Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D66F09CCCD211EF9A986989762E951A.roa
File: 5D66F09CCCD211EF9A986989762E951A.roa (raw, json)
Hash identifier: vDvHnbnQhNp1ZTePFJQPVbSsZO54hca+QMFoYEYTEuM=
Subject key identifier: 27:98:24:59:7C:FA:91:D4:C6:81:3B:B2:80:7B:52:A5:06:23:60:AE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FADB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D66F09CCCD211EF9A986989762E951A.roa
Signing time: Tue 07 Jan 2025 08:35:35 +0000
ROA not before: Tue 07 Jan 2025 08:35:32 +0000
ROA not after: Tue 04 Feb 2025 08:35:32 +0000
asID: 39600
IP address blocks: 45.195.156.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64219 (0xfadb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:35:32 2025 GMT
Not After : Feb 4 08:35:32 2025 GMT
Subject: CN=677ce757-0301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ce:4b:bd:83:f6:19:d8:ce:3e:c7:20:70:ca:
50:17:42:48:cb:d2:48:9a:0c:50:6a:e8:cc:92:48:
95:9a:55:dc:04:02:c0:2f:f3:3f:c5:7d:50:05:d8:
ee:c8:4b:6b:6d:92:a5:dd:e1:94:92:f7:f6:8e:d1:
1f:79:01:45:4d:2d:d0:6f:e5:a1:2e:7d:91:dd:f4:
1d:f5:55:62:a2:5e:b0:87:fb:01:26:25:47:1e:c7:
e9:36:e4:f8:23:db:5f:f4:49:f0:03:e9:9d:a8:4b:
81:c7:24:b7:bc:5a:7c:87:8f:5e:f7:4a:36:2a:ed:
90:de:f1:64:8f:12:b6:02:d0:86:fc:1b:e7:13:cb:
ac:62:17:20:07:25:c2:2f:ab:2b:1a:f8:36:87:91:
16:59:49:68:f3:4f:76:05:ed:ea:f3:cc:56:00:14:
3c:03:24:32:28:33:bd:70:06:82:16:6f:e6:67:22:
4a:03:33:d8:51:55:94:ae:8f:db:69:2a:7f:e3:88:
f6:b0:0b:5b:59:6c:5e:79:88:60:bb:4b:04:2b:9f:
78:6a:a3:61:2f:7b:5d:b6:f2:aa:91:5e:45:5c:22:
38:75:b5:a5:ca:8b:8d:fb:92:20:3b:1b:bd:ee:3e:
e2:1b:28:6b:b3:04:b9:54:36:08:0c:fb:6c:f5:6d:
5c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:98:24:59:7C:FA:91:D4:C6:81:3B:B2:80:7B:52:A5:06:23:60:AE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D66F09CCCD211EF9A986989762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.156.0/22
Signature Algorithm: sha256WithRSAEncryption
56:97:fa:79:bf:0a:8a:9c:bb:8a:8d:cc:ca:3b:3b:4c:af:67:
33:b5:46:61:35:a3:ac:89:5d:71:7d:eb:4a:90:49:be:cb:be:
a4:44:35:db:61:75:b3:a2:c6:82:fd:bf:f5:64:d9:84:42:c6:
a3:a5:55:b1:6d:37:f2:47:f9:57:05:5b:b6:ed:d9:97:9b:00:
ef:53:cc:c0:ec:ca:a6:8b:52:42:d9:29:39:b0:ad:2d:53:05:
e1:98:64:a1:dc:12:62:a2:63:26:03:a1:a9:7b:6a:2e:e0:85:
ea:4a:f1:0a:92:7e:c1:c3:a1:2e:2d:bd:8f:88:8a:3c:5a:65:
b9:2a:25:3c:7d:84:32:45:9a:68:a2:4a:7b:47:20:22:4f:e7:
fc:21:08:1a:7d:17:6b:86:0c:98:39:72:03:e0:e4:b3:02:6d:
cd:4c:0c:b1:6c:c3:a7:b9:9b:95:a9:03:9e:74:0c:4c:d8:de:
0c:9d:d5:0c:e2:87:57:d0:0a:4c:b2:1e:1b:7e:56:95:4b:09:
da:ae:7a:52:08:f2:1c:9b:ff:d7:23:68:41:fe:4a:45:88:1b:
7e:5d:1b:fd:74:7a:9e:f5:7f:b4:72:05:68:5b:bb:37:6b:74:
43:a0:74:2c:fd:c5:a4:b9:36:6e:97:72:73:0a:75:64:27:e6:
2a:e0:40:81
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPrbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDgzNTMyWhcNMjUwMjA0MDgzNTMyWjAYMRYw
FAYDVQQDEw02NzdjZTc1Ny0wMzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4s5LvYP2GdjOPscgcMpQF0JIy9JImgxQaujMkkiVmlXcBALAL/M/xX1Q
BdjuyEtrbZKl3eGUkvf2jtEfeQFFTS3Qb+WhLn2R3fQd9VViol6wh/sBJiVHHsfp
NuT4I9tf9EnwA+mdqEuBxyS3vFp8h49e90o2Ku2Q3vFkjxK2AtCG/BvnE8usYhcg
ByXCL6srGvg2h5EWWUlo8092Be3q88xWABQ8AyQyKDO9cAaCFm/mZyJKAzPYUVWU
ro/baSp/44j2sAtbWWxeeYhgu0sEK594aqNhL3tdtvKqkV5FXCI4dbWlyouN+5Ig
Oxu97j7iGyhrswS5VDYIDPts9W1cKQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCeY
JFl8+pHUxoE7soB7UqUGI2CuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RDY2RjA5Q0NDRDIxMUVGOUE5ODY5ODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcOcMA0GCSqGSIb3DQEBCwUA
A4IBAQBWl/p5vwqKnLuKjczKOztMr2cztUZhNaOsiV1xfetKkEm+y76kRDXbYXWz
osaC/b/1ZNmEQsajpVWxbTfyR/lXBVu27dmXmwDvU8zA7Mqmi1JC2Sk5sK0tUwXh
mGSh3BJiomMmA6Gpe2ou4IXqSvEKkn7Bw6EuLb2PiIo8WmW5KiU8fYQyRZpookp7
RyAiT+f8IQgafRdrhgyYOXID4OSzAm3NTAyxbMOnuZuVqQOedAxM2N4MndUM4odX
0ApMsh4bflaVSwnarnpSCPIcm//XI2hB/kpFiBt+XRv9dHqe9X+0cgVoW7s3a3RD
oHQs/cWkuTZul3JzCnVkJ+Yq4ECB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:02 2025 by rpki-client