Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/230C229AD00C11EFB1BF729A762E951A.roa
File: 230C229AD00C11EFB1BF729A762E951A.roa (raw, json)
Hash identifier: IqH1uMcuHguGjXumD/iEXDxki/Vzz/8JA+QqQSHbLdo=
Subject key identifier: 8E:AE:E0:F9:5C:E2:39:E1:2E:2C:F0:80:D5:7F:E4:8A:3D:04:BB:45
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0105C8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/230C229AD00C11EFB1BF729A762E951A.roa
Signing time: Sat 11 Jan 2025 11:06:42 +0000
ROA not before: Sat 11 Jan 2025 11:06:38 +0000
ROA not after: Sat 25 Jan 2025 11:06:38 +0000
asID: 54801
IP address blocks: 45.201.216.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67016 (0x105c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 11:06:38 2025 GMT
Not After : Jan 25 11:06:38 2025 GMT
Subject: CN=678250c2-f67d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:81:3c:6b:ac:a0:90:e0:5e:00:22:51:67:cd:
17:73:52:ad:e2:cb:80:57:c8:82:84:fd:63:e5:f9:
ef:45:d8:32:41:dd:56:be:4f:2a:6e:10:a3:ee:65:
a8:a2:d8:6f:e8:d9:20:22:fc:12:b6:51:9e:f8:f9:
8a:c5:96:7a:d5:6a:25:d7:79:b8:8e:b5:e1:37:0f:
59:18:a6:54:b1:7b:f3:d9:d1:ad:5c:4d:8e:d4:88:
58:26:09:20:9d:c8:dc:8c:a3:ce:aa:a8:21:40:81:
b7:e7:63:5e:ad:29:87:78:0f:e2:31:ce:e9:84:fa:
79:ec:74:76:6b:dd:98:e9:c4:65:ea:28:65:9a:f9:
a0:0c:54:ae:b3:c0:9a:85:a1:33:94:0e:ff:09:2f:
20:21:ef:8c:ab:54:e7:3a:9c:42:f3:76:be:5b:6b:
a7:d0:86:5f:14:4d:d4:54:40:02:a6:1a:4f:3d:f7:
83:17:88:ce:6c:cd:66:c1:1c:28:ed:74:51:dc:24:
7f:d0:2f:14:a5:b1:bb:5d:e1:72:95:79:a2:bc:6d:
db:40:0b:6c:83:c9:93:36:de:f9:69:66:05:64:ed:
d5:10:49:32:74:22:89:b8:0e:76:59:78:e1:85:12:
24:82:f2:7c:af:10:9b:e8:99:57:15:f6:9f:57:33:
4f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:AE:E0:F9:5C:E2:39:E1:2E:2C:F0:80:D5:7F:E4:8A:3D:04:BB:45
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/230C229AD00C11EFB1BF729A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.216.0/21
Signature Algorithm: sha256WithRSAEncryption
55:45:af:51:e9:f7:77:53:fb:e4:9e:bf:4e:b8:8f:9f:e0:d1:
ba:6a:85:ae:c8:f2:ed:2c:d3:0e:6b:33:e0:8b:3d:85:9d:06:
66:51:4b:0b:25:20:69:e9:a8:2c:9f:ca:a3:ce:b9:b2:2a:aa:
91:91:8f:54:54:a7:87:4c:cc:c6:3a:4b:1e:09:2b:85:69:45:
e0:b3:cd:4a:20:c0:f0:28:ff:75:3f:68:18:4b:ad:28:f5:db:
0a:35:eb:5f:14:ae:53:63:af:6e:f8:0e:8b:49:d6:fa:51:26:
a4:c4:9b:0b:ba:0a:31:69:e1:93:63:b9:09:88:a2:41:af:2d:
a6:16:2b:e2:64:42:db:8f:43:0e:0b:e4:d6:b6:8d:0e:3a:44:
3e:87:1e:db:9c:24:ad:46:bb:5a:41:29:20:24:8b:b1:27:0b:
50:21:a7:e8:46:a1:9e:fb:24:f1:7e:f6:57:34:4d:40:8c:7e:
fe:a7:5e:55:7d:33:a7:6d:86:f4:44:38:c0:75:15:5b:68:20:
42:fc:7e:f2:3c:84:ee:e4:8c:25:6c:f5:96:69:02:7f:06:67:
00:9f:21:54:23:7d:50:03:01:65:6f:99:1d:db:71:32:91:92:
2d:f3:9b:6d:56:a7:d3:bb:b0:95:81:8d:2e:ff:e2:45:42:1e:
3a:e8:f3:39
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQXIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTEwNjM4WhcNMjUwMTI1MTEwNjM4WjAYMRYw
FAYDVQQDEw02NzgyNTBjMi1mNjdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvIE8a6ygkOBeACJRZ80Xc1Kt4suAV8iChP1j5fnvRdgyQd1Wvk8qbhCj
7mWoothv6NkgIvwStlGe+PmKxZZ61Wol13m4jrXhNw9ZGKZUsXvz2dGtXE2O1IhY
JgkgncjcjKPOqqghQIG352NerSmHeA/iMc7phPp57HR2a92Y6cRl6ihlmvmgDFSu
s8CahaEzlA7/CS8gIe+Mq1TnOpxC83a+W2un0IZfFE3UVEACphpPPfeDF4jObM1m
wRwo7XRR3CR/0C8UpbG7XeFylXmivG3bQAtsg8mTNt75aWYFZO3VEEkydCKJuA52
WXjhhRIkgvJ8rxCb6JlXFfafVzNPgQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI6u
4Plc4jnhLizwgNV/5Io9BLtFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMzBDMjI5QUQwMEMxMUVGQjFCRjcyOUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcnYMA0GCSqGSIb3DQEBCwUA
A4IBAQBVRa9R6fd3U/vknr9OuI+f4NG6aoWuyPLtLNMOazPgiz2FnQZmUUsLJSBp
6agsn8qjzrmyKqqRkY9UVKeHTMzGOkseCSuFaUXgs81KIMDwKP91P2gYS60o9dsK
NetfFK5TY69u+A6LSdb6USakxJsLugoxaeGTY7kJiKJBry2mFiviZELbj0MOC+TW
to0OOkQ+hx7bnCStRrtaQSkgJIuxJwtQIafoRqGe+yTxfvZXNE1AjH7+p15VfTOn
bYb0RDjAdRVbaCBC/H7yPITu5IwlbPWWaQJ/BmcAnyFUI31QAwFlb5kd23EykZIt
85ttVqfTu7CVgY0u/+JFQh466PM5
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:24 2025 by rpki-client