Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EECA2486BB7611EFBDDB7F8F762E951A.roa
File: EECA2486BB7611EFBDDB7F8F762E951A.roa (raw, json)
Hash identifier: PCzW7tjDEOc5Eom9rZ7FwXAAYB9KoVUx64rtY0AqKJA=
Subject key identifier: 2D:21:F5:F2:E3:92:B6:BD:5B:96:86:B8:E2:EC:97:27:8B:6E:95:18
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E40C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EECA2486BB7611EFBDDB7F8F762E951A.roa
Signing time: Mon 16 Dec 2024 06:28:16 +0000
ROA not before: Mon 16 Dec 2024 06:28:12 +0000
ROA not after: Mon 20 Jan 2025 06:28:12 +0000
asID: 213995
IP address blocks: 156.253.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58380 (0xe40c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 16 06:28:12 2024 GMT
Not After : Jan 20 06:28:12 2025 GMT
Subject: CN=675fc880-0ff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:52:36:2a:51:b9:c0:ad:e5:77:7c:61:18:3b:
ae:64:b7:ee:29:7a:28:de:59:a3:d1:18:ab:d6:a2:
a2:68:33:7b:d3:41:4e:a0:cf:ce:d8:1e:c8:c3:de:
e4:37:5d:ef:d1:3c:e2:e1:3e:d0:d7:0c:2b:8d:17:
28:e1:fd:92:83:5c:5c:81:41:d5:f5:cc:ac:6b:99:
ca:23:b2:a7:c7:4c:35:2c:57:55:45:42:c5:0c:98:
4d:af:21:9d:87:8d:57:2e:de:78:d7:fa:3d:2e:ad:
04:61:c6:0f:40:3f:9a:b2:10:89:3c:74:be:0e:15:
d5:9a:ac:ee:f1:1b:84:81:a9:2e:49:c8:56:c3:e4:
ef:67:19:86:a0:59:ba:72:c1:60:ba:21:ee:46:4a:
e2:f4:10:e3:23:95:c1:89:1e:30:c1:6e:f7:1d:2d:
02:30:61:c8:19:2c:93:b4:0a:05:fd:42:4b:f2:37:
fc:38:2d:55:d3:58:eb:94:0d:02:5d:61:08:3a:24:
c9:f9:9d:ed:ba:13:91:9f:86:24:e7:51:e8:a6:a2:
5c:97:51:7c:18:da:16:93:ea:24:bd:44:a1:1d:cb:
ae:bc:5f:3e:b2:e7:80:07:9e:f4:26:07:e6:16:8b:
81:ce:1a:84:03:62:7f:c8:14:54:03:bd:67:92:f6:
0e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:21:F5:F2:E3:92:B6:BD:5B:96:86:B8:E2:EC:97:27:8B:6E:95:18
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EECA2486BB7611EFBDDB7F8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.228.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:ab:f2:c5:90:b3:7e:dd:c1:8b:eb:75:71:29:b9:44:11:f3:
47:72:f1:9e:25:2c:e5:ce:09:d1:2b:bc:6b:92:c4:62:1a:1a:
75:2c:cf:02:b5:cc:dc:00:71:43:e1:26:f6:96:3b:05:1c:e8:
fd:57:ba:b1:c4:4a:45:77:8f:9e:8c:63:8d:89:2e:a7:30:12:
c0:91:93:64:f0:f5:7d:46:72:c3:91:50:92:cc:b2:1f:da:bf:
e6:6f:e6:1f:45:ea:7c:5d:3c:6a:e5:70:f0:e0:75:35:11:3e:
88:2e:6a:d5:10:8a:d6:03:c7:5e:47:22:59:2e:da:af:58:36:
27:d2:c2:fd:1a:6a:fb:0b:0c:d6:dd:53:6d:0e:69:59:bf:59:
e8:50:86:da:a0:6b:15:ba:d0:9f:48:cb:9c:e2:5e:57:bf:c0:
d2:2f:19:5f:27:78:8d:66:6a:a2:32:cc:7a:de:ac:6c:69:4d:
96:07:e8:45:5d:6f:64:ff:6c:60:87:0d:b7:70:e9:97:af:2a:
cb:0c:e1:bd:0b:88:bd:3d:1a:9f:54:77:54:ce:5e:ae:32:39:
c8:45:e9:09:a1:60:80:ff:af:b6:bf:9f:4b:75:8e:2b:eb:e1:
5e:bd:ad:90:27:4f:be:db:c7:31:a8:cf:4c:83:f3:8d:d8:c0:
f5:af:97:96
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOQMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE2MDYyODEyWhcNMjUwMTIwMDYyODEyWjAYMRYw
FAYDVQQDEw02NzVmYzg4MC0wZmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5FI2KlG5wK3ld3xhGDuuZLfuKXoo3lmj0Rir1qKiaDN700FOoM/O2B7I
w97kN13v0Tzi4T7Q1wwrjRco4f2Sg1xcgUHV9cysa5nKI7Knx0w1LFdVRULFDJhN
ryGdh41XLt541/o9Lq0EYcYPQD+ashCJPHS+DhXVmqzu8RuEgakuSchWw+TvZxmG
oFm6csFguiHuRkri9BDjI5XBiR4wwW73HS0CMGHIGSyTtAoF/UJL8jf8OC1V01jr
lA0CXWEIOiTJ+Z3tuhORn4Yk51HopqJcl1F8GNoWk+okvUShHcuuvF8+sueAB570
JgfmFouBzhqEA2J/yBRUA71nkvYOpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC0h
9fLjkra9W5aGuOLslyeLbpUYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRUNBMjQ4NkJCNzYxMUVGQkREQjdGOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP3kMA0GCSqGSIb3DQEBCwUA
A4IBAQA/q/LFkLN+3cGL63VxKblEEfNHcvGeJSzlzgnRK7xrksRiGhp1LM8Ctczc
AHFD4Sb2ljsFHOj9V7qxxEpFd4+ejGONiS6nMBLAkZNk8PV9RnLDkVCSzLIf2r/m
b+YfRep8XTxq5XDw4HU1ET6ILmrVEIrWA8deRyJZLtqvWDYn0sL9Gmr7CwzW3VNt
DmlZv1noUIbaoGsVutCfSMuc4l5Xv8DSLxlfJ3iNZmqiMsx63qxsaU2WB+hFXW9k
/2xghw23cOmXryrLDOG9C4i9PRqfVHdUzl6uMjnIRekJoWCA/6+2v59LdY4r6+Fe
va2QJ0++28cxqM9Mg/ON2MD1r5eW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:17 2025 by rpki-client