Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E95F3CCF5B811EF9C59156F762E951A.roa
File: 6E95F3CCF5B811EF9C59156F762E951A.roa (raw, json)
Hash identifier: 7NVEXuHdcQ7I0QPA83F3QzUczSN5w8C8kD1J/guWewM=
Subject key identifier: AA:D9:F6:45:D8:6C:DF:D9:01:28:C4:F9:BD:26:D4:09:67:E5:3E:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013CF3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E95F3CCF5B811EF9C59156F762E951A.roa
Signing time: Fri 28 Feb 2025 09:43:15 +0000
ROA not before: Fri 28 Feb 2025 09:43:11 +0000
ROA not after: Mon 31 Mar 2025 09:43:11 +0000
asID: 54600
IP address blocks: 45.203.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81139 (0x13cf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 28 09:43:11 2025 GMT
Not After : Mar 31 09:43:11 2025 GMT
Subject: CN=67c18533-fffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:79:5e:4f:89:af:5d:18:7e:00:d0:19:bd:7e:
cb:cc:ca:05:54:74:42:e7:52:ee:9f:48:dd:86:d7:
15:f2:ba:4b:9a:a0:69:0c:bc:f1:3d:19:df:be:98:
2d:16:38:18:b2:70:73:32:4a:cb:52:ef:20:03:e3:
52:67:72:9a:fb:2a:35:ce:2a:64:c6:0f:56:a8:de:
88:e5:cb:a6:67:33:7e:c4:38:2e:d2:4a:b6:08:ff:
fc:27:0e:3c:19:8b:0e:f4:83:3a:b0:48:07:38:11:
39:64:b7:34:11:71:55:f1:8b:22:ed:4e:4d:5c:4f:
de:81:76:b2:24:90:d8:b2:09:e9:9a:0a:01:84:33:
af:1c:b8:5f:ba:32:d9:66:d0:65:60:89:8f:93:5c:
cc:b4:19:b5:f4:5c:ff:3e:05:11:ba:fb:b7:9a:93:
2f:14:fc:93:b1:c0:08:d8:ab:d9:39:22:84:a3:2f:
38:ca:01:84:e3:57:50:d6:11:e0:87:18:98:aa:17:
ed:61:70:3d:1a:5f:5c:8c:46:30:61:71:9c:3b:38:
9e:80:2b:92:38:bf:e2:dd:98:38:e7:60:e6:4b:2a:
2e:9c:5d:86:03:93:46:c8:11:43:ba:20:37:54:53:
5f:93:95:82:da:4e:0c:8a:5f:55:73:6e:ab:1f:df:
9e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D9:F6:45:D8:6C:DF:D9:01:28:C4:F9:BD:26:D4:09:67:E5:3E:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6E95F3CCF5B811EF9C59156F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.224.0/20
Signature Algorithm: sha256WithRSAEncryption
7d:d2:d3:29:e1:ce:6d:66:ed:e3:50:e0:1a:a3:7b:25:e8:70:
c4:13:87:d7:1c:95:83:5d:9b:0d:49:e4:23:1a:6c:78:0a:be:
c0:13:48:f3:4e:29:5d:c2:af:59:4a:67:ea:9b:0b:1d:00:ba:
04:b2:f9:2e:6c:a1:e5:4b:08:5a:c3:e8:fe:bb:2a:1c:fb:d1:
ef:75:aa:eb:d1:f4:d7:87:8c:40:72:bf:76:3b:51:2c:81:4d:
c7:50:a7:b2:09:71:50:49:a1:5d:2c:d8:b7:01:27:7e:86:9a:
06:37:24:82:f7:b3:50:56:e5:02:65:57:fe:7e:9f:b1:9e:3d:
52:14:e3:bd:c9:9e:42:93:80:20:98:89:4a:22:8d:7d:6f:1b:
36:42:87:28:19:fc:05:e6:18:ad:9e:06:52:15:e8:69:47:9b:
6e:b5:87:ee:50:44:7f:82:37:00:69:57:0c:27:56:05:da:69:
b9:58:9c:50:73:90:c4:4b:a0:67:23:71:2a:42:f8:a1:e7:0c:
b9:79:f6:63:e1:84:f9:0d:98:35:e4:0e:14:1b:a1:08:58:bd:
27:2c:cb:db:ce:26:e8:2b:b6:89:74:8c:57:e6:6d:01:36:2d:
16:04:5d:7d:e1:58:40:f9:50:b4:a6:70:d9:e6:c8:63:0b:bb:
3a:f7:ce:42
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATzzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MDk0MzExWhcNMjUwMzMxMDk0MzExWjAYMRYw
FAYDVQQDEw02N2MxODUzMy1mZmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1HleT4mvXRh+ANAZvX7LzMoFVHRC51Lun0jdhtcV8rpLmqBpDLzxPRnf
vpgtFjgYsnBzMkrLUu8gA+NSZ3Ka+yo1zipkxg9WqN6I5cumZzN+xDgu0kq2CP/8
Jw48GYsO9IM6sEgHOBE5ZLc0EXFV8Ysi7U5NXE/egXayJJDYsgnpmgoBhDOvHLhf
ujLZZtBlYImPk1zMtBm19Fz/PgURuvu3mpMvFPyTscAI2KvZOSKEoy84ygGE41dQ
1hHghxiYqhftYXA9Gl9cjEYwYXGcOziegCuSOL/i3Zg452DmSyounF2GA5NGyBFD
uiA3VFNfk5WC2k4Mil9Vc26rH9+eewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKrZ
9kXYbN/ZASjE+b0m1Aln5T6LMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RTk1RjNDQ0Y1QjgxMUVGOUM1OTE1NkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcvgMA0GCSqGSIb3DQEBCwUA
A4IBAQB90tMp4c5tZu3jUOAao3sl6HDEE4fXHJWDXZsNSeQjGmx4Cr7AE0jzTild
wq9ZSmfqmwsdALoEsvkubKHlSwhaw+j+uyoc+9Hvdarr0fTXh4xAcr92O1EsgU3H
UKeyCXFQSaFdLNi3ASd+hpoGNySC97NQVuUCZVf+fp+xnj1SFOO9yZ5Ck4AgmIlK
Io19bxs2QocoGfwF5hitngZSFehpR5tutYfuUER/gjcAaVcMJ1YF2mm5WJxQc5DE
S6BnI3EqQvih5wy5efZj4YT5DZg15A4UG6EIWL0nLMvbziboK7aJdIxX5m0BNi0W
BF194VhA+VC0pnDZ5shjC7s6985C
-----END CERTIFICATE-----
Generated at Fri May 9 14:04:10 2025 by rpki-client