Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33A7CD1E02FA11EFB8AFBE28017001B1.roa
File: 33A7CD1E02FA11EFB8AFBE28017001B1.roa (raw, json)
Hash identifier: sR7X76EZGEd5rx/tMuRtMDqeDfNRkG9NxSHQrY1E8GI=
Subject key identifier: F9:C7:36:8D:FC:8B:D4:5C:07:8C:B4:98:3A:95:3C:D9:27:0C:F2:9E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8527
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33A7CD1E02FA11EFB8AFBE28017001B1.roa
Signing time: Thu 25 Apr 2024 11:51:50 +0000
ROA not before: Thu 25 Apr 2024 11:51:47 +0000
ROA not after: Sun 05 May 2024 11:51:47 +0000
asID: 39600
IP address blocks: 45.204.72.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34087 (0x8527)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 25 11:51:47 2024 GMT
Not After : May 5 11:51:47 2024 GMT
Subject: CN=662a43d6-91c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:24:89:1a:74:20:58:8f:da:06:d8:07:d3:51:
95:1e:72:63:aa:5c:e0:68:33:e5:5e:ea:d9:27:7a:
ff:95:63:35:cb:6d:92:99:09:7b:b4:59:61:7c:ff:
34:30:fe:76:8c:6d:5e:da:26:b0:9e:83:9f:a6:9a:
d6:45:80:5f:3d:fb:1d:50:a5:9b:fe:51:ab:1b:2e:
4f:c9:a0:9d:cc:ee:11:70:f1:4c:9a:a7:e3:f9:7a:
33:a1:4c:d3:45:26:76:af:15:c6:ee:c7:d8:76:a6:
0c:12:81:05:f3:35:1e:8b:39:30:ea:30:04:8a:f7:
d6:29:56:5b:2f:79:68:a7:eb:20:49:e4:da:da:d7:
5f:a3:0c:8e:1b:4f:42:5c:06:d2:1a:31:25:71:83:
82:26:56:93:48:42:0c:13:0c:f1:5e:3f:36:a8:53:
dc:0f:c9:6d:72:3e:96:e9:7b:02:0d:3a:18:fe:a8:
c9:02:e3:9a:13:c9:6f:53:32:4b:d0:53:42:6e:36:
d6:c7:76:d2:da:5d:9a:5a:88:4e:9b:b6:15:ba:0f:
17:8b:6f:4b:69:f3:2a:12:cc:d5:d7:32:3d:50:03:
d1:e3:5d:03:4e:4f:cf:e5:e4:fd:dc:1b:b9:ea:6e:
7e:8f:89:1f:e4:64:64:89:c1:7b:e4:8a:06:43:0f:
4c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C7:36:8D:FC:8B:D4:5C:07:8C:B4:98:3A:95:3C:D9:27:0C:F2:9E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33A7CD1E02FA11EFB8AFBE28017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.72.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:81:21:e4:8c:07:9e:15:b3:31:5d:d8:2b:07:f5:e6:81:b5:
45:96:a3:13:c7:10:94:c9:91:ea:39:3a:8e:58:f4:00:a0:68:
84:59:77:b0:1f:bf:7c:6f:de:54:45:8c:5d:59:b9:0f:8a:f0:
cc:9d:a3:a8:5d:ee:2d:f1:94:94:57:f9:f2:57:03:f2:9e:a0:
bd:1a:2a:97:1f:b3:99:7b:0c:bd:a2:7c:f3:f1:c1:3a:27:97:
46:7a:a5:8d:2b:29:e7:7f:f0:a5:e2:87:c8:16:cf:3d:e4:ad:
a8:e6:2f:f1:b4:84:83:0d:60:64:10:b7:3f:5b:7e:19:70:ee:
9b:92:36:45:93:99:2c:eb:e0:79:70:6e:b6:ac:b6:e9:8f:6c:
08:65:c5:7f:3d:f7:de:c3:bc:15:49:45:d2:6a:c4:f6:dd:2b:
06:10:1d:4d:9c:16:bc:74:9b:33:ee:c8:2d:38:90:2d:7c:e9:
f6:d5:64:62:6c:c4:e1:ab:a1:71:08:4d:da:e4:b2:f9:20:14:
b1:87:ec:b0:68:04:dd:64:ae:ac:67:cb:bc:40:f8:ce:fe:e1:
00:45:c3:74:30:f3:69:80:1f:c9:85:8a:3e:92:eb:34:fb:ee:
0e:c3:73:58:44:2c:48:3e:08:12:7b:4d:63:8f:7d:b3:70:f6:
06:f9:be:3a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIUnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI1MTE1MTQ3WhcNMjQwNTA1MTE1MTQ3WjAYMRYw
FAYDVQQDEw02NjJhNDNkNi05MWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAySSJGnQgWI/aBtgH01GVHnJjqlzgaDPlXurZJ3r/lWM1y22SmQl7tFlh
fP80MP52jG1e2iawnoOfpprWRYBfPfsdUKWb/lGrGy5PyaCdzO4RcPFMmqfj+Xoz
oUzTRSZ2rxXG7sfYdqYMEoEF8zUeizkw6jAEivfWKVZbL3lop+sgSeTa2tdfowyO
G09CXAbSGjElcYOCJlaTSEIMEwzxXj82qFPcD8ltcj6W6XsCDToY/qjJAuOaE8lv
UzJL0FNCbjbWx3bS2l2aWohOm7YVug8Xi29LafMqEszV1zI9UAPR410DTk/P5eT9
3Bu56m5+j4kf5GRkicF75IoGQw9M7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPnH
No38i9RcB4y0mDqVPNknDPKeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zM0E3Q0QxRTAyRkExMUVGQjhBRkJFMjgwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcxIMA0GCSqGSIb3DQEBCwUA
A4IBAQAsgSHkjAeeFbMxXdgrB/XmgbVFlqMTxxCUyZHqOTqOWPQAoGiEWXewH798
b95URYxdWbkPivDMnaOoXe4t8ZSUV/nyVwPynqC9GiqXH7OZewy9onzz8cE6J5dG
eqWNKynnf/Cl4ofIFs895K2o5i/xtISDDWBkELc/W34ZcO6bkjZFk5ks6+B5cG62
rLbpj2wIZcV/Pffew7wVSUXSasT23SsGEB1NnBa8dJsz7sgtOJAtfOn21WRibMTh
q6FxCE3a5LL5IBSxh+ywaATdZK6sZ8u8QPjO/uEARcN0MPNpgB/JhYo+kus0++4O
w3NYRCxIPggSe01jj32zcPYG+b46
-----END CERTIFICATE-----
Generated at Mon May 6 02:29:25 2024 by rpki-client on console-fra.rpki-client.org