Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/319C0B32F5C211EF8FA50FB1762E951A.roa
File: 319C0B32F5C211EF8FA50FB1762E951A.roa (raw, json)
Hash identifier: iW01xlFzLmkbcAjKy6v0MVVw5pRkvvNCZg91lGoL8u8=
Subject key identifier: D8:7A:07:74:F8:85:DE:53:F7:3A:32:16:F8:BA:BC:DB:9F:6B:C4:DC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013D21
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/319C0B32F5C211EF8FA50FB1762E951A.roa
Signing time: Fri 28 Feb 2025 10:53:08 +0000
ROA not before: Fri 28 Feb 2025 10:53:04 +0000
ROA not after: Sun 30 Mar 2025 10:53:04 +0000
asID: 138995
IP address blocks: 45.192.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81185 (0x13d21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 10:53:04 2025 GMT
Not After : Mar 30 10:53:04 2025 GMT
Subject: CN=67c19594-d643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:19:61:37:7d:71:9c:ec:00:30:c3:60:5c:3a:
56:5f:01:b0:81:e4:f4:6c:c0:f1:3f:a2:fb:7c:aa:
12:7c:76:a5:c5:e2:4c:b3:da:5f:48:41:6f:01:81:
d9:93:2a:45:ba:b3:09:01:56:dc:db:24:2e:30:a6:
c3:15:42:13:65:35:d1:ed:0a:d0:67:16:c6:26:60:
53:31:35:17:76:9d:e9:e6:b9:82:29:18:e1:b0:ee:
97:1d:98:b9:c9:27:b8:4a:d8:6f:af:fe:35:ea:07:
5b:af:33:2b:7c:d7:8d:46:1e:b9:33:8a:a3:39:31:
8c:a6:2f:12:d1:a5:20:ef:9a:4d:dc:b7:7b:5e:25:
e9:6a:b5:6c:3c:57:a5:57:cd:c4:1f:a1:d4:cd:db:
67:6d:ff:33:3e:19:ff:87:48:87:41:30:16:12:b7:
d4:8b:80:01:04:27:ac:86:f8:aa:90:44:80:71:5f:
cb:14:91:fe:a0:6c:db:5e:aa:43:fa:2d:37:94:c8:
e1:03:39:a5:da:1d:9e:f3:89:26:8e:f7:e7:8d:dd:
bd:e8:c1:46:c7:a6:d9:60:85:83:33:d8:d1:35:b4:
fe:e5:d9:f7:cd:1e:ca:26:91:cf:f6:1b:8b:e7:5d:
38:eb:d1:cf:d3:01:13:fa:ea:6d:fc:97:16:82:49:
ca:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:7A:07:74:F8:85:DE:53:F7:3A:32:16:F8:BA:BC:DB:9F:6B:C4:DC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/319C0B32F5C211EF8FA50FB1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.216.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:a2:01:90:f4:f8:4d:ff:b4:64:2b:34:ea:81:b1:39:dc:32:
51:c1:a8:4b:1a:5f:31:c4:6f:28:36:54:29:44:2d:89:bc:e0:
75:d6:70:1b:24:8b:6e:1c:62:ac:6c:1b:f1:f9:70:7a:8e:1f:
65:80:76:a2:80:e0:a1:9c:65:b8:ed:01:53:76:87:f9:99:53:
10:93:61:34:80:09:6f:91:e8:3e:5d:cd:50:79:76:51:0b:70:
95:1d:df:9b:85:ba:49:99:fb:f9:97:9c:8b:da:cf:dd:39:b9:
c2:53:b4:81:2e:b4:5f:9e:be:9c:ec:b9:8e:cd:f1:de:36:bf:
d2:22:0f:ac:29:a2:c3:a6:81:c3:fc:25:7f:98:6f:30:86:af:
74:d0:e1:7b:68:02:e9:14:c3:a7:8d:4a:53:3b:b7:03:57:78:
a5:a4:79:37:2c:01:5d:23:82:4e:b3:64:d0:9d:c6:3f:03:af:
b4:fc:91:6e:97:67:3d:d2:a7:cb:02:37:0d:40:7e:24:2b:80:
b0:6c:fd:f8:0e:6e:40:27:d5:e5:c9:7e:53:2b:93:8d:d9:04:
a9:1f:7f:e9:6f:6e:70:45:e0:57:a6:2b:1d:be:19:77:e3:21:
74:e2:07:b8:f8:60:29:55:83:11:44:5c:55:66:4a:91:11:57:
85:29:59:2c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT0hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTA1MzA0WhcNMjUwMzMwMTA1MzA0WjAYMRYw
FAYDVQQDEw02N2MxOTU5NC1kNjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqRlhN31xnOwAMMNgXDpWXwGwgeT0bMDxP6L7fKoSfHalxeJMs9pfSEFv
AYHZkypFurMJAVbc2yQuMKbDFUITZTXR7QrQZxbGJmBTMTUXdp3p5rmCKRjhsO6X
HZi5ySe4Sthvr/416gdbrzMrfNeNRh65M4qjOTGMpi8S0aUg75pN3Ld7XiXparVs
PFelV83EH6HUzdtnbf8zPhn/h0iHQTAWErfUi4ABBCeshviqkESAcV/LFJH+oGzb
XqpD+i03lMjhAzml2h2e84kmjvfnjd296MFGx6bZYIWDM9jRNbT+5dn3zR7KJpHP
9huL510469HP0wET+upt/JcWgknKjQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNh6
B3T4hd5T9zoyFvi6vNufa8TcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMTlDMEIzMkY1QzIxMUVGOEZBNTBGQjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcDYMA0GCSqGSIb3DQEBCwUA
A4IBAQCaogGQ9PhN/7RkKzTqgbE53DJRwahLGl8xxG8oNlQpRC2JvOB11nAbJItu
HGKsbBvx+XB6jh9lgHaigOChnGW47QFTdof5mVMQk2E0gAlvkeg+Xc1QeXZRC3CV
Hd+bhbpJmfv5l5yL2s/dObnCU7SBLrRfnr6c7LmOzfHeNr/SIg+sKaLDpoHD/CV/
mG8whq900OF7aALpFMOnjUpTO7cDV3ilpHk3LAFdI4JOs2TQncY/A6+0/JFul2c9
0qfLAjcNQH4kK4CwbP34Dm5AJ9XlyX5TK5ON2QSpH3/pb25wReBXpisdvhl34yF0
4ge4+GApVYMRRFxVZkqREVeFKVks
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:21:18 2025 by rpki-client