Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F3509B3C07AA11EFB6DE0963017001B1.roa
File: F3509B3C07AA11EFB6DE0963017001B1.roa (raw, json)
Hash identifier: 4MU0YtHYCsc9HWd+qqCbo95jzrXZfrz+2LotBRO3+Y4=
Subject key identifier: 13:4A:46:6D:DA:F5:2A:77:DB:4D:B9:DD:C6:A8:4C:C5:66:25:32:D1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 872F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F3509B3C07AA11EFB6DE0963017001B1.roa
Signing time: Wed 01 May 2024 11:07:08 +0000
ROA not before: Wed 01 May 2024 11:07:05 +0000
ROA not after: Sat 11 May 2024 11:07:05 +0000
asID: 136970
IP address blocks: 45.195.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34607 (0x872f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 1 11:07:05 2024 GMT
Not After : May 11 11:07:05 2024 GMT
Subject: CN=6632225c-7449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:89:92:31:21:be:4b:6c:0a:fa:d2:7f:e9:25:
81:98:e7:a2:9d:49:6a:21:d1:7c:2f:5b:96:54:84:
38:a4:6d:89:c9:d8:e6:ec:97:be:45:5d:4e:5f:7b:
9f:cd:e9:f8:3a:74:2c:ee:b1:9e:f7:26:a7:74:b0:
78:42:0c:69:44:35:56:93:eb:c0:ec:e4:dc:08:5c:
22:50:c9:28:1d:2c:c4:38:d2:7b:f7:13:8b:22:16:
37:2b:10:b4:fb:75:6b:38:9f:5a:64:fa:e2:c3:9e:
87:99:b3:9c:ae:95:dd:ed:8e:30:88:bf:55:13:7b:
ab:fb:98:37:ff:4d:60:e4:6d:f7:ac:01:53:30:b4:
73:f9:cd:19:a2:52:23:fe:19:c7:06:bd:3e:ea:a2:
61:43:ed:0d:5e:0d:ab:b1:2e:19:ef:a9:08:30:96:
be:0d:85:c6:ea:c8:7b:ed:8a:3b:89:42:0a:aa:38:
cd:b9:fe:56:fa:5f:78:76:33:e4:a8:ac:c3:b5:e6:
5c:fc:72:91:26:89:53:3f:f8:e7:6b:f4:07:f3:62:
cd:1e:5c:c9:9c:0f:45:bc:2f:56:4b:17:3a:e0:f9:
07:8e:66:a1:4e:5d:c2:0e:20:52:b4:3a:f6:91:93:
4f:77:06:a6:f0:e1:b6:eb:9a:c1:c8:69:94:85:cf:
47:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:4A:46:6D:DA:F5:2A:77:DB:4D:B9:DD:C6:A8:4C:C5:66:25:32:D1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F3509B3C07AA11EFB6DE0963017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.201.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:ee:bc:96:90:e7:60:69:5b:3f:a8:9e:c4:cf:62:6c:d7:98:
0a:22:3e:13:df:31:ef:82:55:4b:e2:17:1a:67:d8:fe:5a:cd:
bf:41:85:65:98:31:c2:ae:92:aa:f3:45:ad:ac:62:b9:ee:ad:
65:44:8f:cd:67:37:8f:10:56:7d:ce:b8:cb:90:97:55:bd:ae:
c7:3b:49:02:43:49:16:05:41:c1:6d:9a:b0:06:6b:44:98:11:
5e:29:06:5f:f5:51:31:4d:14:dc:e5:ec:b7:cd:d5:b8:66:3f:
44:f4:d2:0c:39:78:5f:02:a1:e6:e8:17:d4:36:12:a3:bc:ea:
ca:eb:ff:18:4e:83:9e:a4:10:39:fc:0b:d9:5d:db:0a:50:3a:
77:51:93:cf:db:92:89:0e:1a:ec:0d:6d:b5:c1:04:72:4d:0d:
25:52:f9:43:29:eb:e9:86:74:24:45:99:b5:b0:6f:66:bf:6b:
72:29:fe:31:e0:c0:f8:5f:ec:54:18:ca:9c:c2:c3:a7:29:00:
5a:f2:07:dc:c0:a3:e2:b2:a9:8c:63:7b:46:71:9c:a3:43:cc:
3a:23:da:2b:41:a9:dc:c4:7d:35:e6:14:f0:db:0e:90:20:a0:
b5:3e:18:c0:c6:26:07:5f:48:64:d0:e6:9a:df:b2:e0:45:b8:
14:1c:ae:6d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIcvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTAxMTEwNzA1WhcNMjQwNTExMTEwNzA1WjAYMRYw
FAYDVQQDEw02NjMyMjI1Yy03NDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0YmSMSG+S2wK+tJ/6SWBmOeinUlqIdF8L1uWVIQ4pG2Jydjm7Je+RV1O
X3ufzen4OnQs7rGe9yandLB4QgxpRDVWk+vA7OTcCFwiUMkoHSzEONJ79xOLIhY3
KxC0+3VrOJ9aZPriw56HmbOcrpXd7Y4wiL9VE3ur+5g3/01g5G33rAFTMLRz+c0Z
olIj/hnHBr0+6qJhQ+0NXg2rsS4Z76kIMJa+DYXG6sh77Yo7iUIKqjjNuf5W+l94
djPkqKzDteZc/HKRJolTP/jna/QH82LNHlzJnA9FvC9WSxc64PkHjmahTl3CDiBS
tDr2kZNPdwam8OG265rByGmUhc9HcwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBNK
Rm3a9Sp320253caoTMVmJTLRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMzUwOUIzQzA3QUExMUVGQjZERTA5NjMwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcPJMA0GCSqGSIb3DQEBCwUA
A4IBAQAs7ryWkOdgaVs/qJ7Ez2Js15gKIj4T3zHvglVL4hcaZ9j+Ws2/QYVlmDHC
rpKq80WtrGK57q1lRI/NZzePEFZ9zrjLkJdVva7HO0kCQ0kWBUHBbZqwBmtEmBFe
KQZf9VExTRTc5ey3zdW4Zj9E9NIMOXhfAqHm6BfUNhKjvOrK6/8YToOepBA5/AvZ
XdsKUDp3UZPP25KJDhrsDW21wQRyTQ0lUvlDKevphnQkRZm1sG9mv2tyKf4x4MD4
X+xUGMqcwsOnKQBa8gfcwKPisqmMY3tGcZyjQ8w6I9orQancxH015hTw2w6QIKC1
PhjAxiYHX0hk0Oaa37LgRbgUHK5t
-----END CERTIFICATE-----
Generated at Sun May 12 01:39:50 2024 by rpki-client on console-fra.rpki-client.org