Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1CE2445CCABD11EFA41F2449762E951A.roa
File: 1CE2445CCABD11EFA41F2449762E951A.roa (raw, json)
Hash identifier: rN7+14xLqBn50DGfWHxLbh06ZTpbjVW/DnW8S9b1lqQ=
Subject key identifier: 33:C1:2B:5A:05:DF:EE:A2:FC:13:94:FF:76:7B:3E:54:CC:83:97:E9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F700
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1CE2445CCABD11EFA41F2449762E951A.roa
Signing time: Sat 04 Jan 2025 16:58:25 +0000
ROA not before: Sun 05 Jan 2025 16:58:21 +0000
ROA not after: Thu 16 Jan 2025 16:58:21 +0000
asID: 5065
IP address blocks: 45.207.24.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63232 (0xf700)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 16:58:21 2025 GMT
Not After : Jan 16 16:58:21 2025 GMT
Subject: CN=677968b1-776a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dc:d6:b7:f3:f8:94:a3:23:10:35:56:60:3a:
a4:b1:18:f4:fe:bd:67:ab:7b:c6:4f:66:52:64:3c:
b4:b1:dd:0a:83:62:c6:5e:68:8c:4b:7e:27:9f:22:
d4:63:ae:84:c7:27:84:a6:68:3d:85:49:e6:26:d9:
c1:87:96:1d:dd:7c:b0:6b:fc:d5:d0:b6:25:ab:9c:
25:42:ba:de:3e:83:a3:3a:4a:c0:95:6c:48:a8:8a:
e1:ac:89:ee:a7:8d:d9:7d:ec:8b:70:71:cf:d6:a7:
9a:a5:3e:c4:40:43:b5:3c:4b:db:16:c4:d6:7a:6d:
7d:4c:27:3f:4c:7f:47:78:d7:04:0e:c5:ec:93:c2:
e5:e3:98:45:31:9f:62:e0:71:07:a4:7c:05:77:8d:
c2:4e:25:1c:d1:ab:53:a1:2f:9d:4e:38:d4:59:25:
14:10:4c:68:1f:25:1a:ec:41:96:e6:41:b9:73:df:
8d:ce:14:2e:de:e4:d6:01:00:88:5d:a6:3c:bf:5c:
ad:b0:a9:5d:60:40:0f:58:3e:ad:76:88:49:7a:bd:
a6:b3:5e:a5:3e:05:31:a0:cc:98:3c:c2:fc:3c:2a:
5e:95:7b:5f:38:80:1b:27:17:6d:e9:00:7a:28:c3:
df:85:a2:52:5e:cb:b6:1d:8f:19:f0:ef:d7:ed:8e:
7f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C1:2B:5A:05:DF:EE:A2:FC:13:94:FF:76:7B:3E:54:CC:83:97:E9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1CE2445CCABD11EFA41F2449762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.24.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:04:e0:55:7a:ec:5d:e5:df:66:cf:11:f2:22:2c:d5:35:8a:
b9:1f:32:a0:78:98:76:28:6d:0e:17:d3:9e:32:7c:02:b6:2f:
d9:f2:26:67:44:dc:e2:53:ba:05:d6:62:eb:de:d5:c5:b0:dd:
c8:dc:56:44:31:bd:6b:6c:88:9a:81:d2:21:d3:c6:38:ab:af:
46:16:3b:24:6f:6e:0c:33:13:92:8c:20:b9:9f:2d:1e:9a:c8:
84:1f:a3:6b:64:c0:ad:9a:40:e9:6c:a6:91:78:5f:ef:36:a2:
ac:64:f1:31:ba:1d:29:8d:6e:fb:d8:4a:fc:b5:77:7d:b5:c6:
26:84:3b:7d:4b:e0:93:ce:0f:c7:5a:2d:99:b1:09:4a:0f:20:
07:23:11:79:e4:d2:50:c4:57:19:26:07:66:cd:78:a5:a9:27:
1f:c3:f6:9e:4f:dc:85:14:a2:e2:8c:89:10:70:dc:39:f6:81:
ae:bb:fb:37:3d:c1:4f:d0:dd:e0:b0:51:68:a2:ae:a3:af:fb:
fc:37:6a:1f:07:a4:1f:7a:22:fd:3a:c2:2f:c4:2d:72:7e:6f:
06:1c:5c:38:e9:b2:24:58:6a:5c:d9:40:b0:f3:a8:c6:31:ab:
fd:d9:25:0d:fa:34:69:dd:18:e1:c5:a2:08:8e:d2:b0:40:3d:
94:77:2d:0a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPcAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTY1ODIxWhcNMjUwMTE2MTY1ODIxWjAYMRYw
FAYDVQQDEw02Nzc5NjhiMS03NzZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAydzWt/P4lKMjEDVWYDqksRj0/r1nq3vGT2ZSZDy0sd0Kg2LGXmiMS34n
nyLUY66ExyeEpmg9hUnmJtnBh5Yd3Xywa/zV0LYlq5wlQrrePoOjOkrAlWxIqIrh
rInup43ZfeyLcHHP1qeapT7EQEO1PEvbFsTWem19TCc/TH9HeNcEDsXsk8Ll45hF
MZ9i4HEHpHwFd43CTiUc0atToS+dTjjUWSUUEExoHyUa7EGW5kG5c9+NzhQu3uTW
AQCIXaY8v1ytsKldYEAPWD6tdohJer2ms16lPgUxoMyYPML8PCpelXtfOIAbJxdt
6QB6KMPfhaJSXsu2HY8Z8O/X7Y5//wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDPB
K1oF3+6i/BOU/3Z7PlTMg5fpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQ0UyNDQ1Q0NBQkQxMUVGQTQxRjI0NDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLc8YMA0GCSqGSIb3DQEBCwUA
A4IBAQCNBOBVeuxd5d9mzxHyIizVNYq5HzKgeJh2KG0OF9OeMnwCti/Z8iZnRNzi
U7oF1mLr3tXFsN3I3FZEMb1rbIiagdIh08Y4q69GFjskb24MMxOSjCC5ny0emsiE
H6NrZMCtmkDpbKaReF/vNqKsZPExuh0pjW772Er8tXd9tcYmhDt9S+CTzg/HWi2Z
sQlKDyAHIxF55NJQxFcZJgdmzXilqScfw/aeT9yFFKLijIkQcNw59oGuu/s3PcFP
0N3gsFFooq6jr/v8N2ofB6QfeiL9OsIvxC1yfm8GHFw46bIkWGpc2UCw86jGMav9
2SUN+jRp3RjhxaIIjtKwQD2Udy0K
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:37 2025 by rpki-client