Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A47B5DECAC211EFA4953567762E951A.roa
File: 0A47B5DECAC211EFA4953567762E951A.roa (raw, json)
Hash identifier: s8qBvC460pAM0Uoy5yJHKCF6ZSGyoZwKSmQkGQBxepc=
Subject key identifier: 41:98:FE:E3:1A:A0:D2:76:60:E2:DF:49:25:CA:60:56:F0:FE:4E:54
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F724
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A47B5DECAC211EFA4953567762E951A.roa
Signing time: Sat 04 Jan 2025 17:33:42 +0000
ROA not before: Sun 05 Jan 2025 17:33:38 +0000
ROA not after: Fri 17 Jan 2025 17:33:38 +0000
asID: 39600
IP address blocks: 45.197.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63268 (0xf724)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 17:33:38 2025 GMT
Not After : Jan 17 17:33:38 2025 GMT
Subject: CN=677970f6-df1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:49:90:36:0c:12:87:a0:f5:3b:bc:7b:b2:96:
ce:00:73:6b:f2:24:33:1e:9c:2f:08:eb:93:3a:e7:
5d:af:2a:8f:2f:c0:00:d9:73:12:7c:fb:27:48:f5:
b4:f7:cf:4b:6b:64:29:33:e9:88:60:73:78:86:38:
a2:03:3d:d6:69:81:a8:83:36:3f:be:ed:d5:7c:44:
76:ad:bf:d8:5b:8c:16:f4:17:21:3b:a3:15:8f:00:
49:01:4b:eb:0e:20:d2:46:6d:3b:63:3e:54:f3:59:
f8:c6:74:a8:23:db:ee:3e:88:76:ed:fc:fb:72:d4:
66:ff:e6:a3:20:cb:6c:29:45:e1:44:ec:ea:9a:d8:
4d:69:73:ca:7c:90:ec:e0:98:1d:15:dc:e1:2e:f2:
bd:b7:39:70:d0:e5:5a:89:41:9d:04:17:29:b2:77:
10:f4:a3:82:3f:4e:78:32:90:b3:63:a5:56:42:2d:
f7:27:10:75:96:0d:03:50:b7:87:c5:b1:b4:42:b0:
3d:25:d7:75:58:9c:21:63:d9:8c:8d:3e:c7:20:37:
c3:90:5a:bf:06:dc:81:8f:10:25:67:61:e9:e4:5f:
89:54:26:2b:d9:51:37:86:4e:4a:7a:d8:fb:0e:c0:
55:8c:06:d5:4c:a3:d6:76:d3:eb:e7:25:09:6c:73:
17:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:98:FE:E3:1A:A0:D2:76:60:E2:DF:49:25:CA:60:56:F0:FE:4E:54
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0A47B5DECAC211EFA4953567762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.8.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:ea:6c:07:4d:70:2c:99:5e:01:28:cc:05:ce:62:62:b3:c6:
a9:15:fd:7c:91:5f:2e:fb:0a:f4:c1:fb:8f:15:d4:d2:9e:42:
64:28:68:47:da:69:f5:e9:db:11:a0:5f:a2:f2:86:b0:09:62:
fc:62:f8:7e:c6:5d:19:3b:de:b8:e2:c2:8e:5d:f1:04:dd:2f:
82:9b:e2:bc:1d:74:cc:4a:5e:d8:08:2a:5a:08:5d:1b:83:80:
a7:b5:f3:94:82:8f:5d:2b:b8:78:9a:de:b2:cb:a2:db:22:7d:
30:56:ec:f7:7d:ba:5f:8d:f3:98:a9:3e:e0:90:54:78:c6:40:
42:64:5a:d8:49:55:8b:f8:f6:77:57:cc:07:3c:ab:2a:ac:04:
3d:11:dc:7b:4f:10:af:6e:1b:b5:aa:1e:27:38:69:55:58:a9:
7f:2f:ac:79:07:59:54:92:59:5e:6b:74:3c:d0:94:2a:8d:c0:
c5:eb:1f:ff:47:f2:17:51:4f:b6:5a:59:5a:07:c1:7a:1a:21:
3e:f1:89:11:d3:9a:43:cd:75:3a:51:d2:9d:5f:61:d2:37:41:
ed:f1:0b:80:6a:63:d9:1a:db:2b:94:84:d9:aa:2b:4a:2d:5d:
92:a1:8c:3d:27:2e:84:6c:15:37:ab:4e:a2:83:21:a6:ce:fa:
a6:87:cf:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPckMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTczMzM4WhcNMjUwMTE3MTczMzM4WjAYMRYw
FAYDVQQDEw02Nzc5NzBmNi1kZjFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3UmQNgwSh6D1O7x7spbOAHNr8iQzHpwvCOuTOuddryqPL8AA2XMSfPsn
SPW0989La2QpM+mIYHN4hjiiAz3WaYGogzY/vu3VfER2rb/YW4wW9BchO6MVjwBJ
AUvrDiDSRm07Yz5U81n4xnSoI9vuPoh27fz7ctRm/+ajIMtsKUXhROzqmthNaXPK
fJDs4JgdFdzhLvK9tzlw0OVaiUGdBBcpsncQ9KOCP054MpCzY6VWQi33JxB1lg0D
ULeHxbG0QrA9Jdd1WJwhY9mMjT7HIDfDkFq/BtyBjxAlZ2Hp5F+JVCYr2VE3hk5K
etj7DsBVjAbVTKPWdtPr5yUJbHMXBwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEGY
/uMaoNJ2YOLfSSXKYFbw/k5UMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQTQ3QjVERUNBQzIxMUVGQTQ5NTM1Njc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcUIMA0GCSqGSIb3DQEBCwUA
A4IBAQAt6mwHTXAsmV4BKMwFzmJis8apFf18kV8u+wr0wfuPFdTSnkJkKGhH2mn1
6dsRoF+i8oawCWL8Yvh+xl0ZO9644sKOXfEE3S+Cm+K8HXTMSl7YCCpaCF0bg4Cn
tfOUgo9dK7h4mt6yy6LbIn0wVuz3fbpfjfOYqT7gkFR4xkBCZFrYSVWL+PZ3V8wH
PKsqrAQ9Edx7TxCvbhu1qh4nOGlVWKl/L6x5B1lUkllea3Q80JQqjcDF6x//R/IX
UU+2WllaB8F6GiE+8YkR05pDzXU6UdKdX2HSN0Ht8QuAamPZGtsrlITZqitKLV2S
oYw9Jy6EbBU3q06igyGmzvqmh8/E
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:36 2025 by rpki-client