Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/18CAEFA0F5C811EF8F18A658762E951A.roa
File: 18CAEFA0F5C811EF8F18A658762E951A.roa (raw, json)
Hash identifier: IuquA+ush+Bxlp+EVvmc/CYzblTzX0mXa9jeUgQgdfQ=
Subject key identifier: A9:B6:3F:61:D3:15:0E:96:D2:FC:A1:6A:AF:33:9A:1B:F2:16:05:75
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013D35
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/18CAEFA0F5C811EF8F18A658762E951A.roa
Signing time: Fri 28 Feb 2025 11:35:23 +0000
ROA not before: Fri 28 Feb 2025 11:35:19 +0000
ROA not after: Sun 30 Mar 2025 11:35:19 +0000
asID: 138995
IP address blocks: 45.192.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81205 (0x13d35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 11:35:19 2025 GMT
Not After : Mar 30 11:35:19 2025 GMT
Subject: CN=67c19f7b-f1ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f5:c0:52:ff:04:93:c8:fe:bd:e7:7e:32:5c:
53:83:48:e8:07:66:39:9f:2c:4e:2e:7f:d9:88:d1:
6e:c7:3c:8f:34:a4:a4:19:6e:49:f1:b8:76:8f:c1:
06:76:4b:eb:c9:f3:30:77:18:b2:9d:49:80:f2:97:
a7:f3:6d:8e:9d:e2:da:b1:d6:d9:88:6b:89:d5:8d:
fb:8c:35:e0:0e:f8:07:21:e0:e3:b3:4e:4f:bf:52:
5d:e3:95:3b:74:33:7b:1d:0f:00:5a:34:ce:cd:94:
a9:3a:35:2f:ce:a3:6e:77:81:0b:ea:4a:ad:5c:bb:
02:e6:7e:aa:4b:f6:70:91:c9:94:ba:ad:69:94:ff:
82:ba:c2:98:b8:2b:c1:cc:d9:ec:4b:07:d3:0d:a9:
81:b4:dd:80:4d:e8:90:e0:c3:b9:6c:d8:d5:f4:10:
52:57:40:c8:b5:a3:16:c7:76:96:af:9c:73:eb:74:
b6:da:f1:55:34:19:94:d4:05:6a:30:85:89:7a:6d:
d5:3f:eb:bd:67:6b:b9:37:ba:09:7e:44:cf:42:05:
30:66:13:7d:08:c5:9b:0f:2d:3a:c7:3a:45:f9:89:
a4:1b:61:d1:f0:25:b4:26:8e:72:e8:c6:88:92:5e:
a4:ec:b2:db:2b:61:84:05:9d:d3:70:65:66:e1:45:
e7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B6:3F:61:D3:15:0E:96:D2:FC:A1:6A:AF:33:9A:1B:F2:16:05:75
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/18CAEFA0F5C811EF8F18A658762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.170.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:c2:8a:a3:b9:f7:5d:ae:f5:95:a2:af:b7:65:d9:e4:f9:b3:
44:05:a0:95:ed:2a:2d:ef:70:05:3f:02:29:e2:ce:59:eb:2e:
67:55:aa:1b:f4:7d:39:be:ab:46:fb:fb:20:51:79:de:2f:75:
a5:08:0b:26:31:3a:6b:22:3b:70:ea:c0:d4:7f:c5:2f:2b:c2:
0b:28:20:f1:75:23:29:0d:b0:53:8e:5c:17:89:78:7b:59:ee:
27:be:8c:cb:25:ac:6b:72:50:08:44:b5:13:21:58:a5:54:3b:
67:15:d8:dd:2c:ac:cc:d5:30:c6:ff:54:34:5a:dd:e8:b3:45:
88:a1:e5:6a:77:08:7b:be:85:32:6c:3e:a6:f4:a6:d9:e3:9c:
ca:8d:d1:40:a5:f2:c5:6b:88:7b:4a:da:cb:ce:9c:88:21:94:
2d:ac:fb:fb:68:65:b2:70:87:98:12:fc:78:2a:80:5c:24:af:
71:d0:70:93:fe:cd:c8:e4:84:2e:e0:6e:26:06:a9:00:0a:3a:
65:58:5a:4a:13:ed:48:a5:4e:d2:8b:5f:69:b3:83:2c:f8:5f:
84:12:56:32:37:19:81:ae:a5:18:42:af:74:5e:3e:0f:d1:dc:
2e:a1:b5:c7:26:2e:54:38:72:18:f8:cd:4e:ea:51:21:39:41:
9b:ac:c3:56
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT01MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTEzNTE5WhcNMjUwMzMwMTEzNTE5WjAYMRYw
FAYDVQQDEw02N2MxOWY3Yi1mMWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvvXAUv8Ek8j+ved+MlxTg0joB2Y5nyxOLn/ZiNFuxzyPNKSkGW5J8bh2
j8EGdkvryfMwdxiynUmA8pen822OneLasdbZiGuJ1Y37jDXgDvgHIeDjs05Pv1Jd
45U7dDN7HQ8AWjTOzZSpOjUvzqNud4EL6kqtXLsC5n6qS/ZwkcmUuq1plP+CusKY
uCvBzNnsSwfTDamBtN2ATeiQ4MO5bNjV9BBSV0DItaMWx3aWr5xz63S22vFVNBmU
1AVqMIWJem3VP+u9Z2u5N7oJfkTPQgUwZhN9CMWbDy06xzpF+YmkG2HR8CW0Jo5y
6MaIkl6k7LLbK2GEBZ3TcGVm4UXn5QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKm2
P2HTFQ6W0vyhaq8zmhvyFgV1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xOENBRUZBMEY1QzgxMUVGOEYxOEE2NTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcCqMA0GCSqGSIb3DQEBCwUA
A4IBAQCcwoqjufddrvWVoq+3Zdnk+bNEBaCV7Sot73AFPwIp4s5Z6y5nVaob9H05
vqtG+/sgUXneL3WlCAsmMTprIjtw6sDUf8UvK8ILKCDxdSMpDbBTjlwXiXh7We4n
vozLJaxrclAIRLUTIVilVDtnFdjdLKzM1TDG/1Q0Wt3os0WIoeVqdwh7voUybD6m
9KbZ45zKjdFApfLFa4h7StrLzpyIIZQtrPv7aGWycIeYEvx4KoBcJK9x0HCT/s3I
5IQu4G4mBqkACjplWFpKE+1IpU7Si19ps4Ms+F+EElYyNxmBrqUYQq90Xj4P0dwu
obXHJi5UOHIY+M1O6lEhOUGbrMNW
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:18:49 2025 by rpki-client