Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E5D918A3EA011EF8A5D0A7E762E951A.roa
File: 3E5D918A3EA011EF8A5D0A7E762E951A.roa (raw, json)
Hash identifier: CFNiqg4qGoDayuTdrNtZSAdcwhsYPojlxNI7au6zfk4=
Subject key identifier: 79:9D:33:B1:52:C4:5A:0D:6C:8A:5B:F4:46:DE:52:14:96:4D:16:CD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9AE5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E5D918A3EA011EF8A5D0A7E762E951A.roa
Signing time: Wed 10 Jul 2024 09:39:03 +0000
ROA not before: Wed 10 Jul 2024 09:39:00 +0000
ROA not after: Fri 02 Aug 2024 09:39:00 +0000
asID: 141883
IP address blocks: 45.200.24.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39653 (0x9ae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 10 09:39:00 2024 GMT
Not After : Aug 2 09:39:00 2024 GMT
Subject: CN=668e56b7-f5fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4d:13:9b:5b:2e:44:e7:9f:ee:95:9f:e6:c2:
30:85:fc:97:80:fc:2f:16:ca:8f:1b:3a:4e:9f:69:
3a:e0:10:91:96:0a:90:c5:b7:44:d6:74:e6:04:ec:
17:1d:67:de:72:2c:2e:13:b6:3e:5c:02:fd:04:e9:
6b:9e:67:24:62:36:49:3a:6f:5a:fb:df:23:3b:6d:
b6:54:23:39:85:b8:fc:f4:c0:b2:e4:f3:d4:66:c7:
c0:83:d0:2d:e9:74:bc:79:f5:a7:ec:e7:66:8f:d2:
a1:40:bd:c9:d6:db:80:e6:d0:cc:b1:f3:74:36:ef:
1c:21:06:36:10:49:94:0b:90:a4:fe:c9:f2:ad:17:
b9:3f:dc:63:63:d9:89:61:7b:84:87:6f:e5:6c:cf:
d7:e4:c1:03:86:04:2d:cf:b7:49:5a:9c:cc:2c:6a:
54:22:69:52:c3:6b:c7:f4:8f:8f:27:0f:fc:b0:c3:
32:00:19:02:e1:42:60:64:a8:0d:aa:2b:3d:e5:40:
7e:e2:2a:02:b5:52:1c:a7:21:bd:3a:41:ee:48:43:
d5:60:fc:e7:fc:2e:6a:be:77:7d:75:a7:a3:8f:5c:
fa:0e:55:c5:59:ff:55:1b:3d:85:ce:12:fe:6e:1a:
1f:ae:ba:46:cc:07:ee:81:61:be:27:9f:24:a5:59:
83:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:9D:33:B1:52:C4:5A:0D:6C:8A:5B:F4:46:DE:52:14:96:4D:16:CD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E5D918A3EA011EF8A5D0A7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.24.0/21
Signature Algorithm: sha256WithRSAEncryption
01:2c:6c:dc:4b:4a:ec:15:6d:09:4b:50:52:29:89:01:43:a3:
aa:38:e8:60:17:16:40:b0:8b:6b:70:10:0b:1f:32:08:e0:f4:
03:43:08:fe:d8:ad:76:a1:a1:e0:c4:3a:e8:db:95:f6:ef:4f:
fb:27:8f:4e:ae:64:96:07:af:69:58:55:fd:1e:f9:02:fd:73:
92:5f:fd:cb:6d:ea:51:8b:71:33:e6:9f:be:62:e6:18:9c:93:
45:a6:ac:d5:c2:a3:55:16:13:f1:2d:87:88:d7:e3:ac:0e:f4:
3c:18:fa:5f:98:76:c9:e0:84:a4:7f:9e:1a:6b:52:01:22:8b:
2f:57:e1:a3:a1:42:7c:c2:f3:59:1a:f3:7a:51:02:bb:19:e2:
04:e3:67:98:b0:fd:78:3d:c7:92:f8:8f:0f:58:13:4c:f1:aa:
c0:45:95:f2:24:b2:ec:ae:f7:6d:12:67:10:b6:7d:64:98:27:
9f:30:cb:4a:02:cd:87:66:f1:a5:b8:24:b6:92:03:3b:81:9d:
cb:68:35:c5:28:d2:96:45:13:fa:73:9a:7e:c2:47:bc:81:89:
25:6e:59:37:e5:6f:86:e7:52:fd:b9:17:c6:83:b7:98:ea:28:
6b:a9:0e:6e:4c:86:67:c5:29:13:d6:42:37:f0:33:d1:89:8c:
62:68:38:d7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJrlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzEwMDkzOTAwWhcNMjQwODAyMDkzOTAwWjAYMRYw
FAYDVQQDEw02NjhlNTZiNy1mNWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsU0Tm1suROef7pWf5sIwhfyXgPwvFsqPGzpOn2k64BCRlgqQxbdE1nTm
BOwXHWfeciwuE7Y+XAL9BOlrnmckYjZJOm9a+98jO222VCM5hbj89MCy5PPUZsfA
g9At6XS8efWn7Odmj9KhQL3J1tuA5tDMsfN0Nu8cIQY2EEmUC5Ck/snyrRe5P9xj
Y9mJYXuEh2/lbM/X5MEDhgQtz7dJWpzMLGpUImlSw2vH9I+PJw/8sMMyABkC4UJg
ZKgNqis95UB+4ioCtVIcpyG9OkHuSEPVYPzn/C5qvnd9daejj1z6DlXFWf9VGz2F
zhL+bhofrrpGzAfugWG+J58kpVmDzQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHmd
M7FSxFoNbIpb9EbeUhSWTRbNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRTVEOTE4QTNFQTAxMUVGOEE1RDBBN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcgYMA0GCSqGSIb3DQEBCwUA
A4IBAQABLGzcS0rsFW0JS1BSKYkBQ6OqOOhgFxZAsItrcBALHzII4PQDQwj+2K12
oaHgxDro25X270/7J49OrmSWB69pWFX9HvkC/XOSX/3LbepRi3Ez5p++YuYYnJNF
pqzVwqNVFhPxLYeI1+OsDvQ8GPpfmHbJ4ISkf54aa1IBIosvV+GjoUJ8wvNZGvN6
UQK7GeIE42eYsP14PceS+I8PWBNM8arARZXyJLLsrvdtEmcQtn1kmCefMMtKAs2H
ZvGluCS2kgM7gZ3LaDXFKNKWRRP6c5p+wke8gYklblk35W+G51L9uRfGg7eY6ihr
qQ5uTIZnxSkT1kI38DPRiYxiaDjX
-----END CERTIFICATE-----
Generated at Fri Aug 2 12:40:39 2024 by rpki-client on console-ams.rpki-client.org