Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/513E8D2CCC2611EF939182BE762E951A.roa
File: 513E8D2CCC2611EF939182BE762E951A.roa (raw, json)
Hash identifier: BxRxjIPawAmQ9DKbw+kRygt8bVe6pksVLNZ5/cLtrtE=
Subject key identifier: 29:9D:EA:93:36:F3:33:8B:1D:59:55:DC:6A:78:FE:BA:A1:23:85:9C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F8D1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/513E8D2CCC2611EF939182BE762E951A.roa
Signing time: Mon 06 Jan 2025 12:04:02 +0000
ROA not before: Mon 06 Jan 2025 12:03:57 +0000
ROA not after: Fri 17 Jan 2025 12:03:57 +0000
asID: 5065
IP address blocks: 45.204.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63697 (0xf8d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 12:03:57 2025 GMT
Not After : Jan 17 12:03:57 2025 GMT
Subject: CN=677bc6b1-d6f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4a:4f:16:a8:da:ad:74:3b:a2:44:d9:cf:66:
cd:81:03:47:ce:72:94:29:ad:b3:65:ff:cb:e5:0a:
59:ae:fe:09:e4:47:0f:fe:03:d1:22:84:2c:db:db:
4b:cf:8d:46:11:eb:2d:b6:c8:56:c7:4c:ff:fa:60:
66:17:1c:a0:d4:da:95:d8:9c:62:a5:9e:02:55:e7:
62:24:71:19:dc:43:52:cd:57:3f:8c:5f:c9:2e:d4:
5e:7e:75:34:4b:cd:5e:2e:a1:c4:49:75:d6:d5:07:
e7:be:2d:88:af:14:b8:ad:6e:c7:51:73:78:fb:4b:
fd:a3:f1:b9:72:7f:ad:2b:af:ef:e1:22:a3:82:1e:
a1:62:70:95:dc:24:6f:44:9a:4d:18:24:23:a5:6f:
af:f7:d9:83:67:a9:1f:98:30:d6:41:c4:01:99:0d:
a8:68:4f:91:52:43:9a:29:5a:10:38:73:61:e9:a6:
fa:15:72:74:49:11:47:3e:1d:30:44:64:3e:72:d9:
77:43:33:58:ac:ce:a0:49:49:a9:27:df:a2:59:44:
c5:b9:8c:ac:08:23:34:a2:c3:d3:b3:27:21:95:ad:
73:78:9f:d8:07:ab:cd:12:bc:d7:52:7c:52:07:fb:
54:be:66:cb:63:9a:04:e8:09:fd:83:a6:3c:0f:9a:
58:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9D:EA:93:36:F3:33:8B:1D:59:55:DC:6A:78:FE:BA:A1:23:85:9C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/513E8D2CCC2611EF939182BE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.76.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:ae:72:1d:21:3f:d4:89:ed:9e:79:7f:2f:de:65:43:83:3d:
60:11:01:af:6a:f5:36:aa:9e:73:c8:b9:44:39:f4:6a:76:ec:
f7:84:06:d0:56:3b:8a:b9:e7:09:a7:0a:61:de:fb:af:ac:8a:
a5:97:7f:ac:e3:61:5a:47:35:11:ec:12:d2:8d:05:79:62:7f:
99:3d:74:98:a0:85:14:4f:f4:b9:8f:28:7b:f6:69:41:87:49:
36:59:23:3a:ea:35:15:ea:9a:0d:e9:08:1a:9d:c0:f6:cf:e0:
95:cc:2b:55:67:ef:9c:9b:80:7f:fa:7d:3c:02:57:9c:07:a5:
02:81:f3:9f:a7:7a:7b:db:9b:06:a6:f2:2a:42:e2:65:03:c1:
f5:6d:e6:7a:59:a6:b0:9e:a9:dd:b2:0e:c4:a0:e9:17:2b:50:
d8:62:d4:70:c3:2f:39:f8:d7:51:40:f5:80:3d:e9:99:be:8c:
f3:20:9e:06:1c:c3:33:80:11:03:31:96:04:b0:77:e4:d0:da:
45:e7:15:d5:bf:4d:0f:1b:a4:7d:92:db:d9:cb:00:3e:d2:53:
5a:e6:3c:19:3c:ba:97:1b:95:e4:c4:32:56:68:38:37:0a:44:
fb:5f:5e:36:a7:9d:42:90:02:44:5f:ea:b8:41:0a:fb:62:04:
6f:25:99:9a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPjRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MTIwMzU3WhcNMjUwMTE3MTIwMzU3WjAYMRYw
FAYDVQQDEw02NzdiYzZiMS1kNmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv0pPFqjarXQ7okTZz2bNgQNHznKUKa2zZf/L5QpZrv4J5EcP/gPRIoQs
29tLz41GEesttshWx0z/+mBmFxyg1NqV2JxipZ4CVediJHEZ3ENSzVc/jF/JLtRe
fnU0S81eLqHESXXW1Qfnvi2IrxS4rW7HUXN4+0v9o/G5cn+tK6/v4SKjgh6hYnCV
3CRvRJpNGCQjpW+v99mDZ6kfmDDWQcQBmQ2oaE+RUkOaKVoQOHNh6ab6FXJ0SRFH
Ph0wRGQ+ctl3QzNYrM6gSUmpJ9+iWUTFuYysCCM0osPTsychla1zeJ/YB6vNErzX
UnxSB/tUvmbLY5oE6An9g6Y8D5pYOwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCmd
6pM28zOLHVlV3Gp4/rqhI4WcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MTNFOEQyQ0NDMjYxMUVGOTM5MTgyQkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcxMMA0GCSqGSIb3DQEBCwUA
A4IBAQAcrnIdIT/Uie2eeX8v3mVDgz1gEQGvavU2qp5zyLlEOfRqduz3hAbQVjuK
uecJpwph3vuvrIqll3+s42FaRzUR7BLSjQV5Yn+ZPXSYoIUUT/S5jyh79mlBh0k2
WSM66jUV6poN6QgancD2z+CVzCtVZ++cm4B/+n08AlecB6UCgfOfp3p725sGpvIq
QuJlA8H1beZ6Waawnqndsg7EoOkXK1DYYtRwwy85+NdRQPWAPemZvozzIJ4GHMMz
gBEDMZYEsHfk0NpF5xXVv00PG6R9ktvZywA+0lNa5jwZPLqXG5XkxDJWaDg3CkT7
X142p51CkAJEX+q4QQr7YgRvJZma
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:13 2025 by rpki-client