Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2E0CDF6C9AC11EFA5B4A595762E951A.roa
File: F2E0CDF6C9AC11EFA5B4A595762E951A.roa (raw, json)
Hash identifier: dqK4Vvqjb6ctovIwcy+uEtWLWXLuRov/aa865UW6lmU=
Subject key identifier: FE:76:13:B9:69:C0:C6:F3:C3:D2:CF:9E:7A:47:E3:AC:86:15:86:9D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6A3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2E0CDF6C9AC11EFA5B4A595762E951A.roa
Signing time: Fri 03 Jan 2025 08:30:12 +0000
ROA not before: Fri 03 Jan 2025 08:30:08 +0000
ROA not after: Sat 18 Jan 2025 08:30:08 +0000
asID: 139646
IP address blocks: 156.240.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63139 (0xf6a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 08:30:08 2025 GMT
Not After : Jan 18 08:30:08 2025 GMT
Subject: CN=6777a014-439d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f1:38:78:27:cb:db:1c:6e:2c:c0:a1:c7:f7:
71:3f:55:ea:46:b4:f0:1d:8e:1e:90:ad:64:6a:22:
f2:28:9f:37:47:8f:bf:56:c3:91:a8:ad:ab:cb:da:
84:a0:59:e3:93:b4:31:13:b3:95:de:76:b6:d4:de:
b4:77:ac:35:8d:bd:80:47:c1:58:b8:50:cd:23:36:
af:1b:90:ed:e5:b5:a7:8c:2f:62:a0:93:59:1f:ee:
90:d4:b2:be:f8:f6:85:cf:84:53:f5:af:25:9d:8f:
43:d9:31:94:76:ed:a9:16:70:45:4c:7c:a4:af:ca:
e2:09:95:61:47:3f:89:e8:04:bc:a9:b8:61:45:bb:
8b:a2:4f:bf:19:b0:3c:c2:ec:86:fd:67:e7:8b:d6:
49:df:a9:96:c0:af:4f:cd:73:71:a2:b8:5b:e8:8d:
92:99:c5:22:79:b0:66:f4:e6:9f:f4:d6:76:64:49:
be:a6:46:20:ef:0c:bb:15:26:cf:33:6b:86:51:d7:
f9:52:e9:0b:f3:0f:40:50:6c:62:bd:7d:68:58:00:
0d:b1:9b:41:45:92:3d:b0:14:0c:98:47:31:77:9e:
2e:c9:50:4c:20:e8:f2:aa:bf:9a:22:85:b7:5f:c5:
57:6e:da:3b:6d:b3:c6:d4:b4:3a:6b:b9:d6:01:50:
ee:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:76:13:B9:69:C0:C6:F3:C3:D2:CF:9E:7A:47:E3:AC:86:15:86:9D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2E0CDF6C9AC11EFA5B4A595762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.48.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:39:0f:66:7c:e7:61:f9:26:c9:f7:ac:ae:26:47:e5:92:82:
a2:96:32:05:e5:53:c7:f5:af:c9:89:a1:6d:b9:f9:26:b1:d3:
36:c2:38:eb:da:17:d2:a3:bc:73:ec:e0:24:a7:ac:ec:39:e5:
6c:6a:71:64:11:7a:dd:f3:12:6c:48:c8:12:bb:e5:04:2e:ec:
83:44:ad:28:fd:cf:3f:68:6b:47:cc:d2:61:ca:72:b0:b7:2a:
07:c5:5e:e9:05:9e:aa:5b:60:5f:b0:db:c1:8c:00:f6:97:69:
3c:a5:c7:31:80:89:b2:d6:75:5f:37:86:89:e1:99:2b:42:b8:
54:aa:bd:b0:4f:01:5a:66:14:d0:75:7c:35:45:df:42:ec:94:
46:91:9e:c1:eb:84:f7:af:40:f8:a3:1d:e7:58:4c:fe:b3:0e:
f3:7f:0f:31:30:c1:d5:4b:41:de:c4:ec:9a:90:16:a8:12:7f:
5e:d5:7d:71:78:35:fd:4a:e8:39:8a:ee:ee:01:e1:07:8f:3c:
8e:11:bb:c5:cd:e6:cd:16:64:6d:7e:60:ee:c1:a1:7d:92:bb:
78:ff:91:6f:ea:56:99:ea:98:17:33:2c:b8:94:27:23:a5:54:
c0:24:ed:95:bd:ee:54:e6:3f:4a:0a:0e:7f:b2:bf:4b:3f:25:
7b:38:83:b5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPajMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDgzMDA4WhcNMjUwMTE4MDgzMDA4WjAYMRYw
FAYDVQQDEw02Nzc3YTAxNC00MzlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0PE4eCfL2xxuLMChx/dxP1XqRrTwHY4ekK1kaiLyKJ83R4+/VsORqK2r
y9qEoFnjk7QxE7OV3na21N60d6w1jb2AR8FYuFDNIzavG5Dt5bWnjC9ioJNZH+6Q
1LK++PaFz4RT9a8lnY9D2TGUdu2pFnBFTHykr8riCZVhRz+J6AS8qbhhRbuLok+/
GbA8wuyG/Wfni9ZJ36mWwK9PzXNxorhb6I2SmcUiebBm9Oaf9NZ2ZEm+pkYg7wy7
FSbPM2uGUdf5UukL8w9AUGxivX1oWAANsZtBRZI9sBQMmEcxd54uyVBMIOjyqr+a
IoW3X8VXbto7bbPG1LQ6a7nWAVDuJQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP52
E7lpwMbzw9LPnnpH46yGFYadMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMkUwQ0RGNkM5QUMxMUVGQTVCNEE1OTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPAwMA0GCSqGSIb3DQEBCwUA
A4IBAQALOQ9mfOdh+SbJ96yuJkflkoKiljIF5VPH9a/JiaFtufkmsdM2wjjr2hfS
o7xz7OAkp6zsOeVsanFkEXrd8xJsSMgSu+UELuyDRK0o/c8/aGtHzNJhynKwtyoH
xV7pBZ6qW2BfsNvBjAD2l2k8pccxgImy1nVfN4aJ4ZkrQrhUqr2wTwFaZhTQdXw1
Rd9C7JRGkZ7B64T3r0D4ox3nWEz+sw7zfw8xMMHVS0HexOyakBaoEn9e1X1xeDX9
Sug5iu7uAeEHjzyOEbvFzebNFmRtfmDuwaF9krt4/5Fv6laZ6pgXMyy4lCcjpVTA
JO2Vve5U5j9KCg5/sr9LPyV7OIO1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:17 2025 by rpki-client