Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D1D03B10128711EFA6DAD6F2007001B1.roa
File: D1D03B10128711EFA6DAD6F2007001B1.roa (raw, json)
Hash identifier: PH5IMw7AX0WtPDxjN9XejAAqBFDvUrkO+PSlgiAPc80=
Subject key identifier: DF:5D:F6:97:7D:39:D0:F0:71:8C:60:CF:C5:37:4C:70:4A:7F:7E:2E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8A63
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D1D03B10128711EFA6DAD6F2007001B1.roa
Signing time: Wed 15 May 2024 06:53:22 +0000
ROA not before: Wed 15 May 2024 06:53:19 +0000
ROA not after: Sun 26 May 2024 06:53:19 +0000
asID: 7018
IP address blocks: 45.203.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35427 (0x8a63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 15 06:53:19 2024 GMT
Not After : May 26 06:53:19 2024 GMT
Subject: CN=66445be2-b77c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9c:f7:22:32:14:22:4e:15:3d:50:2a:3e:80:
a5:30:b1:c1:27:ed:ff:d3:51:dd:dc:9c:b5:53:10:
81:50:f1:4f:e8:86:4a:b8:55:c5:53:a1:f1:10:3e:
7c:87:f2:54:67:91:04:e5:39:50:8a:8f:1d:2c:ea:
2e:d4:4e:ce:b8:d8:c8:3e:b3:7d:2e:f3:76:ca:59:
ca:11:b4:b4:24:f7:c4:45:6a:56:ce:a3:70:7b:99:
85:01:bf:79:2b:0f:66:b0:40:e7:6c:c9:bc:0e:5d:
76:83:25:27:d8:0b:ff:b7:c5:3f:57:28:57:2b:9c:
0b:e1:47:6e:eb:35:24:77:8b:45:3b:97:f1:46:38:
ca:99:1e:0c:56:9d:8c:e6:c5:8a:2a:d3:2d:2b:5c:
1e:a5:11:6e:99:17:82:45:67:13:53:35:79:bb:c3:
37:94:66:97:04:8b:80:96:15:b9:82:b2:9d:ed:28:
88:98:59:c2:d0:ab:5c:c4:f5:2b:29:ab:79:1a:4a:
c8:85:82:9d:cf:92:d5:fb:87:8d:5d:a0:09:b6:80:
65:3e:50:09:5b:c7:19:fe:58:e8:c1:35:94:c5:2c:
aa:85:2a:ff:03:02:24:8e:61:93:ca:ac:9a:89:d1:
ec:3c:9b:0d:59:7e:72:88:d7:32:d6:0f:12:0c:20:
eb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:5D:F6:97:7D:39:D0:F0:71:8C:60:CF:C5:37:4C:70:4A:7F:7E:2E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D1D03B10128711EFA6DAD6F2007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.48.0/21
Signature Algorithm: sha256WithRSAEncryption
15:13:4f:9b:d2:4f:23:dd:00:95:ab:cb:d9:62:18:39:7f:8a:
ee:0d:f9:74:48:05:a6:6b:ec:71:9a:fe:4b:48:90:f4:d4:10:
59:2c:68:8b:5c:6d:a2:e4:71:05:96:fc:3c:86:fb:62:c7:b7:
f3:1e:51:dd:a0:7b:54:79:13:b2:bb:d3:cf:db:e6:9c:17:fb:
ce:38:1b:88:66:21:ce:52:7d:6e:42:5f:3b:a5:53:66:70:c1:
d8:d1:c3:4e:06:ca:f3:f3:af:5e:e0:20:14:d0:23:0c:bb:45:
83:ee:7e:be:67:89:fe:44:13:da:8c:5f:ff:b4:ce:db:68:1b:
15:c5:f5:18:b9:9b:fb:b8:fc:05:bb:a3:2a:39:17:06:42:25:
10:66:b8:82:06:5b:59:87:87:60:bd:28:91:88:b2:28:7d:9a:
5d:bf:ef:00:02:e4:d7:26:97:f7:c9:dd:c8:1c:f2:0c:bf:c4:
80:12:67:25:9a:3d:80:80:74:0a:90:ec:07:91:20:21:92:64:
1f:4e:ad:a5:a3:4b:d4:6f:a3:0f:80:2a:83:3c:76:d1:5d:3b:
74:32:d2:d0:84:1d:f5:bd:80:91:ed:a5:bf:e2:0f:94:05:01:
d7:59:dc:16:d6:35:4c:8d:6c:b8:40:fd:6a:2d:29:45:ec:cd:
6f:6d:e1:a7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIpjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTE1MDY1MzE5WhcNMjQwNTI2MDY1MzE5WjAYMRYw
FAYDVQQDEw02NjQ0NWJlMi1iNzdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmZz3IjIUIk4VPVAqPoClMLHBJ+3/01Hd3Jy1UxCBUPFP6IZKuFXFU6Hx
ED58h/JUZ5EE5TlQio8dLOou1E7OuNjIPrN9LvN2ylnKEbS0JPfERWpWzqNwe5mF
Ab95Kw9msEDnbMm8Dl12gyUn2Av/t8U/VyhXK5wL4Udu6zUkd4tFO5fxRjjKmR4M
Vp2M5sWKKtMtK1wepRFumReCRWcTUzV5u8M3lGaXBIuAlhW5grKd7SiImFnC0Ktc
xPUrKat5GkrIhYKdz5LV+4eNXaAJtoBlPlAJW8cZ/ljowTWUxSyqhSr/AwIkjmGT
yqyaidHsPJsNWX5yiNcy1g8SDCDrCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN9d
9pd9OdDwcYxgz8U3THBKf34uMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMUQwM0IxMDEyODcxMUVGQTZEQUQ2RjIwMDcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcswMA0GCSqGSIb3DQEBCwUA
A4IBAQAVE0+b0k8j3QCVq8vZYhg5f4ruDfl0SAWma+xxmv5LSJD01BBZLGiLXG2i
5HEFlvw8hvtix7fzHlHdoHtUeROyu9PP2+acF/vOOBuIZiHOUn1uQl87pVNmcMHY
0cNOBsrz869e4CAU0CMMu0WD7n6+Z4n+RBPajF//tM7baBsVxfUYuZv7uPwFu6Mq
ORcGQiUQZriCBltZh4dgvSiRiLIofZpdv+8AAuTXJpf3yd3IHPIMv8SAEmclmj2A
gHQKkOwHkSAhkmQfTq2lo0vUb6MPgCqDPHbRXTt0MtLQhB31vYCR7aW/4g+UBQHX
WdwW1jVMjWy4QP1qLSlF7M1vbeGn
-----END CERTIFICATE-----
Generated at Mon May 27 03:45:18 2024 by rpki-client on console-ams.rpki-client.org