Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E937D7C2CE5711EF9FD04E48762E951A.roa
File: E937D7C2CE5711EF9FD04E48762E951A.roa (raw, json)
Hash identifier: bTtykO7KVV1QC3J8dtGdGCA4QIhoM1g6RH4IfT44nf8=
Subject key identifier: 09:B4:21:32:6F:3B:80:77:0E:5D:4D:89:56:B6:04:BE:52:97:63:0D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0102EE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E937D7C2CE5711EF9FD04E48762E951A.roa
Signing time: Thu 09 Jan 2025 07:04:04 +0000
ROA not before: Thu 09 Jan 2025 07:04:00 +0000
ROA not after: Wed 22 Jan 2025 07:04:00 +0000
asID: 5065
IP address blocks: 156.239.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66286 (0x102ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 07:04:00 2025 GMT
Not After : Jan 22 07:04:00 2025 GMT
Subject: CN=677f74e4-aee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b2:ef:97:f4:bf:04:8c:37:ae:8b:9b:04:e1:
e3:be:82:73:75:1b:9a:b6:bf:54:32:72:ff:0a:32:
98:34:81:14:88:3d:ef:58:e9:2e:8f:d8:7b:aa:ce:
e6:af:50:c4:e8:a7:29:b5:e9:c0:ca:b2:1b:72:5b:
da:6c:19:c2:9d:d6:cb:d6:71:e6:fb:ef:05:7d:1f:
65:a3:b9:d7:bc:f8:8d:a6:98:1e:7d:af:26:2b:2f:
63:50:c1:9a:80:8e:14:f2:53:50:f2:3f:9c:da:1c:
2f:f6:f4:81:fe:c2:3a:a6:43:ef:ba:68:6a:2b:25:
69:85:0a:39:0a:f9:6c:62:d7:bb:1f:45:6d:df:b2:
e3:46:85:7e:a3:42:f4:7a:63:a3:48:55:8a:fd:06:
91:9c:39:3c:20:f6:a2:aa:a6:b9:9e:58:39:59:df:
c4:7c:95:2b:b1:5d:db:0b:90:7e:2e:ac:5c:2e:5b:
8d:7d:8a:2d:bf:8e:ef:f0:bf:0f:6c:64:0f:dc:ad:
f9:3f:8d:5d:e3:2e:af:43:0a:db:8d:db:75:31:75:
13:30:99:45:38:37:83:ec:52:77:2f:59:f7:70:d5:
86:ed:47:41:77:a8:7f:12:e3:20:79:9f:dd:40:50:
85:52:72:a5:32:8c:74:58:9d:e6:90:40:03:c3:18:
f4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B4:21:32:6F:3B:80:77:0E:5D:4D:89:56:B6:04:BE:52:97:63:0D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E937D7C2CE5711EF9FD04E48762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.138.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:62:8d:98:c9:aa:6c:df:7e:54:c1:62:a8:e9:6d:4a:b9:60:
82:75:5f:c0:e8:a1:6b:d4:a5:29:ac:48:f6:95:48:ee:51:d7:
99:e5:c3:68:f6:59:aa:af:09:01:85:79:c8:b7:de:c7:7b:d7:
2f:9a:52:b1:ea:6c:2a:c1:d6:c0:4e:80:44:1a:1c:f0:99:8d:
da:69:0f:2c:a7:97:79:c3:e6:f3:d9:1a:56:2d:a5:19:33:f7:
5e:d5:97:c5:e3:aa:63:c6:fc:37:27:06:ce:90:2a:ec:ab:a8:
94:65:5c:5d:72:b7:3c:be:f7:c5:4f:c8:01:9f:c5:e8:e7:f4:
e4:95:c8:54:78:0c:4f:4a:ea:a1:39:b0:05:9d:56:41:04:5f:
8e:20:62:f8:74:97:9e:92:eb:fb:a4:d0:ce:ac:75:aa:99:80:
61:3d:0d:8f:cb:0b:14:9e:e2:73:08:e8:76:61:e6:af:a7:4d:
d8:e2:26:a6:7e:b5:ac:a5:92:ef:11:b4:91:99:4c:43:27:6c:
a7:3b:cd:59:59:c4:74:ed:3c:70:e7:77:20:96:73:a9:9d:d7:
74:d7:c6:5f:bb:06:c6:b1:19:f8:fe:cf:56:5c:86:77:e1:56:
0a:85:5b:e2:66:e8:a0:3f:41:14:6d:6d:86:44:04:b6:89:aa:
12:24:7e:4b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQLuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDcwNDAwWhcNMjUwMTIyMDcwNDAwWjAYMRYw
FAYDVQQDEw02NzdmNzRlNC1hZWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArrLvl/S/BIw3roubBOHjvoJzdRuatr9UMnL/CjKYNIEUiD3vWOkuj9h7
qs7mr1DE6KcptenAyrIbclvabBnCndbL1nHm++8FfR9lo7nXvPiNppgefa8mKy9j
UMGagI4U8lNQ8j+c2hwv9vSB/sI6pkPvumhqKyVphQo5CvlsYte7H0Vt37LjRoV+
o0L0emOjSFWK/QaRnDk8IPaiqqa5nlg5Wd/EfJUrsV3bC5B+LqxcLluNfYotv47v
8L8PbGQP3K35P41d4y6vQwrbjdt1MXUTMJlFODeD7FJ3L1n3cNWG7UdBd6h/EuMg
eZ/dQFCFUnKlMox0WJ3mkEADwxj0FQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAm0
ITJvO4B3Dl1NiVa2BL5Sl2MNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOTM3RDdDMkNFNTcxMUVGOUZEMDRFNDg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO+KMA0GCSqGSIb3DQEBCwUA
A4IBAQBfYo2Yyaps335UwWKo6W1KuWCCdV/A6KFr1KUprEj2lUjuUdeZ5cNo9lmq
rwkBhXnIt97He9cvmlKx6mwqwdbAToBEGhzwmY3aaQ8sp5d5w+bz2RpWLaUZM/de
1ZfF46pjxvw3JwbOkCrsq6iUZVxdcrc8vvfFT8gBn8Xo5/TklchUeAxPSuqhObAF
nVZBBF+OIGL4dJeekuv7pNDOrHWqmYBhPQ2PywsUnuJzCOh2Yeavp03Y4iamfrWs
pZLvEbSRmUxDJ2ynO81ZWcR07Txw53cglnOpndd018ZfuwbGsRn4/s9WXIZ34VYK
hVviZuigP0EUbW2GRAS2iaoSJH5L
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:25 2025 by rpki-client