Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9189BF2CE6E11EF89806259762E951A.roa
File: E9189BF2CE6E11EF89806259762E951A.roa (raw, json)
Hash identifier: T7DT+jLAY0ww8VhB32XqplRWDzbNaUI9e5pKYacQXQw=
Subject key identifier: B4:37:0C:8B:7E:6B:8A:D8:E1:6E:89:A4:4C:93:B2:86:60:7B:BF:93
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01031E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9189BF2CE6E11EF89806259762E951A.roa
Signing time: Thu 09 Jan 2025 09:48:42 +0000
ROA not before: Thu 09 Jan 2025 09:48:39 +0000
ROA not after: Wed 22 Jan 2025 09:48:39 +0000
asID: 22773
IP address blocks: 156.232.0.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66334 (0x1031e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 09:48:39 2025 GMT
Not After : Jan 22 09:48:39 2025 GMT
Subject: CN=677f9b7a-4890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0a:39:06:03:4f:bc:ae:b8:12:85:df:ea:f2:
ae:ed:d5:f7:9e:68:ce:ab:43:8d:dd:fd:f8:95:cd:
57:67:da:c8:11:bd:6e:4c:3c:3e:ba:59:bc:3e:6a:
66:fe:bd:da:e2:e0:00:6a:5b:d3:a6:f4:2f:0c:53:
8c:f4:e9:39:07:da:c0:c7:17:da:8a:33:f1:59:71:
58:3c:35:82:d5:47:b6:46:12:fb:1b:d3:e1:69:9d:
09:48:4a:b9:b6:c8:a5:31:62:c5:99:b1:79:4d:ac:
26:b1:c1:4c:ab:c5:47:f9:72:ee:a4:f8:a8:f8:ee:
51:99:5a:e1:d2:c8:76:7d:97:c4:33:a8:f1:a0:ec:
10:99:e7:17:89:1b:7d:9a:c8:28:6a:58:51:41:76:
85:71:a9:74:11:12:c8:c1:85:a8:66:bf:a8:87:d5:
f2:66:c1:5c:9c:c2:f1:8d:83:36:a4:d9:41:4c:8d:
5a:c3:bb:68:bb:09:a4:44:56:82:6c:18:e5:b1:be:
1a:63:10:a2:53:2e:70:e8:8b:2d:ae:31:94:29:60:
73:ed:2c:3c:c2:83:6c:58:cd:cc:b9:37:c4:54:5b:
7c:df:14:81:61:5f:cf:31:b4:a8:35:06:28:38:9b:
03:87:71:cb:a5:2e:4e:73:91:a2:c7:96:f3:2b:5c:
e4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:37:0C:8B:7E:6B:8A:D8:E1:6E:89:A4:4C:93:B2:86:60:7B:BF:93
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9189BF2CE6E11EF89806259762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.0.0/23
Signature Algorithm: sha256WithRSAEncryption
60:0a:2a:b1:bc:cc:b5:10:20:8b:af:ec:80:3e:5d:b9:c3:f4:
ef:d3:42:3b:26:05:30:00:95:44:9e:53:f1:25:4a:90:65:b4:
6f:c0:29:49:73:48:b2:19:03:ce:28:9b:9e:57:f4:9d:d5:fd:
ca:0b:a4:4c:5f:e2:53:25:ec:0a:b3:57:35:65:8a:d0:dd:7c:
60:4d:ba:27:cc:f5:e7:6d:26:21:99:78:89:4f:bf:21:ac:c4:
3e:90:36:65:72:25:09:ad:3a:b9:98:05:98:30:00:4d:e5:bc:
2f:3d:da:80:e2:2a:f3:e0:69:ad:11:31:cc:36:49:93:15:8a:
c6:01:7c:fe:ef:e7:c6:b7:cb:36:ea:cc:79:94:f8:bc:4c:16:
0b:74:8d:74:6a:80:60:8e:85:60:4e:2c:4a:f5:e8:c3:a8:e5:
6e:d0:66:f1:22:37:f3:f6:45:19:5d:75:ff:02:4d:ea:ed:b8:
83:9e:40:72:c3:a5:9d:12:ce:e7:e7:4f:d8:64:f4:7d:49:44:
68:96:12:28:cf:31:9b:f6:15:ed:7b:f6:27:e7:93:7e:97:6c:
32:c8:37:78:86:64:9d:3d:0d:96:85:b7:5b:2a:c5:42:90:b6:
7c:11:78:eb:fd:21:a7:8c:92:9b:73:80:0e:29:85:9e:aa:08:
b8:b3:55:de
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQMeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDk0ODM5WhcNMjUwMTIyMDk0ODM5WjAYMRYw
FAYDVQQDEw02NzdmOWI3YS00ODkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArwo5BgNPvK64EoXf6vKu7dX3nmjOq0ON3f34lc1XZ9rIEb1uTDw+ulm8
Pmpm/r3a4uAAalvTpvQvDFOM9Ok5B9rAxxfaijPxWXFYPDWC1Ue2RhL7G9PhaZ0J
SEq5tsilMWLFmbF5TawmscFMq8VH+XLupPio+O5RmVrh0sh2fZfEM6jxoOwQmecX
iRt9msgoalhRQXaFcal0ERLIwYWoZr+oh9XyZsFcnMLxjYM2pNlBTI1aw7touwmk
RFaCbBjlsb4aYxCiUy5w6IstrjGUKWBz7Sw8woNsWM3MuTfEVFt83xSBYV/PMbSo
NQYoOJsDh3HLpS5Oc5Gix5bzK1zkcQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLQ3
DIt+a4rY4W6JpEyTsoZge7+TMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOTE4OUJGMkNFNkUxMUVGODk4MDYyNTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOgAMA0GCSqGSIb3DQEBCwUA
A4IBAQBgCiqxvMy1ECCLr+yAPl25w/Tv00I7JgUwAJVEnlPxJUqQZbRvwClJc0iy
GQPOKJueV/Sd1f3KC6RMX+JTJewKs1c1ZYrQ3XxgTbonzPXnbSYhmXiJT78hrMQ+
kDZlciUJrTq5mAWYMABN5bwvPdqA4irz4GmtETHMNkmTFYrGAXz+7+fGt8s26sx5
lPi8TBYLdI10aoBgjoVgTixK9ejDqOVu0GbxIjfz9kUZXXX/Ak3q7biDnkByw6Wd
Es7n50/YZPR9SURolhIozzGb9hXte/Yn55N+l2wyyDd4hmSdPQ2WhbdbKsVCkLZ8
EXjr/SGnjJKbc4AOKYWeqgi4s1Xe
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:43 2025 by rpki-client