Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EF7B72BCF2D111EFB273FE7C762E951A.roa
File: EF7B72BCF2D111EFB273FE7C762E951A.roa (raw, json)
Hash identifier: MIO0sPMJ06ZdlgoIgUbqlDX88H+/25/v9TPYzBQEtXc=
Subject key identifier: 4E:43:47:9D:F6:82:1A:1D:4E:89:B4:E7:13:5F:EC:A1:08:65:35:39
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012CBD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EF7B72BCF2D111EFB273FE7C762E951A.roa
Signing time: Mon 24 Feb 2025 17:08:15 +0000
ROA not before: Mon 24 Feb 2025 17:08:11 +0000
ROA not after: Sat 29 Mar 2025 17:08:11 +0000
asID: 203020
IP address blocks: 156.226.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76989 (0x12cbd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 24 17:08:11 2025 GMT
Not After : Mar 29 17:08:11 2025 GMT
Subject: CN=67bca77f-cb4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b6:2e:15:bf:b4:a5:c8:70:fa:0c:bc:ae:aa:
19:67:70:f6:e6:45:c8:68:a8:d9:d6:2a:c8:ab:c2:
bd:ff:45:ae:f7:8d:4b:3a:c6:c3:7e:16:f1:6e:9f:
2a:46:b7:c5:dc:cc:bf:d8:70:2a:d1:fd:f5:4b:31:
70:a7:1a:0a:b5:9d:be:3c:b8:40:f9:1b:2f:9b:ca:
79:7d:1e:0e:61:75:51:5e:3c:c4:2c:6c:ef:fc:70:
d9:cf:3a:0b:dd:3d:c6:4a:8a:a1:a2:87:cb:8b:e3:
dc:ff:bb:32:4d:74:3d:ad:86:16:3d:58:ab:30:36:
dd:ee:8e:2c:45:64:f9:11:b7:4f:2f:f3:71:2e:b0:
4c:11:99:8c:11:3c:67:17:96:8d:1d:0a:3e:fe:37:
a3:72:07:09:22:1f:20:c4:88:54:e6:61:fe:b3:09:
a4:3f:6d:2c:f6:62:8c:7b:17:2f:21:8b:23:69:72:
b0:7c:f0:31:68:85:34:07:8f:9b:9f:fe:e3:30:e8:
1c:6b:e8:4a:65:76:98:cf:d1:b2:d1:43:4e:53:8f:
ef:f5:4d:ef:a7:43:e2:87:90:3a:4b:e7:8c:97:c1:
49:b6:52:57:60:12:94:19:86:07:b2:11:f1:ce:98:
5d:a6:a7:e5:04:92:ad:8c:63:5d:10:c6:95:e5:66:
a2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:43:47:9D:F6:82:1A:1D:4E:89:B4:E7:13:5F:EC:A1:08:65:35:39
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EF7B72BCF2D111EFB273FE7C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.7.0/24
Signature Algorithm: sha256WithRSAEncryption
77:85:03:70:9b:86:3f:ff:a5:da:80:e1:0c:c6:62:30:e1:32:
24:68:c2:1f:4b:3e:8e:f4:9f:aa:8d:1a:5d:4d:c3:18:4d:f9:
41:ff:bb:a0:60:9a:cc:00:7c:5e:a8:f4:d5:b2:15:ac:06:96:
a8:4c:cf:6c:ba:a1:4f:b5:ab:27:81:b3:e6:94:e0:ce:36:1d:
33:2b:9d:ea:b5:96:46:c5:0e:9a:65:b4:23:94:03:d1:29:af:
b9:54:e1:d5:45:51:96:9b:bd:21:9a:53:65:5e:32:5c:7e:1e:
7f:4e:10:de:3d:64:ef:62:53:f6:20:66:b6:ea:fd:23:04:e1:
22:77:05:e9:51:77:c7:db:98:62:7c:d8:fe:b7:fc:27:55:40:
c1:dc:3a:f8:92:cd:2b:70:c2:bc:22:df:ab:78:b2:47:6c:1b:
15:20:df:80:6e:95:c7:cc:26:1a:92:53:d2:e4:c1:b4:a5:da:
5f:3e:da:6d:6e:36:1a:1f:86:75:07:f4:bf:c4:a5:d1:25:d0:
c3:8c:71:29:f2:b8:95:48:21:cd:f8:60:0f:0e:90:20:83:10:
b8:b2:a6:5b:98:f0:89:b2:0e:22:2c:ca:2f:b3:9e:13:d0:30:
a5:e3:01:de:c9:80:14:37:21:01:3b:53:38:5d:ed:bf:20:9a:
ed:9f:e0:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASy9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI0MTcwODExWhcNMjUwMzI5MTcwODExWjAYMRYw
FAYDVQQDEw02N2JjYTc3Zi1jYjRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwrYuFb+0pchw+gy8rqoZZ3D25kXIaKjZ1irIq8K9/0Wu941LOsbDfhbx
bp8qRrfF3My/2HAq0f31SzFwpxoKtZ2+PLhA+Rsvm8p5fR4OYXVRXjzELGzv/HDZ
zzoL3T3GSoqhoofLi+Pc/7syTXQ9rYYWPVirMDbd7o4sRWT5EbdPL/NxLrBMEZmM
ETxnF5aNHQo+/jejcgcJIh8gxIhU5mH+swmkP20s9mKMexcvIYsjaXKwfPAxaIU0
B4+bn/7jMOgca+hKZXaYz9Gy0UNOU4/v9U3vp0Pih5A6S+eMl8FJtlJXYBKUGYYH
shHxzphdpqflBJKtjGNdEMaV5WaitQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE5D
R532ghodTom05xNf7KEIZTU5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRjdCNzJCQ0YyRDExMUVGQjI3M0ZFN0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOIHMA0GCSqGSIb3DQEBCwUA
A4IBAQB3hQNwm4Y//6XagOEMxmIw4TIkaMIfSz6O9J+qjRpdTcMYTflB/7ugYJrM
AHxeqPTVshWsBpaoTM9suqFPtasngbPmlODONh0zK53qtZZGxQ6aZbQjlAPRKa+5
VOHVRVGWm70hmlNlXjJcfh5/ThDePWTvYlP2IGa26v0jBOEidwXpUXfH25hifNj+
t/wnVUDB3Dr4ks0rcMK8It+reLJHbBsVIN+AbpXHzCYaklPS5MG0pdpfPtptbjYa
H4Z1B/S/xKXRJdDDjHEp8riVSCHN+GAPDpAggxC4sqZbmPCJsg4iLMovs54T0DCl
4wHeyYAUNyEBO1M4Xe2/IJrtn+CP
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:05:44 2025 by rpki-client