Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D4F8F9ED00711EF897E437B762E951A.roa
File: 2D4F8F9ED00711EF897E437B762E951A.roa (raw, json)
Hash identifier: dzWD9eZM5ofYmaO7WetH5WaWcOq+M3cy7XiGWTUNdTI=
Subject key identifier: 3D:EE:B1:0A:73:0A:BB:F7:9E:0D:54:6C:35:FF:7F:11:0A:30:EE:67
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0105AC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D4F8F9ED00711EF897E437B762E951A.roa
Signing time: Sat 11 Jan 2025 10:31:11 +0000
ROA not before: Sat 11 Jan 2025 10:31:08 +0000
ROA not after: Sat 25 Jan 2025 10:31:08 +0000
asID: 54801
IP address blocks: 45.200.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66988 (0x105ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 10:31:08 2025 GMT
Not After : Jan 25 10:31:08 2025 GMT
Subject: CN=6782486f-ef9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d5:fd:98:fe:d9:1a:e7:80:b4:43:f8:62:17:
ec:52:bd:b9:9d:2d:a2:bf:ab:7a:75:9e:e9:96:ee:
e2:9b:f9:62:df:0c:04:ac:89:26:d9:08:fb:b2:be:
94:96:59:4b:7c:ac:89:c6:11:08:0e:71:f0:b0:4b:
81:24:dd:60:94:f9:45:25:20:38:56:71:17:28:17:
af:2d:85:30:7f:1d:cd:2d:9e:74:f3:d8:98:64:71:
38:02:45:2e:61:ff:c5:bd:f7:71:24:93:1d:ee:18:
d2:ab:b1:9a:b8:ee:5c:a1:fa:ef:61:60:5d:be:20:
ac:70:f3:9e:72:83:a3:f3:d2:12:ae:7f:18:eb:0a:
64:13:dd:cc:cf:11:94:08:fc:ce:e3:f1:9b:54:cf:
0f:81:b6:f5:e5:c1:3c:87:22:e0:73:4c:41:ab:49:
c9:d1:f3:3a:2c:d9:d0:a7:f8:d3:14:d2:01:37:90:
3d:f9:25:e5:27:5f:56:68:bd:7d:6f:14:04:97:e2:
df:3c:af:9a:89:e3:c4:0e:da:b2:43:65:fc:0e:61:
af:2f:4f:ef:48:9a:ec:79:eb:9d:42:62:4d:d9:7f:
ee:8c:a7:c3:bd:0a:35:87:23:3c:8a:c0:6e:96:6f:
36:08:c0:ff:92:68:03:79:aa:a1:ec:6e:3c:f9:16:
61:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:EE:B1:0A:73:0A:BB:F7:9E:0D:54:6C:35:FF:7F:11:0A:30:EE:67
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D4F8F9ED00711EF897E437B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.20.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:3c:10:27:3a:df:2b:86:48:e6:17:7a:44:cc:72:b1:a7:4e:
61:03:ac:a1:f1:63:ca:e3:48:99:dc:7e:fc:3d:83:5e:c8:23:
66:08:19:e4:25:6f:5e:66:c3:0d:21:6d:1f:60:33:d5:5a:d7:
bd:30:b0:05:45:09:42:ed:8e:93:1b:fc:42:3a:6a:36:4b:3f:
35:50:19:e2:4d:cd:dc:58:50:50:e9:14:b8:f7:d2:e9:e6:2d:
a8:44:5e:a2:51:5a:af:84:81:fe:43:63:ee:da:99:af:bf:09:
ae:e4:21:52:97:4e:f7:89:9d:96:4f:66:a7:24:f5:81:9c:39:
be:c6:17:13:36:7e:7d:69:bd:03:1d:24:7e:39:ef:63:05:de:
f7:36:52:c6:22:2e:c9:1b:5e:d4:90:55:57:75:d6:e0:e1:2f:
fa:a2:a3:24:20:2c:9c:92:ec:d8:7a:22:ad:7d:95:c2:f1:57:
ea:5e:5b:5a:a4:e3:b2:d3:12:4c:0e:49:0d:66:74:52:2e:20:
dc:b2:39:c2:36:3f:24:ed:ab:19:5e:c6:bf:05:bf:af:94:06:
77:be:a0:63:d6:2d:c5:a6:dd:06:69:f0:bd:be:49:53:5f:c0:
74:a9:30:a0:b1:b7:55:f9:32:0f:44:31:84:1c:32:10:54:f1:
b1:19:bb:51
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQWsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTAzMTA4WhcNMjUwMTI1MTAzMTA4WjAYMRYw
FAYDVQQDEw02NzgyNDg2Zi1lZjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6dX9mP7ZGueAtEP4YhfsUr25nS2iv6t6dZ7plu7im/li3wwErIkm2Qj7
sr6UlllLfKyJxhEIDnHwsEuBJN1glPlFJSA4VnEXKBevLYUwfx3NLZ5089iYZHE4
AkUuYf/FvfdxJJMd7hjSq7GauO5cofrvYWBdviCscPOecoOj89ISrn8Y6wpkE93M
zxGUCPzO4/GbVM8Pgbb15cE8hyLgc0xBq0nJ0fM6LNnQp/jTFNIBN5A9+SXlJ19W
aL19bxQEl+LfPK+aiePEDtqyQ2X8DmGvL0/vSJrseeudQmJN2X/ujKfDvQo1hyM8
isBulm82CMD/kmgDeaqh7G48+RZhyQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD3u
sQpzCrv3ng1UbDX/fxEKMO5nMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRDRGOEY5RUQwMDcxMUVGODk3RTQzN0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcgUMA0GCSqGSIb3DQEBCwUA
A4IBAQClPBAnOt8rhkjmF3pEzHKxp05hA6yh8WPK40iZ3H78PYNeyCNmCBnkJW9e
ZsMNIW0fYDPVWte9MLAFRQlC7Y6TG/xCOmo2Sz81UBniTc3cWFBQ6RS499Lp5i2o
RF6iUVqvhIH+Q2Pu2pmvvwmu5CFSl073iZ2WT2anJPWBnDm+xhcTNn59ab0DHSR+
Oe9jBd73NlLGIi7JG17UkFVXddbg4S/6oqMkICyckuzYeiKtfZXC8VfqXltapOOy
0xJMDkkNZnRSLiDcsjnCNj8k7asZXsa/Bb+vlAZ3vqBj1i3Fpt0GafC9vklTX8B0
qTCgsbdV+TIPRDGEHDIQVPGxGbtR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:14 2025 by rpki-client