Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ECD31442CEFB11EFBF2A085A762E951A.roa
File: ECD31442CEFB11EFBF2A085A762E951A.roa (raw, json)
Hash identifier: H4MjX4kZKCzXtsRW4YjMpLgbOuVX31rCDyynEH8ltbY=
Subject key identifier: 33:1A:87:B2:B4:9D:2B:95:FA:4E:53:C1:2B:7E:53:A4:3D:65:58:1C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0104AF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ECD31442CEFB11EFBF2A085A762E951A.roa
Signing time: Fri 10 Jan 2025 02:38:08 +0000
ROA not before: Fri 10 Jan 2025 02:38:04 +0000
ROA not after: Mon 27 Jan 2025 02:38:04 +0000
asID: 152092
IP address blocks: 156.245.198.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66735 (0x104af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 02:38:04 2025 GMT
Not After : Jan 27 02:38:04 2025 GMT
Subject: CN=67808810-97e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4c:4e:57:e9:ca:64:55:cd:28:ad:68:a2:25:
28:f7:10:4a:fa:1d:7c:86:0e:ca:fb:63:93:82:72:
bb:fa:4e:75:0c:b6:c1:4f:3b:a3:22:07:e3:73:81:
66:61:f0:c7:6d:e5:a4:a7:52:ce:27:47:ee:8d:76:
88:cd:e2:7b:82:d0:ee:c6:47:47:ed:28:88:55:c3:
46:7d:6f:a9:7e:bd:58:49:f3:1b:ab:b2:e9:b7:0a:
f5:25:b6:48:a0:fc:7b:2d:dc:f0:4b:12:19:9d:9a:
9a:f9:e4:e3:ed:a4:25:1e:07:c9:66:14:96:e0:52:
57:3c:9c:fa:2b:1e:87:6c:c4:06:8f:34:84:2e:2d:
a5:63:d0:cb:80:fd:80:4f:82:de:54:fb:68:4b:de:
bc:95:3e:6d:5f:42:33:2c:89:44:07:2f:2a:9f:34:
46:7b:7c:e9:ad:f1:35:b1:d9:82:34:67:e6:ff:ca:
f1:75:f8:a6:95:bd:36:27:61:35:8c:6e:f7:76:97:
99:b3:5f:a0:25:85:c4:6b:47:0d:e2:3b:41:2c:2b:
68:3a:7d:51:07:86:18:26:ec:c3:32:fa:3b:ef:30:
df:07:e1:6f:74:8f:b2:52:87:c5:46:24:a1:f7:d8:
5b:2e:7f:d8:59:12:15:04:60:85:1e:86:de:e9:a0:
96:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:1A:87:B2:B4:9D:2B:95:FA:4E:53:C1:2B:7E:53:A4:3D:65:58:1C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ECD31442CEFB11EFBF2A085A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.198.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:c8:e3:de:2a:9a:40:8f:54:d8:ab:b5:f3:56:a4:9c:f2:13:
2c:83:2d:17:ed:18:92:b7:05:2b:5b:5c:fc:9a:48:06:82:b1:
03:4a:3c:4f:8f:96:43:c5:11:5f:07:c2:5d:89:b2:99:9b:0e:
81:98:24:9e:4f:66:10:5d:a9:cc:0f:e7:be:25:e3:43:91:8c:
12:89:a2:2d:bc:0d:59:98:44:3f:e8:42:12:f8:e6:f7:88:94:
2b:b4:7b:b1:83:67:49:e1:d2:bb:73:23:4d:ad:0d:59:7f:90:
ac:d9:70:90:f3:b5:d6:f4:87:da:bf:d6:39:18:6d:0c:7d:db:
02:50:60:5a:98:93:a6:e0:ec:8b:97:93:4f:ca:dc:c3:08:be:
8e:74:73:ef:bd:1c:c1:36:94:0d:6b:03:a7:1e:6e:75:78:20:
cc:e0:08:e5:76:d3:a4:7a:46:c6:2f:ed:9b:89:94:aa:03:43:
50:ec:fe:3d:e9:c0:f9:6e:18:f6:8a:51:b3:3a:78:16:ef:5d:
13:71:e4:af:b8:f0:f4:10:63:bf:64:56:99:9c:23:ca:94:36:
ac:e2:aa:9f:89:b5:0a:31:65:3b:de:ca:06:ab:1c:13:20:d8:
3d:fe:36:f8:27:18:47:3e:f8:8c:37:be:c2:ad:cd:12:77:83:
e0:45:7b:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQSvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDIzODA0WhcNMjUwMTI3MDIzODA0WjAYMRYw
FAYDVQQDEw02NzgwODgxMC05N2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnkxOV+nKZFXNKK1ooiUo9xBK+h18hg7K+2OTgnK7+k51DLbBTzujIgfj
c4FmYfDHbeWkp1LOJ0fujXaIzeJ7gtDuxkdH7SiIVcNGfW+pfr1YSfMbq7Lptwr1
JbZIoPx7LdzwSxIZnZqa+eTj7aQlHgfJZhSW4FJXPJz6Kx6HbMQGjzSELi2lY9DL
gP2AT4LeVPtoS968lT5tX0IzLIlEBy8qnzRGe3zprfE1sdmCNGfm/8rxdfimlb02
J2E1jG73dpeZs1+gJYXEa0cN4jtBLCtoOn1RB4YYJuzDMvo77zDfB+FvdI+yUofF
RiSh99hbLn/YWRIVBGCFHobe6aCWDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDMa
h7K0nSuV+k5TwSt+U6Q9ZVgcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQ0QzMTQ0MkNFRkIxMUVGQkYyQTA4NUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPXGMA0GCSqGSIb3DQEBCwUA
A4IBAQC2yOPeKppAj1TYq7XzVqSc8hMsgy0X7RiStwUrW1z8mkgGgrEDSjxPj5ZD
xRFfB8JdibKZmw6BmCSeT2YQXanMD+e+JeNDkYwSiaItvA1ZmEQ/6EIS+Ob3iJQr
tHuxg2dJ4dK7cyNNrQ1Zf5Cs2XCQ87XW9Ifav9Y5GG0MfdsCUGBamJOm4OyLl5NP
ytzDCL6OdHPvvRzBNpQNawOnHm51eCDM4AjldtOkekbGL+2biZSqA0NQ7P496cD5
bhj2ilGzOngW710TceSvuPD0EGO/ZFaZnCPKlDas4qqfibUKMWU73soGqxwTINg9
/jb4JxhHPviMN77Crc0Sd4PgRXvN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:19 2025 by rpki-client