Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E7CA8C36CEA211EF9FF977A0762E951A.roa
File: E7CA8C36CEA211EF9FF977A0762E951A.roa (raw, json)
Hash identifier: TPFPIF0O3nA4FCUURbQIH6FPS1cHIXVT4QMuW2wBG5A=
Subject key identifier: F0:D6:88:69:32:0D:18:4E:79:B8:14:4B:99:2C:0B:9A:35:68:4F:C5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010440
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E7CA8C36CEA211EF9FF977A0762E951A.roa
Signing time: Thu 09 Jan 2025 16:00:54 +0000
ROA not before: Thu 09 Jan 2025 16:00:50 +0000
ROA not after: Fri 24 Jan 2025 16:00:50 +0000
asID: 39600
IP address blocks: 156.235.80.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66624 (0x10440)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 16:00:50 2025 GMT
Not After : Jan 24 16:00:50 2025 GMT
Subject: CN=677ff2b6-1cea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4b:1c:a1:85:a8:ac:af:e5:f2:90:61:51:0d:
e7:e7:21:f4:9a:ce:c8:39:4b:9a:5a:76:db:7c:42:
4a:ea:3b:ad:65:27:6e:82:49:6c:a5:25:e6:46:53:
91:15:3a:93:a3:a7:84:3d:70:9d:f4:0a:f8:8e:cd:
a0:d7:be:fb:e5:8b:5b:3d:50:90:8e:5f:bc:a4:78:
28:3b:bd:b9:49:e4:4e:56:30:93:0c:33:3c:d3:b4:
c4:da:5f:60:ca:4f:f6:04:06:50:60:a2:5f:d3:af:
7b:ba:8f:da:17:48:56:d1:a1:b6:40:31:9b:43:cf:
6b:38:0c:ed:33:d7:e1:0a:f0:e8:f1:27:86:34:07:
03:03:8e:f4:86:ae:70:4e:1c:2d:27:e4:04:0d:9f:
58:0d:48:8e:20:ca:e8:a6:99:02:30:f2:f1:22:85:
a2:26:97:5b:3d:f0:39:aa:cd:00:e4:33:3f:a3:5d:
96:d2:79:41:a3:38:f4:8a:88:f3:01:eb:9a:a7:e4:
92:78:f7:65:1d:fe:36:0b:62:1e:71:8b:04:5e:17:
36:2c:e0:38:09:b7:8a:b2:e0:9e:aa:46:42:2b:ab:
36:1e:22:46:2f:62:31:c6:e8:f3:0f:3d:c0:81:ff:
6c:fb:08:7f:fa:6b:e6:c4:14:c9:19:f8:c3:74:87:
31:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D6:88:69:32:0D:18:4E:79:B8:14:4B:99:2C:0B:9A:35:68:4F:C5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E7CA8C36CEA211EF9FF977A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.80.0/21
Signature Algorithm: sha256WithRSAEncryption
25:5c:81:b0:cc:38:e8:ec:2e:9f:77:4c:d1:2a:f4:91:46:ac:
39:3b:22:7c:0d:a1:cc:40:c4:7a:0d:07:af:57:6f:d5:4e:1d:
31:1d:57:15:d2:05:05:e2:95:e7:1b:af:ca:d8:8d:93:d4:7d:
b1:1d:0d:38:e3:ae:89:90:2d:a3:b4:24:e8:f0:79:69:71:59:
0a:d2:9e:81:ce:e1:42:ad:d0:71:fb:af:87:73:91:f6:2b:99:
38:6c:b0:fe:29:98:5e:1a:1f:24:df:8c:e4:cb:ab:06:80:87:
14:2f:3a:f9:6f:c5:fd:e3:a1:70:3d:cf:73:cf:3a:93:4f:64:
2e:85:df:ac:83:a5:13:af:bb:f8:3d:30:be:7e:2e:52:c3:b7:
4c:0e:b9:37:98:01:d0:1e:80:86:85:15:79:81:98:c0:56:72:
0b:ef:03:1b:7e:aa:6d:45:75:79:4c:b9:f8:b0:cc:2c:18:90:
f9:67:e4:89:14:ca:91:aa:d1:b5:67:8a:5e:65:16:b6:ff:f7:
f1:82:7c:b4:da:b9:ff:3b:bf:45:2a:67:dd:bb:53:b3:c7:0b:
e7:51:fe:20:66:5e:c0:f9:66:08:6d:ec:5c:28:83:63:61:ab:
0a:f1:92:15:01:23:bb:47:b5:1f:82:99:30:bb:50:39:53:2c:
3b:00:7b:04
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQRAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTYwMDUwWhcNMjUwMTI0MTYwMDUwWjAYMRYw
FAYDVQQDEw02NzdmZjJiNi0xY2VhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtkscoYWorK/l8pBhUQ3n5yH0ms7IOUuaWnbbfEJK6jutZSdugklspSXm
RlORFTqTo6eEPXCd9Ar4js2g17775YtbPVCQjl+8pHgoO725SeROVjCTDDM807TE
2l9gyk/2BAZQYKJf0697uo/aF0hW0aG2QDGbQ89rOAztM9fhCvDo8SeGNAcDA470
hq5wThwtJ+QEDZ9YDUiOIMroppkCMPLxIoWiJpdbPfA5qs0A5DM/o12W0nlBozj0
iojzAeuap+SSePdlHf42C2IecYsEXhc2LOA4CbeKsuCeqkZCK6s2HiJGL2Ixxujz
Dz3Agf9s+wh/+mvmxBTJGfjDdIcxNQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPDW
iGkyDRhOebgUS5ksC5o1aE/FMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FN0NBOEMzNkNFQTIxMUVGOUZGOTc3QTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOtQMA0GCSqGSIb3DQEBCwUA
A4IBAQAlXIGwzDjo7C6fd0zRKvSRRqw5OyJ8DaHMQMR6DQevV2/VTh0xHVcV0gUF
4pXnG6/K2I2T1H2xHQ04466JkC2jtCTo8HlpcVkK0p6BzuFCrdBx+6+Hc5H2K5k4
bLD+KZheGh8k34zky6sGgIcULzr5b8X946FwPc9zzzqTT2Quhd+sg6UTr7v4PTC+
fi5Sw7dMDrk3mAHQHoCGhRV5gZjAVnIL7wMbfqptRXV5TLn4sMwsGJD5Z+SJFMqR
qtG1Z4peZRa2//fxgny02rn/O79FKmfdu1OzxwvnUf4gZl7A+WYIbexcKINjYasK
8ZIVASO7R7Ufgpkwu1A5Uyw7AHsE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:56 2025 by rpki-client