Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/96566A2A038F11EFA0ACFE6A017001B1.roa
File: 96566A2A038F11EFA0ACFE6A017001B1.roa (raw, json)
Hash identifier: g0dcKvcGWPP9JpjY736rG3f2D7XYovB6MlY4HrIpsGo=
Subject key identifier: 8B:7D:BB:9B:D2:B9:B9:9D:C0:72:87:4A:2F:84:EC:EC:24:23:1E:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 85FC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/96566A2A038F11EFA0ACFE6A017001B1.roa
Signing time: Fri 26 Apr 2024 05:41:11 +0000
ROA not before: Fri 26 Apr 2024 05:41:07 +0000
ROA not after: Sun 05 May 2024 05:41:07 +0000
asID: 139646
IP address blocks: 45.201.222.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34300 (0x85fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 26 05:41:07 2024 GMT
Not After : May 5 05:41:07 2024 GMT
Subject: CN=662b3e77-d1cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:51:c7:f7:49:d4:b9:44:63:b7:44:48:49:03:
4a:24:8c:a7:46:8c:e4:64:20:dd:77:42:7e:85:0e:
fa:ce:6d:30:13:ff:07:ba:f3:61:dd:f4:4e:4d:5b:
2c:fe:0e:16:cd:b3:62:d7:25:fb:1a:fe:36:39:c5:
eb:5d:ae:06:dd:63:7a:47:fb:ec:9c:67:c9:41:5f:
91:9b:b5:35:04:23:b3:3f:77:8d:d6:6b:66:d0:e6:
62:52:73:8d:29:59:8d:1d:9b:dd:41:23:9a:22:a2:
46:38:90:dd:7d:9b:4d:5f:3b:63:44:47:76:f5:91:
30:71:1e:51:c0:ca:4f:6b:b0:91:dd:15:c2:d7:b0:
08:0a:e1:11:2f:08:e7:76:44:e4:d5:e7:ba:ac:4e:
0d:58:39:98:85:61:cb:51:cd:c3:ec:87:53:25:41:
95:36:74:49:67:b3:ce:05:be:e3:c7:20:5b:54:5a:
50:b6:71:f0:09:1d:f1:bd:a1:d5:e4:8f:26:e8:7c:
e5:11:ea:4b:54:a3:79:e2:51:5e:ea:03:3b:b5:65:
89:1c:53:6e:b9:a4:34:78:20:2a:e9:cb:af:7f:ce:
84:fb:81:5c:4d:fe:1e:8f:a4:c9:52:41:52:d8:21:
6e:1f:9a:87:99:09:3a:53:74:aa:d6:a1:ac:ae:21:
b9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:7D:BB:9B:D2:B9:B9:9D:C0:72:87:4A:2F:84:EC:EC:24:23:1E:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/96566A2A038F11EFA0ACFE6A017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.222.0/23
Signature Algorithm: sha256WithRSAEncryption
61:44:17:46:19:3f:74:42:b5:e8:fe:3a:02:a5:76:c0:5c:99:
14:a6:1a:e3:4f:e3:37:07:27:aa:47:81:e3:97:99:ab:02:bf:
32:b6:58:11:ae:86:e5:c6:f8:95:dd:26:c5:2e:73:de:85:9d:
92:4f:a9:b3:8e:1d:22:c0:3a:92:9b:f7:81:97:66:48:9b:c8:
f9:a7:d8:6e:be:d3:d3:5c:e8:83:16:7a:9c:f3:d7:d4:a8:61:
40:fc:ef:2a:99:ad:79:97:b5:36:f4:72:ee:0f:7a:4f:4e:b6:
1c:d2:81:d4:8a:21:77:d3:bf:ef:79:39:d9:7a:5d:1e:51:34:
63:55:6b:0a:8e:fd:f4:35:3a:ea:e3:a1:01:cb:51:74:16:47:
23:ed:2b:42:69:0c:ae:18:be:4b:29:54:e4:ec:91:44:5a:ad:
1d:c2:33:a9:b5:f1:50:ef:1c:32:1c:33:7a:a5:4c:5f:9b:8d:
67:d6:4d:b0:d4:08:33:fd:e6:b2:63:c1:b2:53:0d:33:38:99:
d3:18:c3:3e:c2:44:d3:48:91:92:f7:70:0b:8c:d4:4e:6d:ad:
87:8f:ee:f5:b0:d6:fd:36:1c:16:f6:0f:a5:c2:95:b6:48:2d:
25:48:43:54:9e:ca:ec:dc:27:04:f8:32:7f:78:24:1e:06:5f:
84:84:60:ad
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIX8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI2MDU0MTA3WhcNMjQwNTA1MDU0MTA3WjAYMRYw
FAYDVQQDEw02NjJiM2U3Ny1kMWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr1HH90nUuURjt0RISQNKJIynRozkZCDdd0J+hQ76zm0wE/8HuvNh3fRO
TVss/g4WzbNi1yX7Gv42OcXrXa4G3WN6R/vsnGfJQV+Rm7U1BCOzP3eN1mtm0OZi
UnONKVmNHZvdQSOaIqJGOJDdfZtNXztjREd29ZEwcR5RwMpPa7CR3RXC17AICuER
LwjndkTk1ee6rE4NWDmYhWHLUc3D7IdTJUGVNnRJZ7POBb7jxyBbVFpQtnHwCR3x
vaHV5I8m6HzlEepLVKN54lFe6gM7tWWJHFNuuaQ0eCAq6cuvf86E+4FcTf4ej6TJ
UkFS2CFuH5qHmQk6U3Sq1qGsriG54QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIt9
u5vSubmdwHKHSi+E7OwkIx7ZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NjU2NkEyQTAzOEYxMUVGQTBBQ0ZFNkEwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcneMA0GCSqGSIb3DQEBCwUA
A4IBAQBhRBdGGT90QrXo/joCpXbAXJkUphrjT+M3ByeqR4Hjl5mrAr8ytlgRrobl
xviV3SbFLnPehZ2ST6mzjh0iwDqSm/eBl2ZIm8j5p9huvtPTXOiDFnqc89fUqGFA
/O8qma15l7U29HLuD3pPTrYc0oHUiiF307/veTnZel0eUTRjVWsKjv30NTrq46EB
y1F0Fkcj7StCaQyuGL5LKVTk7JFEWq0dwjOptfFQ7xwyHDN6pUxfm41n1k2w1Agz
/eayY8GyUw0zOJnTGMM+wkTTSJGS93ALjNROba2Hj+71sNb9NhwW9g+lwpW2SC0l
SENUnsrs3CcE+DJ/eCQeBl+EhGCt
-----END CERTIFICATE-----
Generated at Mon May 6 02:29:26 2024 by rpki-client on console-fra.rpki-client.org