Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E3BF474C47711EF96FB856B762E951A.roa
File: 2E3BF474C47711EF96FB856B762E951A.roa (raw, json)
Hash identifier: IS6yf3WiWTS1uAiQXgodI9hcjF+Kmg17N34Hn11Dk7E=
Subject key identifier: 10:A3:95:04:9D:F8:6C:D8:A2:0D:61:7C:0C:04:C5:BB:79:C6:4D:9D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F0E6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E3BF474C47711EF96FB856B762E951A.roa
Signing time: Fri 27 Dec 2024 17:22:43 +0000
ROA not before: Fri 27 Dec 2024 17:22:39 +0000
ROA not after: Thu 30 Jan 2025 17:22:39 +0000
asID: 984
IP address blocks: 45.195.246.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61670 (0xf0e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 17:22:39 2024 GMT
Not After : Jan 30 17:22:39 2025 GMT
Subject: CN=676ee263-c49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:85:2d:fc:3e:72:48:ea:f8:04:97:9e:dc:2c:
51:c9:b9:b3:d4:6f:8e:3a:23:c5:9e:25:a3:43:2d:
dd:f2:65:fa:dc:a0:af:11:1b:09:cb:1f:15:78:d8:
cd:a0:fb:fe:e9:4e:84:cd:f9:6b:4c:a5:8f:c4:b2:
dc:fd:58:8e:c8:8d:db:38:46:d5:42:6f:10:51:79:
f4:64:fb:9b:d4:b4:88:86:b1:62:97:0a:34:e1:fd:
16:d3:41:cf:81:2f:bb:af:7a:36:4f:65:8e:83:92:
70:fe:bd:12:35:61:72:6e:eb:e2:30:9b:bc:61:a6:
c5:02:a6:2d:01:e6:92:83:68:ac:9a:67:66:cb:90:
95:20:5a:af:9e:07:d4:80:e8:bf:aa:a4:8b:46:7b:
b8:10:da:b8:37:b4:8f:5b:3e:ed:c8:e1:fc:e9:5b:
60:69:7c:88:02:23:b7:08:28:0a:79:01:82:68:6d:
ca:a6:f4:f2:cc:af:31:9b:b9:b5:e9:e6:d7:f6:37:
d9:05:9f:b2:d2:39:3a:06:ba:5f:4e:9f:bb:de:63:
fe:77:79:aa:4a:8e:73:47:f3:5e:c1:b9:6c:17:0e:
a4:12:25:e6:f1:99:0d:ab:a7:54:7b:6b:1f:78:21:
cf:25:ee:ae:15:c1:20:52:0b:1b:59:76:30:38:e0:
9c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A3:95:04:9D:F8:6C:D8:A2:0D:61:7C:0C:04:C5:BB:79:C6:4D:9D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E3BF474C47711EF96FB856B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.246.0/23
Signature Algorithm: sha256WithRSAEncryption
11:d3:78:3f:6b:37:f4:18:e7:cf:79:3b:be:61:67:ea:37:0a:
08:b1:1f:bd:bb:75:68:d5:ea:f5:d5:12:5f:03:45:6e:05:fa:
2b:a9:44:00:0e:72:18:f5:e5:ce:b1:77:0e:0d:75:ea:0d:3b:
54:61:33:00:f7:f9:41:fb:20:f6:62:ab:d0:06:72:99:14:98:
71:21:b3:21:24:41:10:89:17:bb:6f:dc:1e:4e:90:9c:70:2e:
45:99:e7:15:70:b3:8b:26:d4:10:d7:91:80:b0:89:89:f6:ec:
a7:3e:2d:1a:3b:20:c4:3b:a4:35:0e:e0:8b:82:6d:f5:88:82:
10:63:15:e8:b6:b6:1c:d9:d1:e5:1e:05:56:bf:2d:94:76:3c:
3d:b8:a0:70:14:cb:1e:d0:13:01:8e:66:84:f4:44:0d:c2:c3:
8b:8c:39:14:d8:c6:42:1e:e6:70:de:17:fa:13:97:e9:45:11:
27:e0:96:15:d1:d7:12:7f:a4:60:82:e9:c9:b6:ff:8b:3d:d2:
05:f9:6c:c4:1d:0f:67:b4:f9:07:fb:49:8a:ab:6f:7e:f7:04:
b4:f2:69:8f:bb:5d:5a:00:12:a6:68:5e:a8:22:f4:04:3a:f5:
9f:0b:e8:6b:bb:ba:26:85:f1:83:4e:e7:07:da:ed:0d:78:79:
89:2f:40:d1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPDmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MTcyMjM5WhcNMjUwMTMwMTcyMjM5WjAYMRYw
FAYDVQQDEw02NzZlZTI2My1jNDljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6YUt/D5ySOr4BJee3CxRybmz1G+OOiPFniWjQy3d8mX63KCvERsJyx8V
eNjNoPv+6U6EzflrTKWPxLLc/ViOyI3bOEbVQm8QUXn0ZPub1LSIhrFilwo04f0W
00HPgS+7r3o2T2WOg5Jw/r0SNWFybuviMJu8YabFAqYtAeaSg2ismmdmy5CVIFqv
ngfUgOi/qqSLRnu4ENq4N7SPWz7tyOH86VtgaXyIAiO3CCgKeQGCaG3KpvTyzK8x
m7m16ebX9jfZBZ+y0jk6BrpfTp+73mP+d3mqSo5zR/NewblsFw6kEiXm8ZkNq6dU
e2sfeCHPJe6uFcEgUgsbWXYwOOCcyQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBCj
lQSd+GzYog1hfAwExbt5xk2dMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRTNCRjQ3NEM0NzcxMUVGOTZGQjg1NkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcP2MA0GCSqGSIb3DQEBCwUA
A4IBAQAR03g/azf0GOfPeTu+YWfqNwoIsR+9u3Vo1er11RJfA0VuBforqUQADnIY
9eXOsXcODXXqDTtUYTMA9/lB+yD2YqvQBnKZFJhxIbMhJEEQiRe7b9weTpCccC5F
mecVcLOLJtQQ15GAsImJ9uynPi0aOyDEO6Q1DuCLgm31iIIQYxXotrYc2dHlHgVW
vy2Udjw9uKBwFMse0BMBjmaE9EQNwsOLjDkU2MZCHuZw3hf6E5fpRREn4JYV0dcS
f6RggunJtv+LPdIF+WzEHQ9ntPkH+0mKq29+9wS08mmPu11aABKmaF6oIvQEOvWf
C+hru7omhfGDTucH2u0NeHmJL0DR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:00 2025 by rpki-client