Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE06CA26CAD611EFB247A66A762E951A.roa
File: EE06CA26CAD611EFB247A66A762E951A.roa (raw, json)
Hash identifier: Cw6b/A7naG8zI9XaDmbEmeDpZaxn+QZ1aQS6I67e1Dc=
Subject key identifier: 65:87:D1:6E:39:A5:5F:B5:D9:09:DC:A4:2C:42:95:BC:D7:E6:03:92
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F78A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE06CA26CAD611EFB247A66A762E951A.roa
Signing time: Sat 04 Jan 2025 20:03:14 +0000
ROA not before: Sun 05 Jan 2025 20:03:10 +0000
ROA not after: Mon 20 Jan 2025 20:03:10 +0000
asID: 214515
IP address blocks: 156.253.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63370 (0xf78a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 20:03:10 2025 GMT
Not After : Jan 20 20:03:10 2025 GMT
Subject: CN=67799402-3cbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d0:51:f8:a8:ed:c7:b8:d9:60:94:d8:a9:4e:
fd:43:ff:17:d0:b1:c1:27:c4:e3:90:45:38:b0:5c:
bd:52:ee:c7:56:98:d4:85:88:95:80:9c:9b:45:d3:
a8:aa:fd:9c:70:23:52:81:d0:92:de:77:55:20:0b:
e3:b2:52:57:c2:be:c7:55:af:63:db:65:d1:29:aa:
a0:28:d5:94:cc:d0:f0:62:a0:80:ef:6d:e2:7c:e3:
13:72:38:21:9c:f5:58:80:7e:11:62:bb:78:07:ba:
28:61:e2:29:fd:0d:dc:01:9a:de:9e:45:6a:f5:54:
1e:eb:42:33:54:b2:91:92:3f:1e:9d:84:a9:9e:ef:
52:c3:78:f4:b3:13:3c:a4:23:bc:94:c3:c0:cb:c0:
c1:1a:7e:f9:35:74:89:23:ea:87:bd:05:fc:dc:17:
0e:4c:bc:fb:b5:94:10:e6:50:dd:3e:75:9d:ef:a5:
4d:5a:c0:0c:8d:bf:10:01:7e:81:80:27:79:0a:02:
e6:f5:10:cc:14:f2:77:94:8d:41:c7:a7:c3:cf:7f:
f0:35:01:82:d9:26:d5:aa:23:31:b5:2e:ec:22:80:
a7:99:b4:71:9f:a0:29:a7:9b:93:62:de:54:da:93:
11:de:b9:24:61:65:45:e1:69:15:00:e3:08:9b:4e:
a5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:87:D1:6E:39:A5:5F:B5:D9:09:DC:A4:2C:42:95:BC:D7:E6:03:92
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE06CA26CAD611EFB247A66A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.221.0/24
Signature Algorithm: sha256WithRSAEncryption
40:06:4e:41:b0:31:cd:45:bd:52:b0:d5:7f:0c:22:84:f4:42:
41:cd:0d:01:0f:eb:86:db:0f:c5:d7:b2:48:81:a7:70:47:81:
cf:bb:41:ac:55:3a:cb:55:ce:48:a8:e8:88:aa:87:94:f4:9b:
83:8f:3b:70:b0:98:ae:39:1f:e6:e6:5a:9f:1c:df:2b:03:a7:
be:58:5f:aa:4e:a8:4c:b6:b5:41:35:e6:9e:72:5e:1e:1b:30:
1e:05:e5:dd:e8:41:84:f5:72:20:a7:6a:f2:53:d3:9a:ba:aa:
77:b1:31:53:41:c0:9b:2a:c2:23:27:90:1b:96:ce:65:7e:a9:
6b:ba:de:c6:c7:65:67:e4:26:a8:6b:e1:5a:92:54:8e:75:75:
22:53:7d:e5:05:ca:e9:8e:7f:aa:8f:30:44:1d:a5:11:35:b6:
0d:a8:7b:05:4b:22:8e:a1:9b:b7:f6:1b:e0:29:19:0f:91:22:
b6:13:73:93:61:27:68:57:07:ca:d8:7f:72:b6:6f:ed:c1:c6:
ed:0e:fe:6b:67:5d:1f:58:4e:83:da:f1:cd:2a:b0:4f:01:2b:
9e:72:4a:34:7a:60:7a:2d:bf:d2:c5:21:8b:9f:2d:f0:4e:a5:
6a:11:1c:31:fa:84:80:ca:33:0c:54:9b:f0:8a:04:e1:30:f3:
e3:7d:fb:84
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPeKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjAwMzEwWhcNMjUwMTIwMjAwMzEwWjAYMRYw
FAYDVQQDEw02Nzc5OTQwMi0zY2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy9BR+Kjtx7jZYJTYqU79Q/8X0LHBJ8TjkEU4sFy9Uu7HVpjUhYiVgJyb
RdOoqv2ccCNSgdCS3ndVIAvjslJXwr7HVa9j22XRKaqgKNWUzNDwYqCA723ifOMT
cjghnPVYgH4RYrt4B7ooYeIp/Q3cAZrenkVq9VQe60IzVLKRkj8enYSpnu9Sw3j0
sxM8pCO8lMPAy8DBGn75NXSJI+qHvQX83BcOTLz7tZQQ5lDdPnWd76VNWsAMjb8Q
AX6BgCd5CgLm9RDMFPJ3lI1Bx6fDz3/wNQGC2SbVqiMxtS7sIoCnmbRxn6App5uT
Yt5U2pMR3rkkYWVF4WkVAOMIm06lgQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGWH
0W45pV+12QncpCxClbzX5gOSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRTA2Q0EyNkNBRDYxMUVGQjI0N0E2NkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP3dMA0GCSqGSIb3DQEBCwUA
A4IBAQBABk5BsDHNRb1SsNV/DCKE9EJBzQ0BD+uG2w/F17JIgadwR4HPu0GsVTrL
Vc5IqOiIqoeU9JuDjztwsJiuOR/m5lqfHN8rA6e+WF+qTqhMtrVBNeaecl4eGzAe
BeXd6EGE9XIgp2ryU9Oauqp3sTFTQcCbKsIjJ5Abls5lfqlrut7Gx2Vn5Caoa+Fa
klSOdXUiU33lBcrpjn+qjzBEHaURNbYNqHsFSyKOoZu39hvgKRkPkSK2E3OTYSdo
VwfK2H9ytm/twcbtDv5rZ10fWE6D2vHNKrBPASuecko0emB6Lb/SxSGLny3wTqVq
ERwx+oSAyjMMVJvwigThMPPjffuE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:16 2025 by rpki-client