Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05798438CE9111EF9DAC38B0762E951A.roa
File: 05798438CE9111EF9DAC38B0762E951A.roa (raw, json)
Hash identifier: QPy5e+DyJnSPDBUZ1UWbgV912xFqhesHfokVC52IeJs=
Subject key identifier: F3:CC:68:B5:7D:46:E6:7E:D6:F6:DF:E1:88:EE:86:AB:26:97:5D:B7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0103EE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05798438CE9111EF9DAC38B0762E951A.roa
Signing time: Thu 09 Jan 2025 13:52:53 +0000
ROA not before: Thu 09 Jan 2025 13:52:49 +0000
ROA not after: Wed 22 Jan 2025 13:52:49 +0000
asID: 39600
IP address blocks: 45.197.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66542 (0x103ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 13:52:49 2025 GMT
Not After : Jan 22 13:52:49 2025 GMT
Subject: CN=677fd4b5-c49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:44:a7:39:68:62:e4:79:a0:d2:ec:a0:ab:58:
27:61:03:28:32:f4:3f:b2:b4:20:cb:77:e5:b0:c8:
aa:60:8b:bb:ba:76:f9:6b:be:35:b3:e8:54:1f:6d:
87:06:df:c4:ff:e9:7a:bb:99:37:8b:41:3f:46:0e:
7e:a3:38:11:ed:ad:5c:38:21:2f:11:f0:1b:45:71:
1f:9e:dc:7f:65:be:69:3c:6d:36:55:31:b7:b2:d5:
52:13:e3:7a:9d:a4:1a:c7:b2:e3:7c:a8:03:b6:c3:
bd:e4:a4:cc:ec:2e:22:ce:44:2a:2c:a4:8c:25:eb:
4b:a5:af:68:c8:77:0a:f1:0d:49:02:33:aa:21:35:
d2:a8:74:6c:40:04:f7:65:ad:81:47:56:03:e0:de:
c8:84:05:4d:25:3d:cb:54:2c:da:d5:29:a4:e6:1e:
b8:15:d6:be:ae:ee:1d:32:4e:cc:e3:ea:b9:3d:08:
4b:5f:38:a9:6d:59:98:48:38:ec:f1:77:ea:58:26:
eb:cc:dc:3d:e3:c4:7e:7a:52:01:06:0a:c4:f5:df:
ac:9c:0f:31:c5:8e:93:93:5d:a2:78:cd:42:05:19:
24:f4:06:78:67:3b:e5:f1:1a:3d:68:06:2d:73:c5:
df:71:8d:40:25:88:05:6f:15:2b:8a:3b:d3:21:0c:
7a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CC:68:B5:7D:46:E6:7E:D6:F6:DF:E1:88:EE:86:AB:26:97:5D:B7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05798438CE9111EF9DAC38B0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.232.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:82:84:55:55:d7:ce:f0:71:3a:0d:c8:56:30:69:56:07:0d:
32:03:28:b6:33:b0:d8:5f:19:e1:e5:be:df:be:90:b3:f2:98:
ef:4b:7d:16:df:9a:15:a0:f8:bb:b5:62:b8:e2:3f:da:49:5b:
a7:81:c0:71:03:70:d3:94:a9:a8:66:7b:91:06:2f:27:1d:a4:
90:af:3d:99:22:53:5a:77:b9:d6:7f:22:83:99:cd:22:50:c3:
e9:fa:f6:eb:26:d9:e8:c0:00:78:59:7b:23:2f:a1:f6:4d:66:
6e:5b:e8:f0:10:50:4d:64:8c:fd:a5:91:00:74:96:5f:8f:ca:
bb:4b:b0:66:50:75:9f:2c:3a:3e:35:34:f4:46:63:2a:b9:72:
d4:71:9b:36:57:4d:f7:26:96:dd:ad:28:65:0d:2f:32:56:36:
46:78:b6:63:18:4e:f7:06:be:56:a8:90:05:74:91:bb:43:fb:
36:a7:c8:00:10:0b:7b:e3:21:a3:a8:cc:df:18:82:ba:63:ac:
06:be:e3:d4:0a:0f:9f:0f:5b:5e:2f:30:56:cf:38:4d:27:52:
a7:14:f4:78:fc:81:6d:40:5b:36:c8:b6:9b:6a:f3:55:4f:57:
f0:dd:4c:a4:f5:da:46:db:71:a2:e0:11:b8:7b:47:c6:40:6e:
7c:17:35:51
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQPuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTM1MjQ5WhcNMjUwMTIyMTM1MjQ5WjAYMRYw
FAYDVQQDEw02NzdmZDRiNS1jNDljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoUSnOWhi5Hmg0uygq1gnYQMoMvQ/srQgy3flsMiqYIu7unb5a741s+hU
H22HBt/E/+l6u5k3i0E/Rg5+ozgR7a1cOCEvEfAbRXEfntx/Zb5pPG02VTG3stVS
E+N6naQax7LjfKgDtsO95KTM7C4izkQqLKSMJetLpa9oyHcK8Q1JAjOqITXSqHRs
QAT3Za2BR1YD4N7IhAVNJT3LVCza1Smk5h64Fda+ru4dMk7M4+q5PQhLXzipbVmY
SDjs8XfqWCbrzNw948R+elIBBgrE9d+snA8xxY6Tk12ieM1CBRkk9AZ4Zzvl8Ro9
aAYtc8XfcY1AJYgFbxUrijvTIQx6CwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPPM
aLV9RuZ+1vbf4Yjuhqsml123MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNTc5ODQzOENFOTExMUVGOURBQzM4QjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcXoMA0GCSqGSIb3DQEBCwUA
A4IBAQCigoRVVdfO8HE6DchWMGlWBw0yAyi2M7DYXxnh5b7fvpCz8pjvS30W35oV
oPi7tWK44j/aSVungcBxA3DTlKmoZnuRBi8nHaSQrz2ZIlNad7nWfyKDmc0iUMPp
+vbrJtnowAB4WXsjL6H2TWZuW+jwEFBNZIz9pZEAdJZfj8q7S7BmUHWfLDo+NTT0
RmMquXLUcZs2V033JpbdrShlDS8yVjZGeLZjGE73Br5WqJAFdJG7Q/s2p8gAEAt7
4yGjqMzfGIK6Y6wGvuPUCg+fD1teLzBWzzhNJ1KnFPR4/IFtQFs2yLabavNVT1fw
3Uyk9dpG23Gi4BG4e0fGQG58FzVR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:33 2025 by rpki-client