Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41F4C062BEB011EFA4371A54762E951A.roa
File: 41F4C062BEB011EFA4371A54762E951A.roa (raw, json)
Hash identifier: /QAkElfciLrA6UNFibdpQ8YCLMpUtGbb2q2wA2QvjIc=
Subject key identifier: 87:7A:E1:B6:57:EF:CD:7C:F1:FD:DB:AF:87:29:03:74:9E:85:07:2E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E743
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41F4C062BEB011EFA4371A54762E951A.roa
Signing time: Fri 20 Dec 2024 08:56:10 +0000
ROA not before: Fri 20 Dec 2024 08:56:07 +0000
ROA not after: Sat 25 Jan 2025 08:56:07 +0000
asID: 6079
IP address blocks: 45.203.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59203 (0xe743)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 08:56:07 2024 GMT
Not After : Jan 25 08:56:07 2025 GMT
Subject: CN=6765312a-5ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7a:2d:78:cf:d2:67:0d:c9:f0:3d:d2:90:98:
22:27:67:d9:3d:e2:06:71:e4:64:96:fa:79:3b:55:
f4:07:6f:b5:09:e2:f2:45:2b:09:75:1e:16:a8:6b:
6e:bc:30:34:4d:45:f4:2f:1e:bc:ae:65:45:ab:29:
65:dc:5b:1c:11:26:f3:cc:98:b3:4a:13:67:50:ba:
29:33:11:45:c2:34:c6:53:05:f3:3e:38:d4:1d:3b:
fb:5b:b1:a4:30:39:18:5c:81:a3:34:08:ba:19:1c:
46:5b:64:4d:ad:53:bc:e0:1f:49:0f:92:6d:f9:b3:
11:5f:da:e1:7c:d3:52:a3:7b:ca:2a:b3:ba:90:d5:
68:5f:c3:9b:9b:c6:64:5f:f2:5e:a4:26:5c:45:80:
53:f8:35:a5:af:9f:2c:91:0f:56:01:db:33:85:7e:
62:da:44:9d:9b:7f:12:ab:9d:05:4b:64:33:0f:4f:
31:83:32:cd:d0:f0:36:b8:09:54:56:24:50:8e:7c:
d8:0b:bf:4c:0f:7e:7b:d9:2d:d7:39:0e:93:cb:93:
3d:86:57:74:d6:54:fb:e4:cf:bb:6c:ea:aa:71:30:
3e:c3:98:db:e3:2c:6e:cb:06:18:5d:10:88:61:45:
d9:50:49:c2:8d:63:61:f5:f2:c4:4f:35:de:a0:40:
ef:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7A:E1:B6:57:EF:CD:7C:F1:FD:DB:AF:87:29:03:74:9E:85:07:2E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41F4C062BEB011EFA4371A54762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.221.0/24
Signature Algorithm: sha256WithRSAEncryption
26:d3:65:64:05:8c:4b:d3:91:3a:ad:c9:1f:34:ac:a8:57:76:
84:39:7c:5c:8d:b3:aa:c1:a0:04:b3:4a:e3:30:2d:b2:6e:79:
dd:0b:53:ed:96:9e:ae:02:a6:b0:f7:ea:46:4d:43:13:c5:22:
56:f3:93:10:05:d9:58:c8:26:af:c3:3b:a1:46:80:79:ee:72:
d3:d8:63:58:29:5b:2a:ec:85:88:fb:41:1c:ca:37:80:b4:18:
62:9a:d0:26:5e:aa:26:6c:1b:12:52:02:9b:dd:3f:d3:01:ec:
66:e0:db:4d:e0:76:a8:f5:90:92:7f:12:c1:3c:f0:3c:54:17:
18:a8:a5:a7:2e:c6:8f:c3:54:30:cd:c6:63:a8:2f:4b:14:0d:
b3:d0:93:e2:9d:5d:fa:f3:95:d9:d7:c9:87:74:cd:6a:59:45:
c8:c8:4c:02:e2:31:7d:4f:77:3c:a5:7b:b4:cc:ea:d2:d6:ee:
24:46:6d:06:90:d7:de:7c:c2:d7:67:51:87:ab:22:3e:68:a0:
1f:6f:d0:b2:3a:bb:45:97:a1:02:ee:68:b7:17:ae:08:ee:d3:
c1:29:5c:13:f6:e3:78:39:ee:c2:42:e2:6d:f3:f7:53:32:6a:
c4:d1:e3:26:7f:1e:48:18:a8:aa:5a:f2:8e:c7:8a:5a:0e:17:
b8:ea:1e:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOdDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDg1NjA3WhcNMjUwMTI1MDg1NjA3WjAYMRYw
FAYDVQQDEw02NzY1MzEyYS01ZWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt3oteM/SZw3J8D3SkJgiJ2fZPeIGceRklvp5O1X0B2+1CeLyRSsJdR4W
qGtuvDA0TUX0Lx68rmVFqyll3FscESbzzJizShNnULopMxFFwjTGUwXzPjjUHTv7
W7GkMDkYXIGjNAi6GRxGW2RNrVO84B9JD5Jt+bMRX9rhfNNSo3vKKrO6kNVoX8Ob
m8ZkX/JepCZcRYBT+DWlr58skQ9WAdszhX5i2kSdm38Sq50FS2QzD08xgzLN0PA2
uAlUViRQjnzYC79MD3572S3XOQ6Ty5M9hld01lT75M+7bOqqcTA+w5jb4yxuywYY
XRCIYUXZUEnCjWNh9fLETzXeoEDvDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFId6
4bZX78188f3br4cpA3SehQcuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MUY0QzA2MkJFQjAxMUVGQTQzNzFBNTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcvdMA0GCSqGSIb3DQEBCwUA
A4IBAQAm02VkBYxL05E6rckfNKyoV3aEOXxcjbOqwaAEs0rjMC2ybnndC1Ptlp6u
Aqaw9+pGTUMTxSJW85MQBdlYyCavwzuhRoB57nLT2GNYKVsq7IWI+0EcyjeAtBhi
mtAmXqombBsSUgKb3T/TAexm4NtN4Hao9ZCSfxLBPPA8VBcYqKWnLsaPw1QwzcZj
qC9LFA2z0JPinV3685XZ18mHdM1qWUXIyEwC4jF9T3c8pXu0zOrS1u4kRm0GkNfe
fMLXZ1GHqyI+aKAfb9CyOrtFl6EC7mi3F64I7tPBKVwT9uN4Oe7CQuJt8/dTMmrE
0eMmfx5IGKiqWvKOx4paDhe46h5j
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:46 2025 by rpki-client