Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/045545B2370811F09ADA94A1DAE4EC9C.roa
File: 045545B2370811F09ADA94A1DAE4EC9C.roa (raw, json)
Hash identifier: Rm8NP6wILpc/iUoS92UCic4C3h6d0heAtAD13b/4qe0=
Subject key identifier: B5:8A:5F:72:34:CA:3E:B3:46:F0:D9:D9:EE:64:EB:2E:9E:A2:96:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0156A1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/045545B2370811F09ADA94A1DAE4EC9C.roa
Signing time: Thu 22 May 2025 12:26:42 +0000
ROA not before: Thu 22 May 2025 12:26:37 +0000
ROA not after: Mon 02 Jun 2025 12:26:37 +0000
asID: 131471
IP address blocks: 45.195.130.0/24 maxlen: 24
45.195.131.0/24 maxlen: 24
45.195.194.0/24 maxlen: 24
45.195.195.0/24 maxlen: 24
45.195.210.0/24 maxlen: 24
45.195.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87713 (0x156a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 22 12:26:37 2025 GMT
Not After : Jun 2 12:26:37 2025 GMT
Subject: CN=682f1802-6954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2b:7f:fd:71:48:c3:d4:a0:0d:01:c1:ef:13:
0d:ee:c9:41:b9:88:2f:d4:1c:86:7b:e7:8a:e2:b1:
6f:c5:23:e4:0a:2d:84:42:ec:19:e5:bd:0f:75:0f:
ea:6c:44:65:52:d9:68:ce:49:3a:23:9c:0e:8d:85:
4f:e8:c8:b0:72:5b:df:61:74:b2:30:24:c0:6f:19:
79:b7:5f:73:87:77:e2:7e:28:6a:46:3d:5c:cf:2a:
14:ec:34:d2:ee:bc:15:91:b7:25:3f:ad:d1:04:1d:
89:40:54:6e:56:56:26:aa:e6:ef:9c:8c:e2:ce:a2:
1d:5e:3f:f8:84:93:26:58:92:68:3e:8d:b2:0a:d0:
99:c3:41:ca:e3:c6:f4:18:73:37:a4:5e:51:f7:84:
a7:ba:cc:d4:4f:34:5b:fe:ef:02:29:d7:ac:d5:ab:
62:70:c5:e8:75:0a:3f:56:70:a7:6b:e1:0d:74:6b:
14:b5:42:6a:de:94:0b:ff:43:8b:ce:12:c2:61:e7:
71:ef:38:52:f2:ea:07:d3:e3:ad:ae:fb:07:a9:fd:
3d:9e:9d:b2:4d:be:d1:43:4e:df:22:9f:f1:75:cc:
0d:eb:a8:a6:29:4a:44:86:13:12:8f:93:07:de:4b:
87:44:26:f1:50:ed:aa:a2:3e:79:a1:89:0f:09:33:
23:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:8A:5F:72:34:CA:3E:B3:46:F0:D9:D9:EE:64:EB:2E:9E:A2:96:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/045545B2370811F09ADA94A1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.130.0/23
45.195.194.0/23
45.195.210.0/23
Signature Algorithm: sha256WithRSAEncryption
43:2c:e4:d8:43:b3:05:9c:d3:b2:df:f8:aa:f6:81:8e:18:98:
c3:d1:09:d8:2b:65:35:b8:0f:40:df:94:e1:3b:d1:36:a3:d4:
a7:2c:3f:fb:b6:61:ef:27:fa:46:fd:fb:dd:53:5f:79:7e:f7:
d6:b2:c3:6e:12:f1:cf:ce:43:3a:5e:68:65:90:ba:e3:8a:82:
ee:19:04:16:fb:fb:b5:b0:23:eb:4b:85:fc:a0:7c:f0:4e:83:
c7:9e:74:e2:75:84:bb:d8:a4:2e:ec:51:47:ea:1f:70:f2:bf:
89:e3:55:c2:1f:9d:82:39:53:1c:a0:fe:71:d2:e6:5f:a7:d2:
33:55:2b:9d:a7:9b:9b:70:56:80:2a:cb:32:b8:8d:2c:5d:e7:
b6:9f:c4:e1:8a:97:b8:eb:8a:8c:6f:64:55:ca:c0:be:b5:3b:
2f:8a:ee:a9:1d:69:a1:13:9a:b8:fd:9e:d9:70:00:8c:34:e7:
67:45:90:a5:a8:06:b4:92:f1:27:f0:41:65:d1:ab:e9:e5:53:
21:fe:c5:ff:08:bb:70:95:eb:d8:79:5d:98:90:a8:82:bc:27:
27:ff:b2:26:d2:31:72:51:30:2f:b6:2c:79:18:4f:1b:ec:ec:
c3:29:e6:38:aa:ed:fb:c4:e6:33:72:b1:1e:c8:a1:46:16:e6:
12:77:ce:4f
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAVahMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIyMTIyNjM3WhcNMjUwNjAyMTIyNjM3WjAYMRYw
FAYDVQQDEw02ODJmMTgwMi02OTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0yt//XFIw9SgDQHB7xMN7slBuYgv1ByGe+eK4rFvxSPkCi2EQuwZ5b0P
dQ/qbERlUtlozkk6I5wOjYVP6MiwclvfYXSyMCTAbxl5t19zh3fifihqRj1czyoU
7DTS7rwVkbclP63RBB2JQFRuVlYmqubvnIzizqIdXj/4hJMmWJJoPo2yCtCZw0HK
48b0GHM3pF5R94SnuszUTzRb/u8CKdes1aticMXodQo/VnCna+ENdGsUtUJq3pQL
/0OLzhLCYedx7zhS8uoH0+OtrvsHqf09np2yTb7RQ07fIp/xdcwN66imKUpEhhMS
j5MH3kuHRCbxUO2qoj55oYkPCTMjSwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFLWK
X3I0yj6zRvDZ2e5k6y6eopbvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNDU1NDVCMjM3MDgxMUYwOUFEQTk0QTFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLcOCAwQBLcPCAwQBLcPSMA0G
CSqGSIb3DQEBCwUAA4IBAQBDLOTYQ7MFnNOy3/iq9oGOGJjD0QnYK2U1uA9A35Th
O9E2o9SnLD/7tmHvJ/pG/fvdU195fvfWssNuEvHPzkM6XmhlkLrjioLuGQQW+/u1
sCPrS4X8oHzwToPHnnTidYS72KQu7FFH6h9w8r+J41XCH52COVMcoP5x0uZfp9Iz
VSudp5ubcFaAKssyuI0sXee2n8Thipe464qMb2RVysC+tTsviu6pHWmhE5q4/Z7Z
cACMNOdnRZClqAa0kvEn8EFl0avp5VMh/sX/CLtwlevYeV2YkKiCvCcn/7Im0jFy
UTAvtix5GE8b7OzDKeY4qu37xOYzcrEeyKFGFuYSd85P
-----END CERTIFICATE-----
Generated at Thu Jun 5 02:05:44 2025 by rpki-client