Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D0C7C8EC9B411EF84128543762E951A.roa
File: 3D0C7C8EC9B411EF84128543762E951A.roa (raw, json)
Hash identifier: 1cG8SwSPC/tGOwrUgaeTYphCmVDcw40KMKzE5HKmYRQ=
Subject key identifier: 50:B2:3E:20:20:3A:6E:F5:6A:12:4D:07:B9:8C:35:28:82:52:C3:BF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6C7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D0C7C8EC9B411EF84128543762E951A.roa
Signing time: Fri 03 Jan 2025 09:22:23 +0000
ROA not before: Fri 03 Jan 2025 09:22:19 +0000
ROA not after: Sat 18 Jan 2025 09:22:19 +0000
asID: 141883
IP address blocks: 45.200.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63175 (0xf6c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 09:22:19 2025 GMT
Not After : Jan 18 09:22:19 2025 GMT
Subject: CN=6777ac4f-a614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:25:7d:e5:cc:60:3d:f3:7a:c1:c1:2f:c4:70:
e7:03:f4:7c:fa:ae:72:c7:20:4f:c7:1c:48:aa:05:
59:82:7b:4b:d7:74:b2:9d:b8:26:c8:40:1d:b9:e1:
7b:c2:5a:70:2f:c0:bf:7b:65:d0:94:e6:c9:54:64:
75:0a:3f:02:32:92:99:14:3e:c4:12:a7:47:8f:14:
68:d5:1a:70:de:46:b8:5a:48:b9:02:75:5d:92:39:
cf:b8:29:75:d9:13:17:fb:41:08:cf:29:0b:a4:d0:
72:7a:4c:48:57:97:2c:1c:44:e0:e1:ec:5e:51:e7:
ad:d9:81:e1:2f:62:3b:e6:9b:dc:5c:22:ca:96:9c:
32:65:09:9c:3d:8d:ab:94:4a:ce:df:9d:67:b5:0d:
a8:c7:a4:10:e2:4e:75:4b:2d:33:57:a0:dd:cd:d3:
6a:55:bf:af:ba:1d:d3:b6:b7:0f:45:2b:f0:3d:d1:
fa:9f:f4:30:f1:67:46:fc:73:d9:4f:f2:2f:c9:f8:
24:d0:b7:4f:02:b0:93:65:9f:cd:72:39:d9:35:c9:
ef:88:3b:e2:45:b8:95:9e:e6:31:f6:1a:32:d9:b2:
00:ff:61:11:8d:a5:28:4e:55:c8:b2:27:7f:ce:8f:
f6:67:01:28:80:d1:b1:e9:b9:87:16:e8:15:a8:93:
16:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B2:3E:20:20:3A:6E:F5:6A:12:4D:07:B9:8C:35:28:82:52:C3:BF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D0C7C8EC9B411EF84128543762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.20.0/22
Signature Algorithm: sha256WithRSAEncryption
35:ab:fb:9a:47:b4:fa:fd:6e:70:1e:46:ad:46:b9:a8:e1:d1:
d4:ec:0b:89:2c:66:33:39:74:d7:8e:56:58:74:4b:4c:90:f6:
07:9d:d8:b6:8b:a4:a0:fd:d3:b7:f3:81:c0:c6:4a:2e:83:96:
9f:e2:0b:9a:45:cd:d9:30:0a:d6:c8:7d:2a:0d:44:12:3c:e3:
65:68:41:a0:a8:f2:5d:ab:27:2a:a0:82:0d:73:f8:15:a0:fa:
d0:66:40:ac:6e:c6:33:6f:0e:1d:e2:58:57:f2:fb:de:aa:b6:
16:ae:33:c4:67:cc:54:6d:94:11:df:78:41:65:c7:73:00:a6:
bf:fd:79:83:48:2f:6e:34:75:f9:49:7d:62:e6:db:57:fd:05:
3d:65:bc:ee:e2:e3:98:35:87:29:9a:b7:05:5a:9a:42:74:8f:
04:52:6f:55:7a:25:ee:d7:63:c4:8b:64:a3:e1:c7:fc:3f:1e:
c5:fd:ab:fa:aa:a8:d7:62:31:a9:61:2a:74:60:18:42:64:ad:
07:2f:66:00:d8:e2:5d:2e:7b:73:74:97:e9:8e:d7:33:74:fd:
54:a9:40:0c:21:74:44:e1:45:d0:d3:33:6c:92:22:c1:d2:70:
ed:a9:94:ac:ae:9c:ca:17:07:5b:07:58:39:f0:ac:08:4e:c5:
6d:42:a5:e4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPbHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDkyMjE5WhcNMjUwMTE4MDkyMjE5WjAYMRYw
FAYDVQQDEw02Nzc3YWM0Zi1hNjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoCV95cxgPfN6wcEvxHDnA/R8+q5yxyBPxxxIqgVZgntL13SynbgmyEAd
ueF7wlpwL8C/e2XQlObJVGR1Cj8CMpKZFD7EEqdHjxRo1Rpw3ka4Wki5AnVdkjnP
uCl12RMX+0EIzykLpNByekxIV5csHETg4exeUeet2YHhL2I75pvcXCLKlpwyZQmc
PY2rlErO351ntQ2ox6QQ4k51Sy0zV6DdzdNqVb+vuh3TtrcPRSvwPdH6n/Qw8WdG
/HPZT/Ivyfgk0LdPArCTZZ/NcjnZNcnviDviRbiVnuYx9hoy2bIA/2ERjaUoTlXI
sid/zo/2ZwEogNGx6bmHFugVqJMWRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFCy
PiAgOm71ahJNB7mMNSiCUsO/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRDBDN0M4RUM5QjQxMUVGODQxMjg1NDM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcgUMA0GCSqGSIb3DQEBCwUA
A4IBAQA1q/uaR7T6/W5wHkatRrmo4dHU7AuJLGYzOXTXjlZYdEtMkPYHndi2i6Sg
/dO384HAxkoug5af4guaRc3ZMArWyH0qDUQSPONlaEGgqPJdqycqoIINc/gVoPrQ
ZkCsbsYzbw4d4lhX8vveqrYWrjPEZ8xUbZQR33hBZcdzAKa//XmDSC9uNHX5SX1i
5ttX/QU9Zbzu4uOYNYcpmrcFWppCdI8EUm9VeiXu12PEi2Sj4cf8Px7F/av6qqjX
YjGpYSp0YBhCZK0HL2YA2OJdLntzdJfpjtczdP1UqUAMIXRE4UXQ0zNskiLB0nDt
qZSsrpzKFwdbB1g58KwITsVtQqXk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:04 2025 by rpki-client