:d8:45:00:
b2:83:c8:9a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPGrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI4MTIxODMxWhcNMjUwMjAyMTIxODMxWjAYMRYw
FAYDVQQDEw02NzZmZWM5Yi03ZTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv8NWOpmfMyQojAYAW0m8nW4/1vn6dWRcD562JbGAH35n5uiCjdcnlq2b
4IfhbTGHYXzQy7lXl9o5E+4eCPxdy4eGlDqp9Q1egD3HzjuLCCNmKKqyR8qpXBQv
fojxXGsttDWzWO42dco0DnEwSKBjS411mbBxICcgHBoYUbGh/mkKZFwI+fpLh+od
aSYsozf1csqiJBbNcMj6XEls+yrnlg5MLoM7SmyuHHXfIFk72nzCa7GdFlPzNZl+
LRnKmlkU+lXiid9ruvmhnjRxIhL0FiH3dgF2bXLhw8KI/bPvLzWylSxT1sWj6UH1
GRA4zmj3Pwsxr+WKVNNhPSfzLAZpPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB4T
/5UKtK7ZQeshzumy3/Bl+2d6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQkZCODEyNkM1MTUxMUVGOTJDNzAwNUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOICMA0GCSqGSIb3DQEBCwUA
A4IBAQAT3JSU0/hjftn5g18xOX9OPsRNiBpKNErV6VtJu5ljLK1t3NKd8cTVjD/V
6bROVK9K03il6pEUhPsmAuTrHCm5qoPq3OIk994rQ7hW7em/KyubjWioKy7mjIKp
QvdQvSyxEXSE3gCiMZgqB5TJ7MV9NyUiXY9c3xG6ohkfemiYMVh0GVCx5rwLUUVa
aEVafIHbdDgkP5OiLohH+J64h/mw8DTBPgdghKmsYINoloT6YWkDlBwG73VuZ27r
cyuJzkt/Mfi1loAM8KDdUbRiuoQq01XsOPOMtQRLLrgt3K94c2AEfcUzPVPUTLTk
E5uc19vk7JbbehF61KXYRQCyg8ia
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:40 2025 by rpki-client