![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97534D34287F11EF963819307DDC24C2.roa
File: 97534D34287F11EF963819307DDC24C2.roa (raw, json)
Hash identifier: NSQZ0qMSYPf+lLpHDEYTrGESW0mbbR/OqVn3rO1fKlY=
Subject key identifier: 1E:77:48:1F:25:BD:6E:F5:53:CE:59:DE:9B:A8:13:BE:BC:F4:34:C8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 90CF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97534D34287F11EF963819307DDC24C2.roa
Signing time: Wed 12 Jun 2024 05:49:54 +0000
ROA not before: Wed 12 Jun 2024 05:49:50 +0000
ROA not after: Tue 25 Jun 2024 05:49:50 +0000
asID: 44559
IP address blocks: 45.192.96.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37071 (0x90cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 12 05:49:50 2024 GMT
Not After : Jun 25 05:49:50 2024 GMT
Subject: CN=66693702-e79a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:77:f7:08:57:a9:1b:76:d1:7e:b3:45:ef:81:
a3:43:8f:af:04:38:7d:f5:43:45:a1:46:8b:14:01:
54:12:94:94:77:d5:9d:39:9f:38:d5:83:12:79:65:
fc:8d:0c:64:0e:6a:e4:a3:ba:b1:9a:6d:a3:ed:f2:
ef:a0:1c:5c:47:c3:2b:3b:1a:46:09:23:2a:f8:a5:
87:d1:21:9c:59:16:ee:c0:33:7a:e3:91:f2:3c:a3:
d2:d7:e5:86:12:3a:7e:69:ad:43:56:6a:58:9a:80:
10:a7:cf:27:b0:0e:c3:3a:0a:c9:6b:15:29:73:b7:
0c:66:51:c7:62:e0:cd:a6:28:e0:cb:6f:f8:91:0d:
ea:94:46:ab:ca:06:13:56:46:38:8f:61:0d:80:35:
e3:a1:cd:b2:1e:f8:9f:10:14:12:9f:ed:3e:8b:4b:
96:d3:ba:27:9d:b7:02:47:76:be:8f:3f:82:1b:7f:
42:3c:25:c0:7d:30:27:45:e0:9b:b2:df:52:bf:ce:
f9:07:4d:05:7d:b1:57:e1:ed:79:78:b3:08:10:d3:
29:8b:82:40:8e:eb:b4:51:e5:4c:53:34:28:e0:dc:
a5:65:db:c6:9a:57:41:36:66:1b:9b:85:c7:e1:c2:
1e:04:a7:e2:7b:9d:4b:0d:51:5c:53:48:89:aa:b5:
f3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:77:48:1F:25:BD:6E:F5:53:CE:59:DE:9B:A8:13:BE:BC:F4:34:C8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97534D34287F11EF963819307DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/19
Signature Algorithm: sha256WithRSAEncryption
77:fd:ad:59:7a:4f:c8:cd:05:6d:a7:69:aa:8f:09:7b:7a:ce:
11:5e:48:b5:cd:44:7f:bc:bd:a5:50:31:2f:75:c1:99:5f:bb:
87:eb:f3:87:fb:98:a2:7c:a1:79:82:eb:bf:6b:c0:36:85:fd:
eb:57:24:96:1b:6a:69:7f:3c:3e:39:4e:71:fb:66:a4:ef:05:
e6:21:eb:11:2f:5f:e5:a6:d6:ac:cd:51:11:1d:24:58:3f:66:
a5:82:fa:67:47:bb:17:b8:55:32:e1:1e:b8:82:d9:a9:7c:78:
ca:62:f0:71:a3:65:49:f3:2d:2d:3a:8a:d3:e0:e2:65:b2:e6:
33:0e:a4:27:a5:7a:0a:9f:54:91:39:0d:56:ab:73:f7:b4:2a:
c5:11:4d:9c:36:d2:75:b6:aa:1a:b3:41:98:21:50:9b:f2:ac:
6a:b7:9a:12:58:0b:a5:ea:a7:86:c6:84:a4:03:f3:47:57:6b:
b4:bf:ff:3e:3d:6f:54:53:db:cb:f1:26:5f:81:4d:c4:a6:c6:
2c:08:43:f0:12:8a:a4:76:89:af:45:0a:5b:7c:2c:3e:43:eb:
71:34:32:20:a8:65:3b:af:ac:91:84:d6:19:81:4d:56:5a:7b:
d8:0f:91:ad:64:5f:f2:91:5e:49:15:54:7c:ec:82:3c:c4:65:
0e:52:c3:5e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJDPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjEyMDU0OTUwWhcNMjQwNjI1MDU0OTUwWjAYMRYw
FAYDVQQDEw02NjY5MzcwMi1lNzlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3Xf3CFepG3bRfrNF74GjQ4+vBDh99UNFoUaLFAFUEpSUd9WdOZ841YMS
eWX8jQxkDmrko7qxmm2j7fLvoBxcR8MrOxpGCSMq+KWH0SGcWRbuwDN645HyPKPS
1+WGEjp+aa1DVmpYmoAQp88nsA7DOgrJaxUpc7cMZlHHYuDNpijgy2/4kQ3qlEar
ygYTVkY4j2ENgDXjoc2yHvifEBQSn+0+i0uW07onnbcCR3a+jz+CG39CPCXAfTAn
ReCbst9Sv875B00FfbFX4e15eLMIENMpi4JAjuu0UeVMUzQo4NylZdvGmldBNmYb
m4XH4cIeBKfie51LDVFcU0iJqrXziQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB53
SB8lvW71U85Z3puoE7689DTIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NzUzNEQzNDI4N0YxMUVGOTYzODE5MzA3RERDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLcBgMA0GCSqGSIb3DQEBCwUA
A4IBAQB3/a1Zek/IzQVtp2mqjwl7es4RXki1zUR/vL2lUDEvdcGZX7uH6/OH+5ii
fKF5guu/a8A2hf3rVySWG2ppfzw+OU5x+2ak7wXmIesRL1/lptaszVERHSRYP2al
gvpnR7sXuFUy4R64gtmpfHjKYvBxo2VJ8y0tOorT4OJlsuYzDqQnpXoKn1SROQ1W
q3P3tCrFEU2cNtJ1tqoas0GYIVCb8qxqt5oSWAul6qeGxoSkA/NHV2u0v/8+PW9U
U9vL8SZfgU3EpsYsCEPwEoqkdomvRQpbfCw+Q+txNDIgqGU7r6yRhNYZgU1WWnvY
D5GtZF/ykV5JFVR87II8xGUOUsNe
-----END CERTIFICATE-----
Generated at Tue Jun 25 09:54:29 2024 by rpki-client on console-ams.rpki-client.org