Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F65A7D20DCC11EF8E0B3155017001B1.roa
File: 0F65A7D20DCC11EF8E0B3155017001B1.roa (raw, json)
Hash identifier: MqiN6NNa8tSbZDE60+7oJqJ/0s2JSYfAYPu9Z6PVcQE=
Subject key identifier: B2:36:0F:4F:17:FA:DE:4E:4E:8F:E8:6F:D3:C7:C5:A3:4E:57:54:C0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8907
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F65A7D20DCC11EF8E0B3155017001B1.roa
Signing time: Thu 09 May 2024 06:19:16 +0000
ROA not before: Thu 09 May 2024 06:19:12 +0000
ROA not after: Wed 29 May 2024 06:19:12 +0000
asID: 141883
IP address blocks: 45.201.224.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35079 (0x8907)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 9 06:19:12 2024 GMT
Not After : May 29 06:19:12 2024 GMT
Subject: CN=663c6ae3-675d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:44:cc:2f:c3:d3:9f:bc:1c:48:22:73:ac:
62:72:d1:b9:61:65:b2:5b:d8:87:c1:d3:ce:ce:aa:
d4:27:fa:ad:83:63:bb:62:c6:12:7a:25:54:ae:94:
66:c9:ec:78:97:b5:9a:e1:a0:67:07:35:a5:5b:f1:
34:23:ec:e9:7f:ad:55:af:24:00:00:07:ec:59:e8:
94:47:43:4c:0b:97:62:cb:8c:25:b1:ef:4d:9f:48:
7a:04:47:65:71:ca:6f:ca:1a:af:bd:f3:cb:e7:63:
67:14:17:a9:30:9e:2f:e7:21:85:f5:0c:46:bd:b7:
a1:90:9b:c1:f1:f7:24:17:0f:c4:e1:52:c1:33:ed:
01:ee:bd:25:da:e7:8f:6c:fd:02:d9:05:ce:38:87:
f2:eb:ff:b6:f8:1b:76:36:a1:30:8d:95:c1:81:af:
14:97:70:76:4c:71:ba:6c:f8:f0:cc:40:0f:ef:ed:
cd:57:ea:f0:07:14:76:6e:ef:0c:e5:8d:88:48:9f:
da:f9:b9:55:b1:82:96:ff:3c:e3:04:7e:b4:5f:9b:
79:30:2a:71:a1:9b:19:fa:a8:46:c3:c9:dd:2f:df:
0e:e5:d3:b2:f0:53:a0:7f:36:e6:14:79:b9:06:a9:
fc:21:d4:61:90:4b:32:a5:a0:0d:26:59:ff:23:6c:
46:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:36:0F:4F:17:FA:DE:4E:4E:8F:E8:6F:D3:C7:C5:A3:4E:57:54:C0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F65A7D20DCC11EF8E0B3155017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.224.0/21
Signature Algorithm: sha256WithRSAEncryption
b4:fc:78:29:b4:36:00:8f:12:d3:ad:63:a3:02:4b:a4:f6:1b:
e5:54:df:e2:b9:1a:9a:29:81:22:91:fa:6a:e8:38:30:ed:15:
3f:e5:a5:69:6f:40:8e:fb:89:4e:1e:41:33:a2:45:92:0a:52:
84:c3:13:98:be:6f:e1:cc:26:90:42:12:31:0a:43:60:00:9b:
ee:4e:9f:7b:c4:e9:6c:39:39:63:88:29:60:49:64:ba:8b:d8:
af:a3:3c:fd:3e:23:38:02:77:1f:9f:ec:5a:5d:2d:19:59:53:
cb:a1:a2:d8:3a:31:5e:89:4d:95:a4:40:37:85:4d:e7:25:9c:
d4:73:1a:74:bb:e3:66:71:f3:02:6f:9b:62:d0:18:ce:d0:e2:
51:06:4a:3e:e2:15:3b:7e:3a:11:d5:8e:68:31:14:81:c4:f0:
ca:63:20:d9:9d:8b:e8:fa:e9:43:ff:29:3b:59:57:d7:00:da:
4a:36:90:04:a8:3e:37:21:12:67:00:c3:a6:4b:75:1c:bf:12:
4d:1a:b6:f2:e7:69:28:f9:80:c7:18:32:66:1f:b4:6d:ee:92:
f8:e4:e5:f5:d8:5d:a1:12:d6:dd:3f:19:99:7f:af:02:50:ff:
92:c9:66:19:fe:7c:bb:6d:d5:13:ad:fc:bb:0b:85:f6:22:a2:
3a:23:90:fb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIkHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTA5MDYxOTEyWhcNMjQwNTI5MDYxOTEyWjAYMRYw
FAYDVQQDEw02NjNjNmFlMy02NzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv8BEzC/D05+8HEgic6xictG5YWWyW9iHwdPOzqrUJ/qtg2O7YsYSeiVU
rpRmyex4l7Wa4aBnBzWlW/E0I+zpf61VryQAAAfsWeiUR0NMC5diy4wlse9Nn0h6
BEdlccpvyhqvvfPL52NnFBepMJ4v5yGF9QxGvbehkJvB8fckFw/E4VLBM+0B7r0l
2uePbP0C2QXOOIfy6/+2+Bt2NqEwjZXBga8Ul3B2THG6bPjwzEAP7+3NV+rwBxR2
bu8M5Y2ISJ/a+blVsYKW/zzjBH60X5t5MCpxoZsZ+qhGw8ndL98O5dOy8FOgfzbm
FHm5Bqn8IdRhkEsypaANJln/I2xGHQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLI2
D08X+t5OTo/ob9PHxaNOV1TAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRjY1QTdEMjBEQ0MxMUVGOEUwQjMxNTUwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcngMA0GCSqGSIb3DQEBCwUA
A4IBAQC0/HgptDYAjxLTrWOjAkuk9hvlVN/iuRqaKYEikfpq6Dgw7RU/5aVpb0CO
+4lOHkEzokWSClKEwxOYvm/hzCaQQhIxCkNgAJvuTp97xOlsOTljiClgSWS6i9iv
ozz9PiM4Ancfn+xaXS0ZWVPLoaLYOjFeiU2VpEA3hU3nJZzUcxp0u+NmcfMCb5ti
0BjO0OJRBko+4hU7fjoR1Y5oMRSBxPDKYyDZnYvo+ulD/yk7WVfXANpKNpAEqD43
IRJnAMOmS3UcvxJNGrby52ko+YDHGDJmH7Rt7pL45OX12F2hEtbdPxmZf68CUP+S
yWYZ/ny7bdUTrfy7C4X2IqI6I5D7
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:49:36 2024 by rpki-client on console-fra.rpki-client.org