Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E7A68EAD00811EFBBC1D77F762E951A.roa
File: 0E7A68EAD00811EFBBC1D77F762E951A.roa (raw, json)
Hash identifier: nNl3WPqNqGMfr+TQRhtBycexX7tMHhEZBQHK4+11Wlc=
Subject key identifier: 0E:F1:06:3E:5C:B6:1D:29:15:D3:84:7A:DA:C3:54:B7:28:7D:49:15
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0105B2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E7A68EAD00811EFBBC1D77F762E951A.roa
Signing time: Sat 11 Jan 2025 10:37:29 +0000
ROA not before: Sat 11 Jan 2025 10:37:26 +0000
ROA not after: Sat 25 Jan 2025 10:37:26 +0000
asID: 54801
IP address blocks: 45.200.14.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66994 (0x105b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 10:37:26 2025 GMT
Not After : Jan 25 10:37:26 2025 GMT
Subject: CN=678249e9-b292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:51:e7:83:d9:34:fc:02:05:c4:59:7a:30:82:
61:0c:bd:63:70:85:20:03:dd:9d:be:60:70:ec:af:
f1:01:f7:f9:b6:f5:7b:76:4c:d9:52:46:69:01:4a:
4a:e6:7a:8e:dc:c0:b6:12:2e:67:81:9d:08:fc:36:
25:d0:16:c6:fe:98:35:ae:fe:3a:fb:e6:95:ff:b5:
c5:e3:35:21:82:f0:ba:ef:8d:de:38:db:2a:aa:9d:
73:cb:9f:74:fb:10:75:29:bd:23:43:21:40:92:a7:
34:9b:3d:d2:4c:2c:a0:42:db:a5:a5:ed:b0:24:7e:
7c:b7:fe:6d:27:11:b9:6c:3a:7e:8b:8c:9f:36:46:
fe:09:4c:7a:66:e0:f7:41:25:bb:93:21:c1:ed:f3:
f8:e0:02:5f:25:61:24:18:c4:be:88:a3:bd:28:3d:
48:e5:5c:d6:c1:ff:28:94:1a:e2:bf:cf:ae:b9:c3:
d2:4c:ee:52:8a:6c:a5:34:9d:8a:72:46:f4:5f:cb:
6f:b0:4a:46:15:42:70:72:8c:0d:b3:28:bc:9d:4e:
3a:73:34:d7:b8:42:13:93:2b:45:84:94:98:06:67:
72:18:0e:90:e2:53:16:b8:7f:03:c0:61:6d:74:07:
c9:cc:36:7f:6e:0f:58:97:7c:b5:0a:7a:9c:f3:98:
ba:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:F1:06:3E:5C:B6:1D:29:15:D3:84:7A:DA:C3:54:B7:28:7D:49:15
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E7A68EAD00811EFBBC1D77F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.14.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:45:0e:23:d9:2a:88:31:ff:8d:7d:d6:46:0d:be:53:b4:20:
57:aa:8b:14:f1:12:8e:82:dd:24:ca:3e:29:86:e1:d4:5a:78:
67:92:ae:a2:dd:19:61:2e:b7:7b:ce:c0:0e:6b:82:fc:62:58:
20:dc:ad:3f:1b:4f:53:c4:47:95:d9:20:78:78:8c:aa:ba:db:
8e:25:96:bd:5e:49:c6:8b:21:9b:18:06:1a:72:45:c1:3e:ab:
95:e5:1b:6d:f4:92:22:27:69:c8:95:34:2b:6a:ca:0f:e5:40:
78:60:a1:91:22:48:67:3c:f8:16:7a:f2:43:c4:ec:9c:72:fe:
de:18:57:ef:88:34:c3:04:0c:d1:1b:16:60:5d:ce:be:e3:18:
3e:14:23:6e:74:81:f7:eb:dc:7f:0f:ef:70:13:06:2f:7f:bd:
12:49:a3:0a:4f:f0:ad:46:2a:21:bb:0d:a8:5a:31:5d:15:77:
89:85:c8:ed:3b:d4:f0:8d:cf:03:24:b0:7d:b4:b2:13:a6:5c:
f3:4a:35:5c:6a:fa:54:84:88:c0:e7:08:81:96:d7:d4:d9:93:
29:be:fa:2c:5b:8e:00:45:e9:fd:71:9f:80:f6:28:58:fe:c7:
9e:eb:26:45:ed:e2:53:37:e3:2b:1b:36:ab:2d:e1:e1:c2:17:
89:66:3d:1e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQWyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTAzNzI2WhcNMjUwMTI1MTAzNzI2WjAYMRYw
FAYDVQQDEw02NzgyNDllOS1iMjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4FHng9k0/AIFxFl6MIJhDL1jcIUgA92dvmBw7K/xAff5tvV7dkzZUkZp
AUpK5nqO3MC2Ei5ngZ0I/DYl0BbG/pg1rv46++aV/7XF4zUhgvC6743eONsqqp1z
y590+xB1Kb0jQyFAkqc0mz3STCygQtulpe2wJH58t/5tJxG5bDp+i4yfNkb+CUx6
ZuD3QSW7kyHB7fP44AJfJWEkGMS+iKO9KD1I5VzWwf8olBriv8+uucPSTO5Simyl
NJ2Kckb0X8tvsEpGFUJwcowNsyi8nU46czTXuEITkytFhJSYBmdyGA6Q4lMWuH8D
wGFtdAfJzDZ/bg9Yl3y1Cnqc85i6uQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA7x
Bj5cth0pFdOEetrDVLcofUkVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRTdBNjhFQUQwMDgxMUVGQkJDMUQ3N0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcgOMA0GCSqGSIb3DQEBCwUA
A4IBAQCqRQ4j2SqIMf+NfdZGDb5TtCBXqosU8RKOgt0kyj4phuHUWnhnkq6i3Rlh
Lrd7zsAOa4L8Ylgg3K0/G09TxEeV2SB4eIyqutuOJZa9XknGiyGbGAYackXBPquV
5Rtt9JIiJ2nIlTQrasoP5UB4YKGRIkhnPPgWevJDxOyccv7eGFfviDTDBAzRGxZg
Xc6+4xg+FCNudIH369x/D+9wEwYvf70SSaMKT/CtRiohuw2oWjFdFXeJhcjtO9Tw
jc8DJLB9tLITplzzSjVcavpUhIjA5wiBltfU2ZMpvvosW44ARen9cZ+A9ihY/see
6yZF7eJTN+MrGzarLeHhwheJZj0e
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:55 2025 by rpki-client