Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68D0AD62F5C511EFAD69FE45762E951A.roa
File: 68D0AD62F5C511EFAD69FE45762E951A.roa (raw, json)
Hash identifier: p7TKeR0Ns0ewy2WTmktQ6SkMqwwRP5gfiGwFgCKYkVE=
Subject key identifier: B9:B9:78:18:12:DE:84:DD:C3:F2:C3:96:E5:E5:95:81:AF:B6:43:59
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013D29
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68D0AD62F5C511EFAD69FE45762E951A.roa
Signing time: Fri 28 Feb 2025 11:16:09 +0000
ROA not before: Fri 28 Feb 2025 11:16:03 +0000
ROA not after: Sun 30 Mar 2025 11:16:03 +0000
asID: 138995
IP address blocks: 45.192.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81193 (0x13d29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 11:16:03 2025 GMT
Not After : Mar 30 11:16:03 2025 GMT
Subject: CN=67c19af9-e1fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ee:00:2d:b9:e6:ad:16:e9:de:b5:ac:bd:15:
0b:69:23:9e:6d:5f:49:5c:95:bc:b2:15:ff:12:b6:
9a:b3:4e:5e:44:72:b3:0e:63:e8:8e:40:98:c5:e7:
e1:49:68:76:5d:55:64:45:fb:86:75:76:cd:d6:0c:
9e:2a:ac:01:1b:61:e4:3b:fc:32:65:d8:1d:c6:f5:
7a:7a:b1:a7:87:60:83:4c:5f:ac:1d:ca:7e:71:8c:
82:f8:d0:19:22:a7:1c:b5:88:8a:1d:2a:af:1f:3c:
3d:56:b8:18:4a:8a:33:3a:59:fc:83:79:89:9b:cd:
7f:f9:ce:11:65:b0:67:64:c7:b2:2c:f9:bc:de:13:
85:29:98:c8:6e:93:4a:c0:23:c4:75:d5:54:9f:56:
95:da:1c:cf:f8:68:05:14:da:d4:11:c4:05:9d:54:
1f:92:c6:05:10:20:2c:45:15:63:23:46:6a:4e:fd:
65:e3:0a:c4:5c:72:56:8d:39:e9:4c:4d:b1:7f:e7:
c5:72:1e:09:29:4e:9d:71:25:40:5d:b6:e4:0d:07:
0a:02:ca:b3:13:70:15:62:28:d3:44:2a:5d:4d:aa:
17:82:f3:8e:5b:3e:43:a2:77:e9:be:96:5c:d1:6f:
d4:33:37:c4:75:45:2c:1d:73:31:24:a7:5d:8b:55:
57:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B9:78:18:12:DE:84:DD:C3:F2:C3:96:E5:E5:95:81:AF:B6:43:59
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68D0AD62F5C511EFAD69FE45762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.220.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:65:b7:c0:ff:77:b5:4e:76:b4:30:ae:80:23:e1:51:34:ed:
2c:b4:49:aa:8a:00:73:0f:2f:9d:57:da:8b:6c:60:eb:e7:80:
eb:f5:8f:bf:4a:66:eb:5d:02:a5:85:7b:65:f8:ad:e6:45:5c:
61:f4:c1:75:ac:fa:b5:e3:26:2a:bc:05:2c:2d:36:6c:ce:03:
97:67:82:af:27:07:11:71:83:8e:1f:f9:e8:23:ea:18:6e:25:
9d:f8:bb:9b:ff:ae:3c:30:62:38:b8:43:41:ab:e3:5c:b2:58:
41:f0:c5:14:5a:ee:c2:b2:1c:b7:09:4c:04:cd:e2:6e:81:88:
dc:63:1e:4d:15:8c:bd:7f:6f:16:4e:e1:c3:8d:db:55:52:ae:
5d:ff:37:16:22:d3:ad:b4:f3:15:8f:a2:c6:1e:d6:6e:2e:23:
7b:0c:87:a3:0e:c0:75:ed:c4:b6:c0:58:d7:6e:b2:a8:ab:b2:
a8:79:5c:91:70:e3:cb:ed:2c:d4:52:8b:87:bc:3f:6e:18:39:
05:96:e3:96:44:2e:c6:e6:bc:60:72:4a:7f:aa:a6:7a:0b:ca:
62:ff:b3:2b:58:7f:1e:e7:79:61:8e:7f:d9:79:5f:98:cb:fe:
a1:c4:53:a6:7e:8e:c8:65:a5:67:8d:14:24:5d:c7:65:40:c9:
6e:ee:d1:a2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT0pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTExNjAzWhcNMjUwMzMwMTExNjAzWjAYMRYw
FAYDVQQDEw02N2MxOWFmOS1lMWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5u4ALbnmrRbp3rWsvRULaSOebV9JXJW8shX/Eraas05eRHKzDmPojkCY
xefhSWh2XVVkRfuGdXbN1gyeKqwBG2HkO/wyZdgdxvV6erGnh2CDTF+sHcp+cYyC
+NAZIqcctYiKHSqvHzw9VrgYSoozOln8g3mJm81/+c4RZbBnZMeyLPm83hOFKZjI
bpNKwCPEddVUn1aV2hzP+GgFFNrUEcQFnVQfksYFECAsRRVjI0ZqTv1l4wrEXHJW
jTnpTE2xf+fFch4JKU6dcSVAXbbkDQcKAsqzE3AVYijTRCpdTaoXgvOOWz5Donfp
vpZc0W/UMzfEdUUsHXMxJKddi1VX5QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLm5
eBgS3oTdw/LDluXllYGvtkNZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OEQwQUQ2MkY1QzUxMUVGQUQ2OUZFNDU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcDcMA0GCSqGSIb3DQEBCwUA
A4IBAQAqZbfA/3e1Tna0MK6AI+FRNO0stEmqigBzDy+dV9qLbGDr54Dr9Y+/Smbr
XQKlhXtl+K3mRVxh9MF1rPq14yYqvAUsLTZszgOXZ4KvJwcRcYOOH/noI+oYbiWd
+Lub/648MGI4uENBq+NcslhB8MUUWu7Cshy3CUwEzeJugYjcYx5NFYy9f28WTuHD
jdtVUq5d/zcWItOttPMVj6LGHtZuLiN7DIejDsB17cS2wFjXbrKoq7KoeVyRcOPL
7SzUUouHvD9uGDkFluOWRC7G5rxgckp/qqZ6C8pi/7MrWH8e53lhjn/ZeV+Yy/6h
xFOmfo7IZaVnjRQkXcdlQMlu7tGi
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:14:21 2025 by rpki-client