Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F8A34C6EFAC11EFAEBDE974762E951A.roa
File: 1F8A34C6EFAC11EFAEBDE974762E951A.roa (raw, json)
Hash identifier: LztEMNepjvRaDTZRNmcOv0yujJoBle7TY/WA7YsaOHs=
Subject key identifier: D8:6C:E5:28:15:8A:46:3B:56:B5:1C:BE:56:9F:36:32:1D:2A:4E:FD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0126C3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F8A34C6EFAC11EFAEBDE974762E951A.roa
Signing time: Thu 20 Feb 2025 17:00:01 +0000
ROA not before: Thu 20 Feb 2025 16:59:58 +0000
ROA not after: Mon 31 Mar 2025 16:59:58 +0000
asID: 7018
IP address blocks: 45.196.144.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75459 (0x126c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 20 16:59:58 2025 GMT
Not After : Mar 31 16:59:58 2025 GMT
Subject: CN=67b75f91-b13f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:17:d0:e9:b1:03:23:46:f7:23:ae:7c:3b:a7:
c5:ef:7b:02:78:22:38:d3:c9:e8:c1:0a:23:f4:66:
81:6a:82:88:d6:db:04:a7:9d:30:8d:81:4c:e3:0a:
b7:2f:75:9c:9a:9e:b1:04:e7:f0:29:1d:97:ea:4e:
e7:ed:b1:0e:e2:a1:8d:44:30:71:28:51:0a:3c:71:
e9:38:f1:73:44:e0:69:1b:77:0a:bb:56:8d:71:09:
4a:80:61:80:20:19:61:ca:5f:c6:63:9f:26:4e:7f:
bf:dd:72:17:09:6d:0f:4b:65:7e:17:f3:5b:cd:57:
47:c5:d5:cc:67:52:b8:00:d8:35:92:af:cf:a3:b8:
11:d7:9c:38:43:78:8e:4e:dc:6c:7d:e2:46:b4:d3:
ee:82:35:a7:f3:ae:ff:5d:32:8e:c8:c0:f7:b0:0b:
f2:8d:da:2f:66:4e:91:0b:7f:4a:bd:44:8b:58:48:
9f:a4:3a:2c:ba:9b:67:15:48:2a:72:1f:24:dc:a7:
6b:b2:02:26:c4:a3:36:3e:62:a6:90:41:80:78:4f:
79:b8:2f:59:dc:75:4d:eb:36:96:0f:7d:78:98:70:
1d:79:15:c9:44:8f:93:6b:41:55:7d:ca:ca:5c:a4:
5a:e6:4d:f4:6e:8e:63:9c:37:e0:b9:4a:34:60:0d:
39:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6C:E5:28:15:8A:46:3B:56:B5:1C:BE:56:9F:36:32:1D:2A:4E:FD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F8A34C6EFAC11EFAEBDE974762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.144.0/21
Signature Algorithm: sha256WithRSAEncryption
93:83:01:f2:31:21:ae:a7:b0:b3:cc:e3:bf:a1:c1:f4:78:f7:
98:90:5e:17:8f:a1:5d:c6:0d:ac:11:50:dc:19:a5:d9:84:c7:
be:91:94:8f:0b:a1:32:fd:c0:53:d1:35:a0:9e:23:c9:f4:c7:
b9:92:8c:70:d4:b7:3f:b8:12:4d:e3:86:d7:6b:e1:70:03:fe:
d9:0b:ce:f1:0a:09:52:d2:cf:eb:be:13:94:37:18:1b:dd:2b:
a3:c0:47:59:9d:c0:79:5f:d1:e6:f1:80:f0:dc:23:50:65:52:
6e:64:29:8b:50:0f:ea:22:b2:cd:89:d1:b5:b3:3e:17:ea:0c:
44:7c:f7:5e:cc:b2:aa:1d:59:8e:70:33:4c:29:0c:6a:b2:18:
f2:19:90:c0:b0:32:d5:7d:1a:ab:0a:69:0d:a7:b3:cc:8f:75:
3f:e9:4a:92:56:13:d6:74:31:15:6c:e7:35:30:9e:7e:b1:8a:
9e:43:4c:3d:83:1f:69:83:34:03:34:2c:08:2f:93:4e:97:f3:
f4:77:bd:16:ba:0e:c9:fa:fe:ae:00:ce:b6:93:9a:94:2f:eb:
fd:04:35:bf:5f:d8:3d:04:3b:87:58:88:03:55:00:97:42:1d:
d0:f9:98:38:f5:9b:a0:ba:66:bf:ad:e7:17:ac:b8:f6:51:2c:
4f:8a:3a:27
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASbDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjIwMTY1OTU4WhcNMjUwMzMxMTY1OTU4WjAYMRYw
FAYDVQQDEw02N2I3NWY5MS1iMTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtxfQ6bEDI0b3I658O6fF73sCeCI408nowQoj9GaBaoKI1tsEp50wjYFM
4wq3L3Wcmp6xBOfwKR2X6k7n7bEO4qGNRDBxKFEKPHHpOPFzROBpG3cKu1aNcQlK
gGGAIBlhyl/GY58mTn+/3XIXCW0PS2V+F/NbzVdHxdXMZ1K4ANg1kq/Po7gR15w4
Q3iOTtxsfeJGtNPugjWn867/XTKOyMD3sAvyjdovZk6RC39KvUSLWEifpDosuptn
FUgqch8k3KdrsgImxKM2PmKmkEGAeE95uC9Z3HVN6zaWD314mHAdeRXJRI+Ta0FV
fcrKXKRa5k30bo5jnDfguUo0YA05qwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNhs
5SgVikY7VrUcvlafNjIdKk79MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRjhBMzRDNkVGQUMxMUVGQUVCREU5NzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcSQMA0GCSqGSIb3DQEBCwUA
A4IBAQCTgwHyMSGup7CzzOO/ocH0ePeYkF4Xj6Fdxg2sEVDcGaXZhMe+kZSPC6Ey
/cBT0TWgniPJ9Me5koxw1Lc/uBJN44bXa+FwA/7ZC87xCglS0s/rvhOUNxgb3Suj
wEdZncB5X9Hm8YDw3CNQZVJuZCmLUA/qIrLNidG1sz4X6gxEfPdezLKqHVmOcDNM
KQxqshjyGZDAsDLVfRqrCmkNp7PMj3U/6UqSVhPWdDEVbOc1MJ5+sYqeQ0w9gx9p
gzQDNCwIL5NOl/P0d70Wug7J+v6uAM62k5qUL+v9BDW/X9g9BDuHWIgDVQCXQh3Q
+Zg49Zuguma/recXrLj2USxPijon
-----END CERTIFICATE-----
Generated at Fri May 9 07:07:46 2025 by rpki-client