Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A83F828C99D11EFA0DF4FB3762E951A.roa
File: 3A83F828C99D11EFA0DF4FB3762E951A.roa (raw, json)
Hash identifier: PULcWBO3oE1UzJfexP3mlDx2pu3cvDTwX55aGGGYmIo=
Subject key identifier: 9B:DC:21:9B:CC:D4:21:E0:4F:7D:63:43:57:E9:96:C6:AA:49:69:6F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F64D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A83F828C99D11EFA0DF4FB3762E951A.roa
Signing time: Fri 03 Jan 2025 06:37:40 +0000
ROA not before: Fri 03 Jan 2025 06:37:36 +0000
ROA not after: Fri 17 Jan 2025 06:37:36 +0000
asID: 395886
IP address blocks: 45.207.192.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63053 (0xf64d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 06:37:36 2025 GMT
Not After : Jan 17 06:37:36 2025 GMT
Subject: CN=677785b4-d009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:aa:9f:39:37:2c:df:b9:80:4e:5d:75:fd:67:
9e:7a:71:75:af:f7:ab:ec:5a:59:87:bb:b2:0d:74:
52:da:51:23:f0:cd:d2:6d:2b:a2:ff:28:18:71:91:
97:cb:a4:ce:ee:60:7b:3f:39:b6:54:47:e2:39:78:
eb:fc:1e:e2:5e:8f:b7:02:22:e2:b2:b7:f6:c3:63:
e7:42:f6:03:cc:53:8b:3d:df:25:bb:3e:a7:40:71:
4f:a5:bd:76:f1:81:e6:69:1d:ed:ec:84:62:5e:5c:
82:cf:bb:ec:c4:cd:0f:a9:27:03:3c:34:a4:5e:af:
65:43:4c:71:be:b3:07:db:31:6c:70:e0:67:38:cc:
4e:10:d4:34:c4:76:39:9d:fc:59:d1:b3:34:61:de:
4b:5e:8d:c5:ee:42:cd:48:bd:ab:73:b6:95:53:65:
be:1d:e4:5d:42:bc:3a:b5:39:d4:78:09:c4:88:16:
1c:1b:d0:59:4f:e5:eb:43:66:f6:20:03:50:d3:77:
05:a2:cc:04:c3:91:97:4c:a6:fa:35:2d:ed:5c:5c:
ec:3b:4f:f0:0c:46:ef:00:79:f5:f0:c5:cc:39:65:
76:c0:07:36:78:da:33:cd:31:c6:bb:d8:c4:1e:c5:
24:8c:36:70:c5:dc:17:ba:02:ed:79:0d:1a:6b:f3:
c1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:DC:21:9B:CC:D4:21:E0:4F:7D:63:43:57:E9:96:C6:AA:49:69:6F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A83F828C99D11EFA0DF4FB3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.192.0/19
Signature Algorithm: sha256WithRSAEncryption
ab:22:8f:3f:88:9a:77:5e:28:ac:ef:5c:8e:2b:24:f7:18:d5:
9e:eb:0b:da:e1:7c:4d:be:d0:3d:49:d8:04:d1:e3:0e:ec:4a:
c9:fb:8a:eb:69:59:b6:17:0c:2b:43:8c:39:7a:3f:e3:be:ec:
f7:54:dc:11:48:e8:f3:bf:b3:64:a0:46:18:35:93:46:88:00:
f7:4c:98:fc:8e:b7:1a:f8:06:03:7d:d5:43:0f:f5:82:fc:01:
c6:e8:41:a3:54:14:48:b3:0e:36:e0:9a:1e:00:41:b6:6b:0a:
c6:0b:c6:81:91:71:dd:c7:f6:f1:fd:42:36:7c:4e:4a:24:e8:
ce:d7:5c:c7:5f:87:a1:96:f1:cb:93:ce:3e:ca:c3:f3:ee:1b:
de:6b:19:34:5b:a7:73:3e:4f:e5:77:c8:7d:a6:04:af:80:1e:
a6:47:c9:96:a0:48:cd:8c:1a:03:de:67:a8:a4:1c:f9:22:b5:
af:71:a8:c4:e1:32:fd:fe:02:f7:73:90:72:7b:77:ca:96:de:
39:25:da:5d:2c:3b:cb:33:9b:1e:3a:fe:57:33:69:70:e4:8b:
7e:0e:92:bb:29:9f:e1:5a:48:15:25:29:4a:85:31:31:70:58:
0f:91:1a:23:e6:56:d5:d9:3c:06:4a:2a:57:b0:d4:41:c7:91:
db:be:9c:fd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPZNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDYzNzM2WhcNMjUwMTE3MDYzNzM2WjAYMRYw
FAYDVQQDEw02Nzc3ODViNC1kMDA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtKqfOTcs37mATl11/WeeenF1r/er7FpZh7uyDXRS2lEj8M3SbSui/ygY
cZGXy6TO7mB7Pzm2VEfiOXjr/B7iXo+3AiLisrf2w2PnQvYDzFOLPd8luz6nQHFP
pb128YHmaR3t7IRiXlyCz7vsxM0PqScDPDSkXq9lQ0xxvrMH2zFscOBnOMxOENQ0
xHY5nfxZ0bM0Yd5LXo3F7kLNSL2rc7aVU2W+HeRdQrw6tTnUeAnEiBYcG9BZT+Xr
Q2b2IANQ03cFoswEw5GXTKb6NS3tXFzsO0/wDEbvAHn18MXMOWV2wAc2eNozzTHG
u9jEHsUkjDZwxdwXugLteQ0aa/PBgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJvc
IZvM1CHgT31jQ1fplsaqSWlvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQTgzRjgyOEM5OUQxMUVGQTBERjRGQjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLc/AMA0GCSqGSIb3DQEBCwUA
A4IBAQCrIo8/iJp3Xiis71yOKyT3GNWe6wva4XxNvtA9SdgE0eMO7ErJ+4rraVm2
FwwrQ4w5ej/jvuz3VNwRSOjzv7NkoEYYNZNGiAD3TJj8jrca+AYDfdVDD/WC/AHG
6EGjVBRIsw424JoeAEG2awrGC8aBkXHdx/bx/UI2fE5KJOjO11zHX4ehlvHLk84+
ysPz7hveaxk0W6dzPk/ld8h9pgSvgB6mR8mWoEjNjBoD3meopBz5IrWvcajE4TL9
/gL3c5Bye3fKlt45JdpdLDvLM5seOv5XM2lw5It+DpK7KZ/hWkgVJSlKhTExcFgP
kRoj5lbV2TwGSipXsNRBx5Hbvpz9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:16 2025 by rpki-client