Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/667BDA2CCF3811EF8777F15B762E951A.roa
File: 667BDA2CCF3811EF8777F15B762E951A.roa (raw, json)
Hash identifier: vE6rRJz3XDV3amyYiDCgHAPyTG6UFeIiDtV1fDpbves=
Subject key identifier: 8F:25:2C:4C:31:E2:4E:9F:CF:59:5F:21:E7:4E:B9:55:F2:14:4D:FE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01053D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/667BDA2CCF3811EF8777F15B762E951A.roa
Signing time: Fri 10 Jan 2025 09:51:02 +0000
ROA not before: Fri 10 Jan 2025 09:50:58 +0000
ROA not after: Sat 01 Feb 2025 09:50:58 +0000
asID: 39600
IP address blocks: 45.194.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66877 (0x1053d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 09:50:58 2025 GMT
Not After : Feb 1 09:50:58 2025 GMT
Subject: CN=6780ed86-92d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:92:25:96:b2:44:52:5b:bb:21:e3:00:f4:50:
fe:9c:fa:9a:9b:33:6f:c1:b4:04:e8:32:e7:7c:4b:
7d:14:d9:67:b1:ea:07:0e:b8:cb:2b:43:ce:bb:7b:
7e:c1:c2:a7:09:d0:92:f4:5b:c6:26:1d:49:32:d6:
64:0a:83:d0:52:06:7f:bc:90:53:5c:50:9c:3f:23:
ae:4b:0f:dc:06:8b:5a:75:a1:40:97:54:10:3e:4c:
92:4d:84:a6:7e:40:37:30:df:59:76:8f:b6:9f:41:
2b:a7:39:86:33:62:b0:f6:fe:82:33:a9:c8:d7:c9:
0a:b4:38:c2:0d:b4:5d:f7:1e:68:6c:65:70:32:19:
c7:d3:91:8a:0c:49:f2:60:d6:e7:3c:68:d5:72:7b:
85:20:78:05:7c:dc:fa:24:3d:34:a4:e4:f2:48:f6:
b0:f0:e5:b5:88:b5:63:f4:ef:61:bb:6e:7b:fa:6d:
67:1b:0d:70:72:2b:9f:f1:e1:8b:97:b9:06:46:a3:
9b:b8:2f:61:70:6a:75:d9:1e:82:d7:cf:cd:25:74:
76:cf:7a:32:ac:36:a9:f2:12:7e:23:0c:90:c3:1c:
a5:5f:f3:3b:c7:31:31:45:3b:6b:78:9d:f3:6a:04:
42:da:59:1e:2d:82:b9:e5:cd:5d:5e:ea:78:2c:be:
e7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:25:2C:4C:31:E2:4E:9F:CF:59:5F:21:E7:4E:B9:55:F2:14:4D:FE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/667BDA2CCF3811EF8777F15B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.64.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:c0:a0:5d:5b:23:78:7a:5d:d0:6b:a9:6b:e0:68:8c:8c:48:
56:67:7a:24:17:bf:7e:af:ad:50:a6:0e:4c:8e:ef:5d:1d:7d:
a7:32:96:ba:29:13:0d:93:51:50:99:84:72:e2:6c:18:2d:9e:
08:b6:7b:8f:d3:18:2d:94:fc:bf:24:a7:55:46:03:97:ca:cc:
2f:c2:8f:6b:89:aa:cd:9d:be:81:18:23:f7:52:cc:bd:4f:1a:
10:0a:a3:89:45:4a:0d:22:bb:b6:26:4b:62:17:f2:bc:ba:a6:
55:97:76:f7:13:d0:a1:77:28:62:21:6a:78:db:e4:f5:c2:c7:
11:04:5a:70:52:e3:55:28:dd:7d:18:00:f2:d1:56:c4:4a:ce:
67:40:e4:a7:3a:ce:c7:a0:59:f2:4d:8f:4b:2d:21:00:ae:59:
32:dd:51:8c:99:bd:4d:36:09:ea:0e:62:6b:2f:f2:2b:97:fb:
e7:c4:d7:af:d2:f6:38:d2:ef:83:01:af:f0:ef:10:db:50:27:
21:ea:f1:3b:1d:32:31:f3:26:83:7b:a9:7d:b1:13:c4:79:7d:
23:ea:13:c0:2a:9b:00:29:4b:e2:11:bb:e1:2b:04:db:51:3b:
b6:b7:89:af:b0:c4:e0:95:2e:88:d1:51:ac:dd:5d:fa:00:7d:
96:04:17:d2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQU9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDk1MDU4WhcNMjUwMjAxMDk1MDU4WjAYMRYw
FAYDVQQDEw02NzgwZWQ4Ni05MmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxZIllrJEUlu7IeMA9FD+nPqamzNvwbQE6DLnfEt9FNlnseoHDrjLK0PO
u3t+wcKnCdCS9FvGJh1JMtZkCoPQUgZ/vJBTXFCcPyOuSw/cBotadaFAl1QQPkyS
TYSmfkA3MN9Zdo+2n0ErpzmGM2Kw9v6CM6nI18kKtDjCDbRd9x5obGVwMhnH05GK
DEnyYNbnPGjVcnuFIHgFfNz6JD00pOTySPaw8OW1iLVj9O9hu257+m1nGw1wciuf
8eGLl7kGRqObuC9hcGp12R6C18/NJXR2z3oyrDap8hJ+IwyQwxylX/M7xzExRTtr
eJ3zagRC2lkeLYK55c1dXup4LL7nTwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI8l
LEwx4k6fz1lfIedOuVXyFE3+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NjdCREEyQ0NGMzgxMUVGODc3N0YxNUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcJAMA0GCSqGSIb3DQEBCwUA
A4IBAQBrwKBdWyN4el3Qa6lr4GiMjEhWZ3okF79+r61Qpg5Mju9dHX2nMpa6KRMN
k1FQmYRy4mwYLZ4ItnuP0xgtlPy/JKdVRgOXyswvwo9riarNnb6BGCP3Usy9TxoQ
CqOJRUoNIru2JktiF/K8uqZVl3b3E9ChdyhiIWp42+T1wscRBFpwUuNVKN19GADy
0VbESs5nQOSnOs7HoFnyTY9LLSEArlky3VGMmb1NNgnqDmJrL/Irl/vnxNev0vY4
0u+DAa/w7xDbUCch6vE7HTIx8yaDe6l9sRPEeX0j6hPAKpsAKUviEbvhKwTbUTu2
t4mvsMTglS6I0VGs3V36AH2WBBfS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:55 2025 by rpki-client