Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E6C4D5CCD02211EF8EEBA9A9762E951A.roa
File: E6C4D5CCD02211EF8EEBA9A9762E951A.roa (raw, json)
Hash identifier: fqOFO358uyYBlchPvy9w+YzOI7HOCmad93SX2CX5/yA=
Subject key identifier: 57:EE:E5:3D:7B:87:77:81:BF:93:01:62:35:14:FD:DE:AD:42:E1:DB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01060A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E6C4D5CCD02211EF8EEBA9A9762E951A.roa
Signing time: Sat 11 Jan 2025 13:49:39 +0000
ROA not before: Sat 11 Jan 2025 13:49:35 +0000
ROA not after: Sat 25 Jan 2025 13:49:35 +0000
asID: 141883
IP address blocks: 156.246.16.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67082 (0x1060a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 13:49:35 2025 GMT
Not After : Jan 25 13:49:35 2025 GMT
Subject: CN=678276f3-e477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:be:8c:76:f7:dc:8b:bd:c4:3e:56:f4:c3:72:
aa:be:4c:57:30:14:e8:23:2f:5a:4b:b2:e0:64:70:
2e:bf:2b:74:5f:67:88:98:9f:14:2c:7d:64:0c:ce:
36:64:39:29:70:e3:03:71:fb:20:5a:30:12:79:b0:
f7:4d:a3:ee:a2:f3:cb:de:86:05:26:f9:46:47:4f:
9c:3e:94:97:b1:b0:45:81:30:9b:6c:92:84:2f:75:
1b:2f:a9:d1:23:d2:4d:2a:13:95:f0:7c:0e:1b:9f:
d4:14:0a:d9:29:80:71:53:a5:50:4c:f4:78:85:44:
cf:2f:bb:3b:c8:60:61:3d:94:85:ec:c1:1c:63:e5:
30:ea:fc:59:1c:6f:d2:07:39:98:17:b3:2e:a5:ca:
5d:09:09:a2:ca:bd:e8:6b:69:dd:8d:1b:eb:c0:14:
47:bf:fa:ea:2f:50:73:6f:75:38:2c:bb:46:4f:62:
1a:d1:d0:c7:31:da:fe:ec:bf:3c:14:88:bc:12:68:
bd:4a:30:f4:36:e5:79:29:c6:cc:22:25:e6:12:eb:
53:45:0d:1c:c9:9f:d6:da:78:fb:1f:49:9f:e5:07:
fe:3b:66:b7:93:f3:69:12:12:0f:95:7b:20:cf:b3:
69:f5:dc:8d:56:a5:a8:92:9d:91:14:f1:06:b9:ee:
18:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:EE:E5:3D:7B:87:77:81:BF:93:01:62:35:14:FD:DE:AD:42:E1:DB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E6C4D5CCD02211EF8EEBA9A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.16.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:90:4a:5e:86:07:19:7b:e5:22:9c:39:57:6c:b3:08:71:33:
51:4c:bd:9f:63:8b:d8:e3:fe:8d:22:d0:4b:66:20:8f:35:ae:
1a:0e:3e:73:90:43:80:dd:ab:de:a6:ee:51:c1:cd:a1:32:6a:
0f:8f:7c:0f:60:41:31:c6:bd:76:f6:13:4c:a9:a3:ee:90:de:
3e:74:b1:85:e1:31:cd:ed:ca:fb:b6:d8:18:25:20:5d:ac:f0:
59:a3:c5:92:ed:36:8e:55:2b:c7:c8:43:91:17:34:b9:93:32:
f1:46:44:e4:2f:76:70:dd:7a:89:1c:b2:0d:41:6f:16:82:ce:
91:23:5d:0d:21:3b:05:09:2b:93:68:2b:67:f2:16:12:51:2e:
7b:48:94:6a:c9:22:df:a3:7c:0d:fa:a6:dd:45:c3:d3:b6:1c:
93:ac:57:27:a5:e2:40:0f:b7:cf:e2:7b:d9:83:91:46:10:98:
f3:1f:c6:44:de:f7:97:92:33:16:4f:f6:b7:a0:6f:aa:55:2a:
78:29:a2:f2:d4:28:06:a2:9d:6a:94:bd:f8:3a:73:4c:12:c8:
0c:08:32:37:f5:74:af:cb:8d:0d:c8:ba:57:f9:1a:53:c3:d3:
17:68:e1:0c:22:1b:82:9d:17:36:8f:c1:e4:b0:49:ff:a7:e9:
74:3e:5a:4f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQYKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTM0OTM1WhcNMjUwMTI1MTM0OTM1WjAYMRYw
FAYDVQQDEw02NzgyNzZmMy1lNDc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArb6Mdvfci73EPlb0w3KqvkxXMBToIy9aS7LgZHAuvyt0X2eImJ8ULH1k
DM42ZDkpcOMDcfsgWjASebD3TaPuovPL3oYFJvlGR0+cPpSXsbBFgTCbbJKEL3Ub
L6nRI9JNKhOV8HwOG5/UFArZKYBxU6VQTPR4hUTPL7s7yGBhPZSF7MEcY+Uw6vxZ
HG/SBzmYF7MupcpdCQmiyr3oa2ndjRvrwBRHv/rqL1Bzb3U4LLtGT2Ia0dDHMdr+
7L88FIi8Emi9SjD0NuV5KcbMIiXmEutTRQ0cyZ/W2nj7H0mf5Qf+O2a3k/NpEhIP
lXsgz7Np9dyNVqWokp2RFPEGue4YdwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFfu
5T17h3eBv5MBYjUU/d6tQuHbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNkM0RDVDQ0QwMjIxMUVGOEVFQkE5QTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPYQMA0GCSqGSIb3DQEBCwUA
A4IBAQALkEpehgcZe+UinDlXbLMIcTNRTL2fY4vY4/6NItBLZiCPNa4aDj5zkEOA
3avepu5Rwc2hMmoPj3wPYEExxr129hNMqaPukN4+dLGF4THN7cr7ttgYJSBdrPBZ
o8WS7TaOVSvHyEORFzS5kzLxRkTkL3Zw3XqJHLINQW8Wgs6RI10NITsFCSuTaCtn
8hYSUS57SJRqySLfo3wN+qbdRcPTthyTrFcnpeJAD7fP4nvZg5FGEJjzH8ZE3veX
kjMWT/a3oG+qVSp4KaLy1CgGop1qlL34OnNMEsgMCDI39XSvy40NyLpX+RpTw9MX
aOEMIhuCnRc2j8HksEn/p+l0PlpP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:32 2025 by rpki-client