Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A9FBA96A19C11EFACE2C844762E951A.roa
File: 3A9FBA96A19C11EFACE2C844762E951A.roa (raw, json)
Hash identifier: G2hMam8WhFgdsCIvt4z1EtdtKITFiHb5O7byf4uLiT4=
Subject key identifier: 8A:FF:53:7E:BC:A5:F8:AB:D9:A8:BE:0C:7A:D5:D1:2A:B1:71:A4:92
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D256
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A9FBA96A19C11EFACE2C844762E951A.roa
Signing time: Wed 13 Nov 2024 08:49:44 +0000
ROA not before: Wed 13 Nov 2024 08:49:41 +0000
ROA not after: Sat 23 Nov 2024 08:49:41 +0000
asID: 142062
IP address blocks: 45.204.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53846 (0xd256)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 13 08:49:41 2024 GMT
Not After : Nov 23 08:49:41 2024 GMT
Subject: CN=67346828-bfc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cd:c2:7a:7a:7a:ce:94:7e:ec:3c:9a:8d:aa:
a4:1e:65:59:07:05:83:72:a2:d3:39:7a:9e:09:c9:
f8:2d:3e:66:09:36:19:68:6b:92:21:6c:24:51:5a:
70:a9:03:9b:b7:db:e2:36:b5:17:d8:51:c3:1e:13:
82:de:cc:5d:1d:97:47:0b:69:b6:ad:2b:e2:26:10:
cc:1a:e5:85:c2:de:21:1b:5d:0b:dd:83:a7:2b:bf:
c3:bb:bc:dc:1b:77:91:82:24:61:04:41:c7:44:bc:
6f:ba:73:f0:33:fc:89:eb:d8:e6:a8:b4:fb:be:fe:
d9:68:9f:fc:c7:86:0a:d5:62:8c:30:9d:1c:59:c4:
12:5d:16:e9:81:5d:94:66:64:bd:1f:a8:e3:ea:61:
85:fa:a4:18:76:be:d6:d9:52:ce:19:94:a0:fe:2e:
d7:af:c2:24:38:dc:9c:2d:7c:8b:ae:e4:cb:07:63:
56:1f:7e:b5:12:11:92:98:30:cc:8e:6e:26:e3:bd:
e4:0f:4f:58:8d:e6:b8:5d:fe:57:cf:35:d4:be:cc:
84:5b:b5:19:be:e1:ed:c3:7c:11:e8:25:14:b5:82:
3a:8f:96:76:75:8f:1d:df:3c:03:9d:cd:1a:25:60:
88:cb:fc:ab:b3:13:43:d0:4f:8b:2d:df:22:43:97:
cf:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:FF:53:7E:BC:A5:F8:AB:D9:A8:BE:0C:7A:D5:D1:2A:B1:71:A4:92
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A9FBA96A19C11EFACE2C844762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.80.0/24
Signature Algorithm: sha256WithRSAEncryption
05:7f:85:70:9c:81:81:d4:28:d1:49:95:b0:bb:58:91:c9:4c:
9e:77:b3:07:8f:1b:7e:3b:73:80:7b:00:d3:6d:62:3b:46:39:
f0:04:49:cb:2d:9c:ac:b8:8a:e6:73:a9:97:75:cf:fb:3d:a1:
c8:bd:97:91:fb:28:9a:43:08:8f:06:a8:ef:ce:ef:58:33:9d:
1b:92:60:a6:17:f9:e6:98:43:c2:ec:17:43:2c:aa:29:1c:5d:
82:3f:28:72:28:d5:84:42:59:b2:ba:c4:7d:06:15:da:5f:18:
6f:42:40:40:28:0a:ce:df:ac:9a:a6:45:e1:44:23:bd:97:23:
6a:12:f3:2c:43:1b:9d:ff:27:46:8e:e5:80:d9:fa:de:34:fc:
18:68:3b:50:13:9d:8b:a6:c4:06:65:08:d9:92:3d:f0:73:74:
0b:3d:49:4f:c5:01:49:81:73:bd:cf:4b:15:62:98:b0:af:ca:
3f:6a:18:c0:c5:6e:0e:ab:91:8e:c7:d2:27:c6:ba:79:30:7b:
fc:22:b5:64:0d:b7:d3:26:40:98:93:b5:24:c7:80:7a:bb:95:
d7:cf:0a:3d:91:51:1f:b8:6e:13:a7:f6:34:04:12:41:cb:6c:
18:96:b9:35:05:ad:c2:ca:27:ad:2b:66:1a:cb:65:07:7f:06:
07:9a:b2:6f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANJWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTEzMDg0OTQxWhcNMjQxMTIzMDg0OTQxWjAYMRYw
FAYDVQQDEw02NzM0NjgyOC1iZmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApc3Cenp6zpR+7DyajaqkHmVZBwWDcqLTOXqeCcn4LT5mCTYZaGuSIWwk
UVpwqQObt9viNrUX2FHDHhOC3sxdHZdHC2m2rSviJhDMGuWFwt4hG10L3YOnK7/D
u7zcG3eRgiRhBEHHRLxvunPwM/yJ69jmqLT7vv7ZaJ/8x4YK1WKMMJ0cWcQSXRbp
gV2UZmS9H6jj6mGF+qQYdr7W2VLOGZSg/i7Xr8IkONycLXyLruTLB2NWH361EhGS
mDDMjm4m473kD09Yjea4Xf5XzzXUvsyEW7UZvuHtw3wR6CUUtYI6j5Z2dY8d3zwD
nc0aJWCIy/yrsxND0E+LLd8iQ5fP0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIr/
U368pfir2ai+DHrV0SqxcaSSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQTlGQkE5NkExOUMxMUVGQUNFMkM4NDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcxQMA0GCSqGSIb3DQEBCwUA
A4IBAQAFf4VwnIGB1CjRSZWwu1iRyUyed7MHjxt+O3OAewDTbWI7RjnwBEnLLZys
uIrmc6mXdc/7PaHIvZeR+yiaQwiPBqjvzu9YM50bkmCmF/nmmEPC7BdDLKopHF2C
PyhyKNWEQlmyusR9BhXaXxhvQkBAKArO36yapkXhRCO9lyNqEvMsQxud/ydGjuWA
2freNPwYaDtQE52LpsQGZQjZkj3wc3QLPUlPxQFJgXO9z0sVYpiwr8o/ahjAxW4O
q5GOx9Inxrp5MHv8IrVkDbfTJkCYk7Ukx4B6u5XXzwo9kVEfuG4Tp/Y0BBJBy2wY
lrk1Ba3CyietK2Yay2UHfwYHmrJv
-----END CERTIFICATE-----
Generated at Sat Nov 23 16:24:31 2024 by rpki-client on console-fra.rpki-client.org