Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4CB4716A3AE211F0BF26C5BADAE4EC9C.roa
File: 4CB4716A3AE211F0BF26C5BADAE4EC9C.roa (raw, json)
Hash identifier: CsCN0cuCvuuIKpYjW5yAERbIGoos1/r3Db0E9httxx0=
Subject key identifier: 08:72:18:F3:82:82:30:C3:1D:08:17:21:B6:77:7A:F2:2B:8A:05:ED
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0157EF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4CB4716A3AE211F0BF26C5BADAE4EC9C.roa
Signing time: Tue 27 May 2025 10:06:48 +0000
ROA not before: Tue 27 May 2025 10:06:43 +0000
ROA not after: Mon 02 Jun 2025 10:06:43 +0000
asID: 152849
IP address blocks: 45.195.112.0/21 maxlen: 24
45.195.120.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88047 (0x157ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 27 10:06:43 2025 GMT
Not After : Jun 2 10:06:43 2025 GMT
Subject: CN=68358eb7-68e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c6:0b:ed:05:f2:66:a0:37:26:fe:27:4b:a6:
e9:98:b3:60:a3:b3:87:24:0c:77:a1:e1:b6:a8:24:
08:fa:df:be:04:ef:bb:29:c4:14:6e:cf:81:f1:f1:
1b:3a:5f:8c:01:e4:9b:50:2e:53:f5:27:2a:6e:fb:
46:0d:4a:a3:6b:33:b4:92:6d:50:42:ca:9d:9b:94:
13:bf:24:b1:d4:e2:eb:7e:66:c1:7a:e8:15:01:b1:
59:b5:84:79:d1:a5:22:02:6c:56:28:ea:84:d7:ba:
9f:d8:17:72:98:1c:15:d8:e3:c3:d8:e3:2b:0c:07:
64:1c:a9:ca:8f:4d:9a:a6:d2:1d:08:0f:eb:4b:9c:
59:90:c4:27:37:0f:86:0e:74:4b:27:62:f8:3e:14:
a5:fb:79:a9:46:98:cc:31:8a:ad:22:2f:3b:26:c5:
6a:e0:97:5b:01:2b:b1:f8:e8:56:e9:b0:94:42:c3:
8b:1d:9c:00:1e:b6:d7:f9:76:e5:b6:e0:9e:12:6f:
b4:91:b0:92:6d:82:75:ec:28:83:39:6d:0b:74:53:
ad:9f:74:24:e7:89:89:88:c6:f1:3d:e1:33:96:b6:
aa:7d:e5:bb:07:f4:f8:05:ad:28:58:f5:55:de:e3:
dd:a4:73:f8:24:b1:df:3d:d8:9c:b5:44:7a:c3:14:
57:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:72:18:F3:82:82:30:C3:1D:08:17:21:B6:77:7A:F2:2B:8A:05:ED
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4CB4716A3AE211F0BF26C5BADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.112.0/20
Signature Algorithm: sha256WithRSAEncryption
58:8b:ff:73:bc:78:9a:42:06:df:c1:ac:4e:67:18:31:c5:86:
54:ec:2e:f4:74:d9:6a:26:69:18:b7:bd:27:29:f6:36:bf:e3:
b1:05:db:2b:80:85:8c:52:8b:4e:8e:da:69:c2:8e:9a:f1:12:
e5:cf:8b:23:15:a3:63:c6:39:e6:92:22:a4:8d:67:f0:5f:90:
5e:73:0e:da:52:bb:a1:7a:a5:cb:1d:3d:a2:e9:f9:81:22:7a:
ce:d0:a3:c6:b7:20:b4:80:dc:38:f6:da:50:fe:93:21:66:92:
e3:ac:ee:c9:fa:67:e1:9f:48:1b:d6:4e:1d:55:1e:6b:1c:7d:
9d:d9:76:05:69:fd:1e:5d:c5:88:ce:c6:90:46:be:81:49:53:
f9:f8:5e:2d:e9:d4:80:33:6b:98:c8:46:fe:69:59:fe:9c:e5:
a1:70:ce:c7:ca:39:4f:a1:31:23:6a:b5:f6:50:e7:5b:fa:45:
8f:f9:31:df:63:d0:30:e1:eb:50:ce:b6:32:52:d4:ee:2a:aa:
94:78:7f:b3:b2:b6:b1:d4:fd:46:52:03:3d:8a:45:7f:7a:cc:
a3:09:43:a4:da:79:fe:08:41:31:f0:93:3a:09:a1:36:24:37:
ec:e0:6e:58:2d:7d:5c:16:37:fe:0f:f7:88:fa:96:30:cd:0c:
d8:07:fd:b5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVfvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI3MTAwNjQzWhcNMjUwNjAyMTAwNjQzWjAYMRYw
FAYDVQQDEw02ODM1OGViNy02OGU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtcYL7QXyZqA3Jv4nS6bpmLNgo7OHJAx3oeG2qCQI+t++BO+7KcQUbs+B
8fEbOl+MAeSbUC5T9ScqbvtGDUqjazO0km1QQsqdm5QTvySx1OLrfmbBeugVAbFZ
tYR50aUiAmxWKOqE17qf2BdymBwV2OPD2OMrDAdkHKnKj02aptIdCA/rS5xZkMQn
Nw+GDnRLJ2L4PhSl+3mpRpjMMYqtIi87JsVq4JdbASux+OhW6bCUQsOLHZwAHrbX
+XbltuCeEm+0kbCSbYJ17CiDOW0LdFOtn3Qk54mJiMbxPeEzlraqfeW7B/T4Ba0o
WPVV3uPdpHP4JLHfPdictUR6wxRXZwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAhy
GPOCgjDDHQgXIbZ3evIrigXtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80Q0I0NzE2QTNBRTIxMUYwQkYyNkM1QkFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcNwMA0GCSqGSIb3DQEBCwUA
A4IBAQBYi/9zvHiaQgbfwaxOZxgxxYZU7C70dNlqJmkYt70nKfY2v+OxBdsrgIWM
UotOjtppwo6a8RLlz4sjFaNjxjnmkiKkjWfwX5Becw7aUruheqXLHT2i6fmBInrO
0KPGtyC0gNw49tpQ/pMhZpLjrO7J+mfhn0gb1k4dVR5rHH2d2XYFaf0eXcWIzsaQ
Rr6BSVP5+F4t6dSAM2uYyEb+aVn+nOWhcM7HyjlPoTEjarX2UOdb+kWP+THfY9Aw
4etQzrYyUtTuKqqUeH+zsrax1P1GUgM9ikV/esyjCUOk2nn+CEEx8JM6CaE2JDfs
4G5YLX1cFjf+D/eI+pYwzQzYB/21
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:56:18 2025 by rpki-client