Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24DD0CB0D01B11EFB4680A78762E951A.roa
File: 24DD0CB0D01B11EFB4680A78762E951A.roa (raw, json)
Hash identifier: xdJJ5ygNQQg7AMiaIqwUhJygcs8H12ROr9Xo9silr0A=
Subject key identifier: 26:D5:A7:0B:CA:C3:C0:32:2F:99:6E:96:39:C4:DF:0E:B1:DB:27:02
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0105F8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24DD0CB0D01B11EFB4680A78762E951A.roa
Signing time: Sat 11 Jan 2025 12:54:07 +0000
ROA not before: Sat 11 Jan 2025 12:54:03 +0000
ROA not after: Sat 25 Jan 2025 12:54:03 +0000
asID: 139646
IP address blocks: 45.200.14.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67064 (0x105f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 12:54:03 2025 GMT
Not After : Jan 25 12:54:03 2025 GMT
Subject: CN=678269ef-6a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:90:b0:cf:fc:40:70:86:00:7a:1c:a4:dd:10:
68:81:9b:88:c3:8f:2a:1c:a6:41:4e:9f:1c:28:bb:
d9:e5:bf:ab:e4:0f:ec:4e:f9:95:99:4a:bf:78:77:
39:ae:e2:6a:0b:a6:17:90:ad:77:83:57:f0:0c:f8:
52:c7:ab:55:f6:db:42:d3:01:ee:ed:bc:32:9c:d0:
23:aa:b3:88:e9:17:1e:0a:f9:9b:2c:ac:41:fb:af:
3d:c8:bd:a9:cb:5e:e0:19:e5:68:7f:53:87:c3:46:
a4:c3:72:c4:e6:5f:06:89:ea:17:53:31:b8:84:f6:
8f:7d:3a:cd:ca:b3:3f:eb:32:d7:33:ff:24:60:73:
85:d2:2b:a5:95:c6:c3:b7:27:2e:b3:32:f5:63:79:
26:3e:6f:95:ca:cc:f8:b9:d0:5f:7f:09:c5:06:38:
cb:90:41:4e:d0:23:09:83:32:cd:d4:4e:13:6b:72:
bf:ab:96:3f:30:42:8b:c9:cf:5d:b2:0d:e0:4d:7e:
95:f0:6c:be:29:83:60:16:22:f3:96:ad:44:25:c3:
d1:cf:29:0b:cc:d4:d7:86:43:41:81:86:eb:fa:bc:
dd:98:77:cb:04:a7:50:89:25:28:22:00:00:f0:bc:
19:5b:50:88:67:50:13:9c:67:92:39:f3:c7:44:34:
6e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D5:A7:0B:CA:C3:C0:32:2F:99:6E:96:39:C4:DF:0E:B1:DB:27:02
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24DD0CB0D01B11EFB4680A78762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.14.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:ad:9e:9b:80:75:76:2a:ce:bd:1a:de:da:bb:bf:e9:f0:4e:
35:e4:ee:c4:dc:cc:40:cb:e5:00:a6:25:45:8b:a3:a3:ee:ca:
4d:f0:94:33:ea:cc:5f:68:3e:58:a5:00:33:75:67:75:43:56:
27:30:b4:d6:d5:ca:0c:98:e8:11:af:1d:c1:f4:f7:0f:dd:70:
da:bc:b6:c4:96:72:ab:05:40:3d:67:61:e7:74:53:52:88:95:
30:07:d8:34:cd:52:a9:e6:19:59:18:ee:b8:19:27:46:47:65:
e4:0f:5e:5c:bf:c8:ca:39:c3:29:ff:ae:b6:4c:15:79:55:3f:
7f:52:21:bd:e9:f9:54:44:71:1c:19:12:50:95:cf:97:27:4b:
68:03:e9:b4:aa:4b:da:96:3d:85:5f:25:a9:d5:a3:9f:4c:9e:
23:8b:ea:6f:62:31:cc:3a:cb:27:79:63:ed:7b:fe:2d:4f:47:
51:2c:e2:c1:06:76:3e:45:1f:a4:4f:df:3a:ed:45:08:f9:d1:
a2:32:ef:44:7a:06:08:8c:9e:41:6a:26:d1:cc:42:9f:a4:0c:
76:b0:7e:a7:be:3e:3b:7d:80:a6:f5:3b:50:d4:77:4b:ce:fd:
4a:11:f9:05:78:0a:e0:86:dd:d4:41:b8:87:8e:02:72:7e:5a:
99:01:57:cf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQX4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTI1NDAzWhcNMjUwMTI1MTI1NDAzWjAYMRYw
FAYDVQQDEw02NzgyNjllZi02YTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA25Cwz/xAcIYAehyk3RBogZuIw48qHKZBTp8cKLvZ5b+r5A/sTvmVmUq/
eHc5ruJqC6YXkK13g1fwDPhSx6tV9ttC0wHu7bwynNAjqrOI6RceCvmbLKxB+689
yL2py17gGeVof1OHw0akw3LE5l8GieoXUzG4hPaPfTrNyrM/6zLXM/8kYHOF0iul
lcbDtycuszL1Y3kmPm+Vysz4udBffwnFBjjLkEFO0CMJgzLN1E4Ta3K/q5Y/MEKL
yc9dsg3gTX6V8Gy+KYNgFiLzlq1EJcPRzykLzNTXhkNBgYbr+rzdmHfLBKdQiSUo
IgAA8LwZW1CIZ1ATnGeSOfPHRDRuKwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCbV
pwvKw8AyL5luljnE3w6x2ycCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNEREMENCMEQwMUIxMUVGQjQ2ODBBNzg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcgOMA0GCSqGSIb3DQEBCwUA
A4IBAQCarZ6bgHV2Ks69Gt7au7/p8E415O7E3MxAy+UApiVFi6Oj7spN8JQz6sxf
aD5YpQAzdWd1Q1YnMLTW1coMmOgRrx3B9PcP3XDavLbElnKrBUA9Z2HndFNSiJUw
B9g0zVKp5hlZGO64GSdGR2XkD15cv8jKOcMp/662TBV5VT9/UiG96flURHEcGRJQ
lc+XJ0toA+m0qkvalj2FXyWp1aOfTJ4ji+pvYjHMOssneWPte/4tT0dRLOLBBnY+
RR+kT9867UUI+dGiMu9EegYIjJ5BaibRzEKfpAx2sH6nvj47fYCm9TtQ1HdLzv1K
EfkFeArght3UQbiHjgJyflqZAVfP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:42 2025 by rpki-client