Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68F433C4441B11EFAD7CB170762E951A.roa
File: 68F433C4441B11EFAD7CB170762E951A.roa (raw, json)
Hash identifier: T+SlWR4raqSHOW6+AfkOs2Z0Br8IDvF8PjmeSZUThi0=
Subject key identifier: 1D:4F:A7:3D:29:24:4C:2C:AB:71:84:35:8F:56:F6:7F:CA:E9:7A:81
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 9D40
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68F433C4441B11EFAD7CB170762E951A.roa
Signing time: Wed 17 Jul 2024 09:03:19 +0000
ROA not before: Wed 17 Jul 2024 09:03:15 +0000
ROA not after: Sat 27 Jul 2024 09:03:15 +0000
asID: 7018
IP address blocks: 45.202.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40256 (0x9d40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 17 09:03:15 2024 GMT
Not After : Jul 27 09:03:15 2024 GMT
Subject: CN=669788d7-d730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d0:94:a3:f3:a2:7a:c7:ac:93:c2:34:ba:1e:
96:0f:2c:1a:d4:d3:7e:ab:1e:bb:15:0e:c9:6c:be:
33:a9:c2:05:82:af:60:e0:c8:ea:76:81:9f:1c:0a:
a1:f1:d3:f1:32:12:7a:17:71:10:27:83:a7:ce:3d:
eb:de:b9:e1:69:66:47:22:32:7b:f0:b3:d1:1a:7f:
66:4c:8d:86:35:4d:c9:04:5f:14:cf:83:2e:bf:a4:
77:b5:6d:01:ca:4d:11:6e:f3:45:7f:1c:d0:a8:29:
ee:4e:14:5c:d2:08:d8:9a:ba:bb:63:d8:45:88:1a:
0b:12:57:a9:3b:27:9e:79:09:94:6a:3b:bf:6d:01:
6b:6f:91:fa:98:55:b3:f8:bf:77:91:b3:33:96:4f:
98:2e:5e:de:57:54:7f:37:e0:c7:12:84:9e:37:db:
f4:45:d1:0b:fd:09:cf:87:d8:4f:65:9c:c6:11:20:
dd:09:0c:0d:7f:47:d5:7d:62:2d:0a:6b:59:13:5c:
21:7f:9a:ef:aa:81:9d:45:79:c8:5a:45:12:92:ba:
65:95:34:4e:82:00:28:0d:39:ae:7f:c1:d2:13:30:
f4:c8:80:75:5c:10:cb:93:85:5a:c2:e2:5e:89:8a:
85:06:1a:27:bd:5e:00:2d:da:5c:db:cc:f4:5f:7f:
58:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:4F:A7:3D:29:24:4C:2C:AB:71:84:35:8F:56:F6:7F:CA:E9:7A:81
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68F433C4441B11EFAD7CB170762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.0.0/22
Signature Algorithm: sha256WithRSAEncryption
80:75:4a:23:01:65:12:80:d9:a6:68:ee:6e:06:2f:0e:99:3f:
07:18:b3:1d:3f:52:37:ec:90:f3:4e:85:a9:b3:de:f6:86:ef:
4d:f0:e8:8a:72:a5:4a:9c:0d:fe:cc:ac:a8:96:77:5c:6d:d9:
72:2c:66:79:b5:23:b5:47:53:c9:d7:99:eb:5e:44:a1:dd:7f:
f9:90:0b:76:89:81:f2:eb:29:52:f8:8d:81:84:f2:5c:92:f6:
09:82:a0:99:98:c8:46:4b:75:43:16:26:66:e0:c2:5d:78:be:
09:0a:0d:14:a0:29:3b:a0:3a:7c:aa:b5:47:dd:da:9c:8a:ed:
69:8b:9b:89:56:a5:7d:3a:7e:b7:1e:ef:27:8f:f0:08:9c:fd:
b0:23:7f:23:56:ba:fd:5c:26:f2:df:22:05:b0:15:c8:32:7d:
d1:f3:6b:44:13:76:0d:d9:3d:0e:62:be:65:2d:b3:5b:b9:b9:
a4:52:5e:ba:bc:fa:a4:3f:d0:a6:44:4b:ec:bc:bd:63:85:d5:
d4:0d:af:78:4c:40:06:a0:17:8b:26:bc:81:15:c8:64:11:13:
42:48:91:f7:90:98:f9:18:b2:ba:fb:81:6c:9b:33:1a:c0:63:
87:dc:be:85:15:cc:cc:03:30:ab:dd:bd:64:ff:c3:41:04:e0:
62:db:84:27
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ1AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNzE3MDkwMzE1WhcNMjQwNzI3MDkwMzE1WjAYMRYw
FAYDVQQDEw02Njk3ODhkNy1kNzMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzdCUo/Oiesesk8I0uh6WDywa1NN+qx67FQ7JbL4zqcIFgq9g4MjqdoGf
HAqh8dPxMhJ6F3EQJ4Onzj3r3rnhaWZHIjJ78LPRGn9mTI2GNU3JBF8Uz4Muv6R3
tW0Byk0RbvNFfxzQqCnuThRc0gjYmrq7Y9hFiBoLElepOyeeeQmUaju/bQFrb5H6
mFWz+L93kbMzlk+YLl7eV1R/N+DHEoSeN9v0RdEL/QnPh9hPZZzGESDdCQwNf0fV
fWItCmtZE1whf5rvqoGdRXnIWkUSkrpllTROggAoDTmuf8HSEzD0yIB1XBDLk4Va
wuJeiYqFBhonvV4ALdpc28z0X39YIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB1P
pz0pJEwsq3GENY9W9n/K6XqBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OEY0MzNDNDQ0MUIxMUVGQUQ3Q0IxNzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcoAMA0GCSqGSIb3DQEBCwUA
A4IBAQCAdUojAWUSgNmmaO5uBi8OmT8HGLMdP1I37JDzToWps972hu9N8OiKcqVK
nA3+zKyolndcbdlyLGZ5tSO1R1PJ15nrXkSh3X/5kAt2iYHy6ylS+I2BhPJckvYJ
gqCZmMhGS3VDFiZm4MJdeL4JCg0UoCk7oDp8qrVH3dqciu1pi5uJVqV9On63Hu8n
j/AInP2wI38jVrr9XCby3yIFsBXIMn3R82tEE3YN2T0OYr5lLbNbubmkUl66vPqk
P9CmREvsvL1jhdXUDa94TEAGoBeLJryBFchkERNCSJH3kJj5GLK6+4FsmzMawGOH
3L6FFczMAzCr3b1k/8NBBOBi24Qn
-----END CERTIFICATE-----
Generated at Sun Jul 28 03:06:41 2024 by rpki-client on console-fra.rpki-client.org