Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F0170AA3EA011EF8C614B7E762E951A.roa
File: 5F0170AA3EA011EF8C614B7E762E951A.roa (raw, json)
Hash identifier: cpz+i/1+XTkZz+3p1zKctNcwlwdcP3jTNANSxqYDw4w=
Subject key identifier: DD:CF:75:08:47:D5:FC:DA:83:40:46:2C:BE:B4:5D:A0:A2:80:96:F4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9AE7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F0170AA3EA011EF8C614B7E762E951A.roa
Signing time: Wed 10 Jul 2024 09:39:58 +0000
ROA not before: Wed 10 Jul 2024 09:39:55 +0000
ROA not after: Fri 02 Aug 2024 09:39:55 +0000
asID: 141883
IP address blocks: 45.200.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39655 (0x9ae7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 10 09:39:55 2024 GMT
Not After : Aug 2 09:39:55 2024 GMT
Subject: CN=668e56ee-a9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3a:41:a0:cf:f0:bb:b0:a8:cc:d2:4e:9b:aa:
30:54:12:83:d6:be:ba:5e:b7:50:77:38:20:94:3e:
ac:90:04:3b:ae:8b:96:4f:ec:a0:72:b6:26:aa:f3:
c0:2c:4a:7c:7e:e2:df:f3:bb:98:ad:a1:dc:b2:3d:
07:90:62:6a:0b:1b:94:21:db:95:b7:7a:0c:19:9a:
d3:1d:69:24:1b:88:4c:70:00:80:57:b4:94:c4:85:
79:47:af:f3:fe:aa:d3:a6:be:f7:2a:0a:22:ac:c5:
31:98:ad:b3:39:31:54:76:5b:2d:1c:b0:c5:a6:59:
54:2b:6b:7d:be:5e:85:7d:1d:94:5d:b9:f8:f1:78:
bd:15:76:0d:59:7f:64:64:59:b4:ff:83:e4:0e:64:
79:a7:2b:56:b6:64:34:6e:2f:ae:82:49:ad:f1:4b:
9c:c4:45:ec:ef:40:05:3e:e5:2b:75:68:78:f1:bd:
60:6e:e4:f3:a6:78:8e:89:43:96:e1:03:5b:71:59:
56:9c:6b:75:50:72:0e:ac:83:e8:c8:19:7f:db:cd:
64:18:c2:a9:6c:2b:f9:7e:c5:78:9f:f0:ef:2a:40:
8e:2d:ca:b6:0d:35:dd:22:1a:6a:74:82:1f:60:25:
00:ea:a2:78:1c:cf:10:8c:b5:8b:b4:34:82:02:48:
97:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:CF:75:08:47:D5:FC:DA:83:40:46:2C:BE:B4:5D:A0:A2:80:96:F4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F0170AA3EA011EF8C614B7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.20.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:d2:52:8d:18:ef:09:28:10:c9:25:1c:76:4b:fd:70:9d:23:
04:71:8c:a7:bd:c7:75:56:7b:19:05:79:46:13:6f:59:5c:be:
af:e0:6b:54:cb:c9:5f:be:22:92:17:64:c1:e2:f9:be:dc:ae:
a2:93:06:cc:d4:8f:52:ba:fc:25:38:1a:e0:aa:bd:fa:c2:b5:
83:2b:b9:ce:52:8b:81:ac:b3:26:75:f3:ac:35:ad:c9:6c:75:
0d:24:f4:f0:6e:d5:e1:ec:14:a9:10:3e:ef:95:b8:72:0d:d6:
9b:60:5a:37:c3:bc:0b:ce:63:2b:f9:49:10:cf:a3:dd:6a:5d:
78:5d:ca:6e:77:ef:87:95:1a:d9:3f:1d:ad:fe:6a:66:4e:16:
62:67:13:9a:84:34:5b:3c:94:a1:cd:df:f3:ae:1d:51:0d:17:
8e:a0:c6:69:91:46:92:d2:e8:fd:f3:01:ed:4b:c1:dd:74:2f:
9d:26:52:77:da:8a:6e:9d:2c:e6:66:68:ce:ac:a4:d2:8f:d0:
29:e5:cf:d3:83:ee:63:d5:2a:c3:7f:c7:ea:6e:03:7b:1c:ee:
1f:86:2a:9d:de:94:ef:1a:f8:ce:50:55:08:53:b7:86:9f:0f:
ce:df:ec:4c:d0:2c:b4:9e:48:db:2a:12:bc:dc:73:7f:6f:03:
bd:73:24:89
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJrnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzEwMDkzOTU1WhcNMjQwODAyMDkzOTU1WjAYMRYw
FAYDVQQDEw02NjhlNTZlZS1hOWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzTpBoM/wu7CozNJOm6owVBKD1r66XrdQdzgglD6skAQ7rouWT+ygcrYm
qvPALEp8fuLf87uYraHcsj0HkGJqCxuUIduVt3oMGZrTHWkkG4hMcACAV7SUxIV5
R6/z/qrTpr73KgoirMUxmK2zOTFUdlstHLDFpllUK2t9vl6FfR2UXbn48Xi9FXYN
WX9kZFm0/4PkDmR5pytWtmQ0bi+ugkmt8UucxEXs70AFPuUrdWh48b1gbuTzpniO
iUOW4QNbcVlWnGt1UHIOrIPoyBl/281kGMKpbCv5fsV4n/DvKkCOLcq2DTXdIhpq
dIIfYCUA6qJ4HM8QjLWLtDSCAkiXAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN3P
dQhH1fzag0BGLL60XaCigJb0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RjAxNzBBQTNFQTAxMUVGOEM2MTRCN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcgUMA0GCSqGSIb3DQEBCwUA
A4IBAQB60lKNGO8JKBDJJRx2S/1wnSMEcYynvcd1VnsZBXlGE29ZXL6v4GtUy8lf
viKSF2TB4vm+3K6ikwbM1I9SuvwlOBrgqr36wrWDK7nOUouBrLMmdfOsNa3JbHUN
JPTwbtXh7BSpED7vlbhyDdabYFo3w7wLzmMr+UkQz6Pdal14Xcpud++HlRrZPx2t
/mpmThZiZxOahDRbPJShzd/zrh1RDReOoMZpkUaS0uj98wHtS8HddC+dJlJ32opu
nSzmZmjOrKTSj9Ap5c/Tg+5j1SrDf8fqbgN7HO4fhiqd3pTvGvjOUFUIU7eGnw/O
3+xM0Cy0nkjbKhK83HN/bwO9cySJ
-----END CERTIFICATE-----
Generated at Fri Aug 2 12:06:48 2024 by rpki-client on console-fra.rpki-client.org