Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/342C4BD6CE8111EFB4C42B4C762E951A.roa
File: 342C4BD6CE8111EFB4C42B4C762E951A.roa (raw, json)
Hash identifier: rxc/2rT5Ld49urmTLyYTTXZpEIl/3yd7wTs6vwIypPY=
Subject key identifier: 62:D9:77:25:84:03:D7:F1:21:C0:82:88:3E:36:A8:13:48:1B:25:23
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0103A3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/342C4BD6CE8111EFB4C42B4C762E951A.roa
Signing time: Thu 09 Jan 2025 11:59:39 +0000
ROA not before: Thu 09 Jan 2025 11:59:34 +0000
ROA not after: Sat 01 Feb 2025 11:59:34 +0000
asID: 17561
IP address blocks: 45.203.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66467 (0x103a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 11:59:34 2025 GMT
Not After : Feb 1 11:59:34 2025 GMT
Subject: CN=677fba2b-e5f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a0:a5:bb:91:0e:4b:83:2f:4d:90:aa:41:f4:
ee:38:76:30:c3:5e:d6:9d:ca:7a:e1:f0:29:dd:26:
f9:bc:22:e0:63:85:08:33:6d:df:8b:4a:2f:fb:46:
15:bc:f5:c6:11:ca:07:6c:96:10:6a:35:70:78:e6:
a9:b2:fa:5a:be:17:45:73:5c:53:2e:ec:42:f9:ab:
3f:fa:f6:fc:91:35:64:32:05:44:fc:53:fe:f0:59:
8a:62:e5:7d:5f:36:3d:3a:22:b5:fb:9a:f3:9c:f4:
a8:c2:ca:dc:19:0a:80:ab:1c:be:ee:ac:0a:51:ed:
be:cd:85:4a:b8:22:85:1a:31:9b:61:e9:96:d8:74:
f7:12:d6:0b:7d:19:e2:b4:8c:f8:fd:88:85:99:fc:
60:cf:c3:7a:55:14:ae:85:6f:47:dd:a9:fd:38:f1:
5d:a9:c5:3b:4f:0b:2d:03:42:91:66:5a:5d:96:5a:
7c:6e:e3:6e:2c:5e:60:28:a4:62:84:11:56:e1:c5:
7a:73:a1:47:85:f9:7a:98:a5:d7:18:ee:63:1b:2a:
6b:6b:bc:e1:d0:d4:f2:92:d4:ed:11:22:31:90:f3:
9f:b0:64:26:38:a6:97:1a:31:8d:10:f1:3e:52:18:
69:df:8b:f7:c3:68:4f:dc:f0:da:2a:8f:91:2a:69:
24:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:D9:77:25:84:03:D7:F1:21:C0:82:88:3E:36:A8:13:48:1B:25:23
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/342C4BD6CE8111EFB4C42B4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.14.0/24
Signature Algorithm: sha256WithRSAEncryption
13:e6:0e:ea:c3:64:25:95:56:db:57:f5:06:c7:10:dd:fe:f4:
80:32:d8:3d:82:33:83:55:b8:49:ae:30:c5:f4:32:9e:20:e1:
97:2e:89:ef:be:be:98:f7:4c:06:5f:ed:db:7c:dd:d6:cf:75:
cf:15:20:1b:0f:2f:95:1b:37:b9:d0:40:c7:5e:66:59:52:77:
cd:68:a9:09:21:f5:f4:1a:51:14:58:96:23:87:19:19:2c:fb:
c9:63:d4:8c:23:79:9c:74:4a:52:a0:6c:2b:6a:be:b8:6b:4f:
f8:29:00:cd:82:e3:c3:8a:15:fc:32:2a:86:0f:16:41:bc:b6:
e8:a3:92:3a:b6:96:c6:17:8d:2a:2b:96:ea:f8:9a:00:f2:07:
5d:48:fd:c0:62:fd:65:10:4b:8e:40:5b:55:01:20:a4:4c:2c:
08:6f:d2:67:e0:fe:78:ec:3d:28:b8:8d:02:ea:c1:64:cc:fe:
2a:0a:53:ba:90:61:ec:c7:c7:90:3f:60:36:91:cd:7f:2b:1a:
0d:e9:a0:2c:07:ee:e5:3e:2c:38:44:45:4f:f7:11:9a:24:9b:
01:a5:dc:37:7a:aa:e3:a6:a8:bb:18:b0:9b:13:0d:c7:36:e8:
b3:72:9e:74:09:2e:8f:11:2a:d0:a2:e5:25:f8:b6:37:ca:60:
08:7c:bd:51
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQOjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTE1OTM0WhcNMjUwMjAxMTE1OTM0WjAYMRYw
FAYDVQQDEw02NzdmYmEyYi1lNWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyaClu5EOS4MvTZCqQfTuOHYww17Wncp64fAp3Sb5vCLgY4UIM23fi0ov
+0YVvPXGEcoHbJYQajVweOapsvpavhdFc1xTLuxC+as/+vb8kTVkMgVE/FP+8FmK
YuV9XzY9OiK1+5rznPSowsrcGQqAqxy+7qwKUe2+zYVKuCKFGjGbYemW2HT3EtYL
fRnitIz4/YiFmfxgz8N6VRSuhW9H3an9OPFdqcU7TwstA0KRZlpdllp8buNuLF5g
KKRihBFW4cV6c6FHhfl6mKXXGO5jGypra7zh0NTyktTtESIxkPOfsGQmOKaXGjGN
EPE+Uhhp34v3w2hP3PDaKo+RKmkkJwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGLZ
dyWEA9fxIcCCiD42qBNIGyUjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNDJDNEJENkNFODExMUVGQjRDNDJCNEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcsOMA0GCSqGSIb3DQEBCwUA
A4IBAQAT5g7qw2QllVbbV/UGxxDd/vSAMtg9gjODVbhJrjDF9DKeIOGXLonvvr6Y
90wGX+3bfN3Wz3XPFSAbDy+VGze50EDHXmZZUnfNaKkJIfX0GlEUWJYjhxkZLPvJ
Y9SMI3mcdEpSoGwrar64a0/4KQDNguPDihX8MiqGDxZBvLboo5I6tpbGF40qK5bq
+JoA8gddSP3AYv1lEEuOQFtVASCkTCwIb9Jn4P547D0ouI0C6sFkzP4qClO6kGHs
x8eQP2A2kc1/KxoN6aAsB+7lPiw4REVP9xGaJJsBpdw3eqrjpqi7GLCbEw3HNuiz
cp50CS6PESrQouUl+LY3ymAIfL1R
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:40 2025 by rpki-client