Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C1725D207A811EF9B8D9D4C017001B1.roa
File: 3C1725D207A811EF9B8D9D4C017001B1.roa (raw, json)
Hash identifier: VrZ2TgpSuspyY5OW/iQSU+WChgpHQOITNaPw1pF7m0A=
Subject key identifier: 94:FD:53:0F:14:CD:A4:F3:79:4D:FA:D9:FA:66:F3:D1:8C:64:BB:F8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8710
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C1725D207A811EF9B8D9D4C017001B1.roa
Signing time: Wed 01 May 2024 10:47:42 +0000
ROA not before: Wed 01 May 2024 10:47:38 +0000
ROA not after: Sat 11 May 2024 10:47:38 +0000
asID: 136950
IP address blocks: 45.195.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34576 (0x8710)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 1 10:47:38 2024 GMT
Not After : May 11 10:47:38 2024 GMT
Subject: CN=66321dce-6417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b4:07:90:df:63:3d:92:20:0b:fb:29:14:bd:
41:af:41:41:e3:b4:84:85:ea:c5:fb:dd:01:40:72:
f7:a0:ac:48:18:92:45:01:4d:81:79:7c:75:38:da:
43:4c:36:97:b0:6f:7a:6b:17:b3:5b:96:fc:9e:8c:
a7:53:a2:9c:fe:af:72:38:1d:1c:87:55:d2:a5:80:
96:44:d9:64:38:67:38:80:f4:cd:ba:db:04:83:01:
67:82:67:95:99:28:f0:e7:ce:7c:4e:62:85:69:6e:
2c:0e:0b:c9:cb:cd:d5:e0:f9:7b:04:bf:50:70:07:
4f:85:63:d6:20:62:19:c6:cc:00:94:f7:44:c0:a0:
bc:d2:e7:4e:a8:28:3d:79:55:66:ab:10:40:26:28:
79:f8:5b:d0:06:38:fa:37:a9:1a:82:c6:46:00:87:
be:18:ca:3a:c9:b3:75:5a:03:e6:fc:86:84:9f:fe:
8d:eb:88:a1:d0:2d:31:9d:72:3f:1e:8d:f1:b1:ae:
41:60:de:fe:60:29:b7:be:7a:69:36:dd:b2:da:71:
f7:59:0e:27:e9:c3:01:62:d9:61:ae:32:02:f9:d9:
a5:bf:d8:c7:91:de:b6:d8:78:9f:cf:c6:ae:a8:c9:
53:d1:cf:cf:99:8a:38:e7:e3:b2:48:21:fc:c7:bd:
e7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:FD:53:0F:14:CD:A4:F3:79:4D:FA:D9:FA:66:F3:D1:8C:64:BB:F8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C1725D207A811EF9B8D9D4C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.148.0/24
Signature Algorithm: sha256WithRSAEncryption
89:d3:6a:ee:13:89:23:a6:86:f5:44:57:8f:c6:22:88:a2:1a:
8f:a8:3a:18:15:49:cb:26:4f:2a:37:32:8d:15:41:b7:18:1a:
a1:23:8b:99:80:a3:a4:f9:01:df:37:e7:28:95:dc:bf:4b:a2:
87:fa:c4:7f:04:0f:c3:29:52:c3:a0:b8:50:72:0a:9f:45:62:
7e:05:12:6c:48:d9:d0:4c:5f:5f:4d:96:b8:5a:83:0d:a9:44:
fb:10:89:ff:05:d0:67:9b:5a:c5:fe:f3:69:73:96:43:33:08:
61:fa:58:e1:02:f2:31:97:72:49:3c:ce:63:cd:b2:6c:32:b6:
b7:4d:2c:dc:da:df:4a:2d:10:66:4c:7b:e5:b2:ea:bd:d5:8d:
a5:c4:ca:dd:34:15:52:63:2a:5a:2d:ee:35:a2:fa:ce:31:74:
76:59:18:8d:53:c9:06:d8:46:7f:84:f6:03:7e:a1:58:dc:27:
6b:e5:f8:85:a3:79:0b:20:ec:12:d7:82:30:6b:51:57:8f:86:
76:0a:c0:00:27:e4:da:a6:13:db:75:ed:1f:6d:e2:e0:fe:43:
3d:68:84:37:1b:ec:46:98:64:88:80:7a:c3:6f:ff:89:54:b0:
f4:07:43:fe:f1:d5:76:56:d9:0c:f1:49:5d:f4:9c:b4:4b:34:
e2:ad:dd:55
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIcQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTAxMTA0NzM4WhcNMjQwNTExMTA0NzM4WjAYMRYw
FAYDVQQDEw02NjMyMWRjZS02NDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq7QHkN9jPZIgC/spFL1Br0FB47SEherF+90BQHL3oKxIGJJFAU2BeXx1
ONpDTDaXsG96axezW5b8noynU6Kc/q9yOB0ch1XSpYCWRNlkOGc4gPTNutsEgwFn
gmeVmSjw5858TmKFaW4sDgvJy83V4Pl7BL9QcAdPhWPWIGIZxswAlPdEwKC80udO
qCg9eVVmqxBAJih5+FvQBjj6N6kagsZGAIe+GMo6ybN1WgPm/IaEn/6N64ih0C0x
nXI/Ho3xsa5BYN7+YCm3vnppNt2y2nH3WQ4n6cMBYtlhrjIC+dmlv9jHkd622Hif
z8auqMlT0c/PmYo45+OySCH8x73ntwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJT9
Uw8UzaTzeU362fpm89GMZLv4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQzE3MjVEMjA3QTgxMUVGOUI4RDlENEMwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcOUMA0GCSqGSIb3DQEBCwUA
A4IBAQCJ02ruE4kjpob1RFePxiKIohqPqDoYFUnLJk8qNzKNFUG3GBqhI4uZgKOk
+QHfN+coldy/S6KH+sR/BA/DKVLDoLhQcgqfRWJ+BRJsSNnQTF9fTZa4WoMNqUT7
EIn/BdBnm1rF/vNpc5ZDMwhh+ljhAvIxl3JJPM5jzbJsMra3TSzc2t9KLRBmTHvl
suq91Y2lxMrdNBVSYypaLe41ovrOMXR2WRiNU8kG2EZ/hPYDfqFY3Cdr5fiFo3kL
IOwS14Iwa1FXj4Z2CsAAJ+TaphPbde0fbeLg/kM9aIQ3G+xGmGSIgHrDb/+JVLD0
B0P+8dV2VtkM8Uld9Jy0SzTird1V
-----END CERTIFICATE-----
Generated at Sun May 12 01:39:49 2024 by rpki-client on console-fra.rpki-client.org