Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E89B01CCE8411EF94FDAF5F762E951A.roa
File: 2E89B01CCE8411EF94FDAF5F762E951A.roa (raw, json)
Hash identifier: Jei2tfPtuzBnYDJjvTU5bO1C9Zf9H63o6/zrgvtZ6EQ=
Subject key identifier: 67:57:BD:63:15:B7:70:B5:A4:24:02:C5:8B:FB:32:F3:FD:D6:08:45
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0103BE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E89B01CCE8411EF94FDAF5F762E951A.roa
Signing time: Thu 09 Jan 2025 12:20:58 +0000
ROA not before: Thu 09 Jan 2025 12:20:55 +0000
ROA not after: Sat 01 Feb 2025 12:20:55 +0000
asID: 17561
IP address blocks: 45.203.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66494 (0x103be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 12:20:55 2025 GMT
Not After : Feb 1 12:20:55 2025 GMT
Subject: CN=677fbf2a-de23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3c:fe:e7:47:df:0f:d9:6e:4a:2f:0d:96:ab:
d3:e8:2b:28:73:46:2c:02:8b:e9:22:08:74:43:6b:
79:dc:b4:fc:88:0b:1e:a7:19:32:3a:50:ee:c9:66:
be:73:5b:3d:e9:85:ab:51:14:3e:f4:50:82:61:0a:
59:fd:a4:63:0e:07:88:71:52:cc:c4:7c:48:54:57:
a1:94:86:c0:f5:f7:4d:f8:e9:cc:65:6d:d3:f3:a1:
84:e8:b4:92:ed:c2:7a:3d:df:c7:da:df:e6:a6:2b:
59:54:e5:3a:33:85:c3:a6:c8:82:07:d6:5d:c0:6c:
15:9c:0a:fb:24:a0:da:66:60:15:cf:8d:c8:9b:6d:
6c:e4:42:49:0b:f2:25:67:4e:2a:d5:3f:3e:7b:ee:
fd:4b:63:a8:1d:2e:30:6f:03:98:19:b9:aa:59:eb:
71:7c:bd:e2:06:23:9d:cb:2d:d4:9d:ea:0c:7a:ab:
b2:36:21:89:59:d6:b6:23:c8:84:80:a6:79:ee:0f:
86:08:66:14:f4:28:83:93:c6:b6:76:7d:6a:f4:c4:
c1:d6:a4:41:7e:ac:42:0a:b5:24:fe:b6:0e:e2:4f:
88:0e:ba:90:99:30:0d:5c:24:ea:25:30:96:ee:f0:
25:98:0b:98:fb:d7:1a:97:4c:12:66:3e:04:e7:41:
d3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:57:BD:63:15:B7:70:B5:A4:24:02:C5:8B:FB:32:F3:FD:D6:08:45
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E89B01CCE8411EF94FDAF5F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.25.0/24
Signature Algorithm: sha256WithRSAEncryption
25:a5:c7:25:3f:3c:ca:20:df:8f:29:d6:5e:d8:5e:95:4f:c1:
e7:6d:ff:71:75:fe:e9:71:e9:8d:cd:63:b1:68:e5:6a:70:ee:
72:3d:b3:eb:69:58:68:8c:a1:b4:4e:94:c9:f5:7f:76:4d:5e:
5d:3a:fb:2d:ed:39:4f:92:aa:bd:73:77:4b:18:64:f5:c2:f8:
7b:8e:c4:e4:ec:ca:5c:0a:39:90:5d:f9:8f:4e:71:2e:06:56:
2b:c7:0b:39:45:71:04:40:78:4c:e0:de:f4:e1:3d:14:b4:bb:
a9:86:0c:88:76:3d:b4:61:d2:06:52:c2:f7:8b:12:ff:64:01:
5b:8b:b1:44:9d:40:66:00:f5:d3:72:dd:c7:81:ff:4c:76:5f:
eb:60:57:b4:4f:6a:99:c4:92:11:9d:f8:d3:57:1a:c5:ef:8f:
44:c5:cd:51:20:ef:9b:e0:b8:a1:69:88:fc:d1:d9:cc:ff:5a:
2e:52:89:ed:24:95:29:34:7f:8b:97:49:e4:69:43:99:d2:ee:
b4:3f:9a:3c:1d:25:f7:d0:03:1f:2d:46:84:35:06:87:a7:2b:
12:0c:16:ea:c2:79:88:1f:bc:36:db:ff:2b:24:fa:0e:a6:46:
87:42:13:a7:ca:88:e7:54:22:5f:03:cc:0c:6c:92:35:6a:2a:
f0:b7:10:d9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQO+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTIyMDU1WhcNMjUwMjAxMTIyMDU1WjAYMRYw
FAYDVQQDEw02NzdmYmYyYS1kZTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuzz+50ffD9luSi8NlqvT6Csoc0YsAovpIgh0Q2t53LT8iAsepxkyOlDu
yWa+c1s96YWrURQ+9FCCYQpZ/aRjDgeIcVLMxHxIVFehlIbA9fdN+OnMZW3T86GE
6LSS7cJ6Pd/H2t/mpitZVOU6M4XDpsiCB9ZdwGwVnAr7JKDaZmAVz43Im21s5EJJ
C/IlZ04q1T8+e+79S2OoHS4wbwOYGbmqWetxfL3iBiOdyy3UneoMequyNiGJWda2
I8iEgKZ57g+GCGYU9CiDk8a2dn1q9MTB1qRBfqxCCrUk/rYO4k+IDrqQmTANXCTq
JTCW7vAlmAuY+9cal0wSZj4E50HTbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGdX
vWMVt3C1pCQCxYv7MvP91ghFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRTg5QjAxQ0NFODQxMUVGOTRGREFGNUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcsZMA0GCSqGSIb3DQEBCwUA
A4IBAQAlpcclPzzKIN+PKdZe2F6VT8Hnbf9xdf7pcemNzWOxaOVqcO5yPbPraVho
jKG0TpTJ9X92TV5dOvst7TlPkqq9c3dLGGT1wvh7jsTk7MpcCjmQXfmPTnEuBlYr
xws5RXEEQHhM4N704T0UtLuphgyIdj20YdIGUsL3ixL/ZAFbi7FEnUBmAPXTct3H
gf9Mdl/rYFe0T2qZxJIRnfjTVxrF749Exc1RIO+b4LihaYj80dnM/1ouUontJJUp
NH+Ll0nkaUOZ0u60P5o8HSX30AMfLUaENQaHpysSDBbqwnmIH7w22/8rJPoOpkaH
QhOnyojnVCJfA8wMbJI1airwtxDZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:19 2025 by rpki-client