Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A3C97AEBF9F11EFAB076CAC762E951A.roa
File: 5A3C97AEBF9F11EFAB076CAC762E951A.roa (raw, json)
Hash identifier: GI5BcXZwLpqW3vPysSE/IWEResD/J6B155nsyQaWA20=
Subject key identifier: 03:67:91:88:1E:6C:F2:A6:BA:D1:D8:39:C4:C0:E5:10:84:73:BB:17
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E7CA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A3C97AEBF9F11EFAB076CAC762E951A.roa
Signing time: Sat 21 Dec 2024 13:27:41 +0000
ROA not before: Sat 21 Dec 2024 13:27:37 +0000
ROA not after: Sat 25 Jan 2025 13:27:37 +0000
asID: 203020
IP address blocks: 45.198.200.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59338 (0xe7ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 21 13:27:37 2024 GMT
Not After : Jan 25 13:27:37 2025 GMT
Subject: CN=6766c24d-81e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4b:40:0d:fc:05:d7:4e:15:86:63:80:2d:42:
b2:03:85:82:05:3d:71:e6:3f:62:05:b4:88:ef:d7:
5f:c2:8a:86:24:af:bf:7f:4a:1a:40:1b:41:af:a3:
43:ab:c6:2a:c6:93:88:00:e0:b6:71:1c:b4:67:4a:
39:ed:e8:6a:21:eb:2b:57:d7:ff:da:49:3c:a4:16:
ee:79:cc:7d:f2:47:3f:d5:58:f4:45:4e:d8:7e:08:
02:4b:64:fc:07:0e:d5:84:9b:ed:98:32:e9:1f:ec:
ea:d6:4e:d5:bb:a7:03:5f:aa:cb:88:d1:cc:f0:69:
b8:9f:38:c1:9b:cd:6c:1a:10:45:19:12:96:23:38:
cf:da:7e:96:31:85:53:54:48:d5:05:73:bc:e3:cb:
23:22:5b:f3:b6:fc:78:7e:0d:79:62:c6:64:1c:68:
71:54:e2:dd:1e:ba:06:4e:23:e7:5e:99:94:00:aa:
6f:38:71:c9:e2:23:c8:1b:9d:51:c6:96:b3:18:d8:
5b:ae:83:31:13:ca:77:a4:dd:23:89:08:8b:3f:4d:
3a:94:5f:59:a6:15:9e:57:4a:b9:14:35:fe:b6:f2:
bc:a5:c5:46:6c:71:83:fd:5e:91:86:80:e7:a1:24:
74:0a:e4:35:40:df:67:ab:8b:22:6d:fc:4c:b1:c8:
46:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:67:91:88:1E:6C:F2:A6:BA:D1:D8:39:C4:C0:E5:10:84:73:BB:17
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A3C97AEBF9F11EFAB076CAC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.200.0/21
Signature Algorithm: sha256WithRSAEncryption
94:4d:9c:b0:58:6f:d4:0e:93:29:b4:e9:07:cd:6c:00:b7:62:
95:4a:f2:55:d9:6f:1b:6a:d5:66:55:4d:60:74:9d:79:ce:b4:
80:44:64:79:4d:79:28:9e:c6:24:7f:5d:ef:48:79:87:c0:d9:
88:2e:6d:9c:62:5a:21:a0:ec:a6:6b:b9:b7:5e:58:61:83:a4:
21:2c:4f:78:16:bb:b9:0a:cb:16:f8:6c:59:2c:ad:74:cb:dd:
52:5a:d5:80:4e:41:d6:85:ce:7b:a1:9a:9f:fa:06:84:3a:40:
23:bc:bd:8c:3f:c9:d5:4c:d3:4e:fe:eb:31:4d:f6:ec:7b:e1:
8f:bb:02:60:21:f6:72:9d:6d:3a:1c:fc:d1:e3:0e:4b:eb:58:
07:63:57:e8:79:fc:67:60:5a:53:a1:35:dd:7a:f5:0a:6a:8d:
a6:7e:d7:dc:ff:7d:95:63:85:74:a2:6a:f8:9a:91:5b:f7:c0:
6c:70:23:65:68:a2:e5:3b:4b:f7:d9:98:84:db:bd:2b:d2:bf:
96:d3:73:4f:45:56:d4:92:46:3c:7f:96:70:0f:a0:50:4d:5e:
8e:c1:54:b0:47:c3:de:7a:34:67:56:bf:5e:3c:ee:5c:11:f2:
38:67:5d:7d:d0:f8:f9:ff:e4:4c:70:eb:e6:e8:0c:d2:53:78:
7c:30:fd:30
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOfKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIxMTMyNzM3WhcNMjUwMTI1MTMyNzM3WjAYMRYw
FAYDVQQDEw02NzY2YzI0ZC04MWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3EtADfwF104VhmOALUKyA4WCBT1x5j9iBbSI79dfwoqGJK+/f0oaQBtB
r6NDq8YqxpOIAOC2cRy0Z0o57ehqIesrV9f/2kk8pBbuecx98kc/1Vj0RU7YfggC
S2T8Bw7VhJvtmDLpH+zq1k7Vu6cDX6rLiNHM8Gm4nzjBm81sGhBFGRKWIzjP2n6W
MYVTVEjVBXO848sjIlvztvx4fg15YsZkHGhxVOLdHroGTiPnXpmUAKpvOHHJ4iPI
G51RxpazGNhbroMxE8p3pN0jiQiLP006lF9ZphWeV0q5FDX+tvK8pcVGbHGD/V6R
hoDnoSR0CuQ1QN9nq4sibfxMschGewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFANn
kYgebPKmutHYOcTA5RCEc7sXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QTNDOTdBRUJGOUYxMUVGQUIwNzZDQUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcbIMA0GCSqGSIb3DQEBCwUA
A4IBAQCUTZywWG/UDpMptOkHzWwAt2KVSvJV2W8batVmVU1gdJ15zrSARGR5TXko
nsYkf13vSHmHwNmILm2cYlohoOyma7m3Xlhhg6QhLE94Fru5CssW+GxZLK10y91S
WtWATkHWhc57oZqf+gaEOkAjvL2MP8nVTNNO/usxTfbse+GPuwJgIfZynW06HPzR
4w5L61gHY1foefxnYFpToTXdevUKao2mftfc/32VY4V0omr4mpFb98BscCNlaKLl
O0v32ZiE270r0r+W03NPRVbUkkY8f5ZwD6BQTV6OwVSwR8PeejRnVr9ePO5cEfI4
Z1190Pj5/+RMcOvm6AzSU3h8MP0w
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:23 2025 by rpki-client