Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/835B56BCF5B811EF87E01B6F762E951A.roa
File: 835B56BCF5B811EF87E01B6F762E951A.roa (raw, json)
Hash identifier: IzT6GP1UacmHzH+OPoXfffgXZ3eqlVjAxYcKZNhYJPY=
Subject key identifier: 12:36:D1:B4:B5:6A:58:73:CE:4A:09:3D:56:FA:86:88:5A:C3:B5:A1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013CF5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/835B56BCF5B811EF87E01B6F762E951A.roa
Signing time: Fri 28 Feb 2025 09:43:50 +0000
ROA not before: Fri 28 Feb 2025 09:43:46 +0000
ROA not after: Mon 31 Mar 2025 09:43:46 +0000
asID: 54600
IP address blocks: 45.203.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81141 (0x13cf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Feb 28 09:43:46 2025 GMT
Not After : Mar 31 09:43:46 2025 GMT
Subject: CN=67c18556-a52e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:03:91:69:88:d3:4a:b9:21:61:2f:3b:dc:b3:
c4:1d:72:f0:43:2a:ea:29:41:8b:86:b3:3e:0c:dc:
cf:ae:21:7c:30:6c:04:60:08:fc:90:e7:67:89:d8:
e1:a6:ee:82:3a:79:c5:14:37:2c:c5:be:a9:57:78:
c2:7c:0e:72:98:3d:e2:55:16:82:6e:9e:19:9c:5f:
1c:d2:a7:2b:b8:2a:2c:34:3a:f4:4b:3c:1d:02:fb:
db:66:c7:8f:69:9e:a0:e5:26:bd:02:0d:3a:94:61:
e4:6b:3e:f5:37:48:c5:0b:8d:c1:97:8b:33:8f:93:
37:cb:d6:ba:33:f6:2f:9a:3b:06:9b:83:7f:b6:6c:
62:f5:98:19:0f:4e:05:c7:5c:57:6c:44:bb:9c:b4:
2a:81:75:6e:89:8a:0c:78:3d:5d:e0:3c:8c:fd:3b:
b2:73:0b:d0:da:fd:00:b4:14:37:d8:87:2d:13:99:
27:1a:df:98:5f:61:e6:96:e7:4a:80:7b:14:81:13:
e8:cf:e8:fa:16:df:68:cb:5b:48:f4:be:00:1f:a0:
5a:02:68:7c:ad:a2:7d:7b:95:d1:ea:aa:74:bf:f1:
03:e1:43:56:95:a3:7c:28:8c:13:89:43:3a:33:52:
15:56:e3:0f:49:7c:37:a2:ae:1e:64:01:28:33:b6:
1f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:36:D1:B4:B5:6A:58:73:CE:4A:09:3D:56:FA:86:88:5A:C3:B5:A1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/835B56BCF5B811EF87E01B6F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.224.0/20
Signature Algorithm: sha256WithRSAEncryption
89:46:6d:9e:19:52:bd:70:02:4b:92:8e:aa:b6:1a:88:52:2f:
29:bf:d2:77:d8:4f:27:fd:a1:45:b9:6e:21:e0:06:2d:3d:8f:
53:17:3a:cb:78:b9:48:a7:8f:cf:ce:e2:b2:95:5f:f3:c5:c9:
55:81:bb:60:0b:42:c6:e8:92:19:c8:d0:64:81:76:63:09:2d:
ad:69:c0:42:ee:87:77:44:4c:96:5c:92:68:0e:a5:c6:ec:49:
7f:f4:47:91:03:d3:94:52:ba:14:d3:d4:1b:d9:8d:64:99:d1:
4a:24:6b:42:0f:3b:74:a4:8c:88:8d:e0:91:01:e1:f1:d8:3e:
36:c8:0d:52:c8:02:70:0f:17:93:ee:50:ff:e2:87:e9:57:ab:
72:a7:64:7e:30:0b:a5:57:65:cd:60:7a:4d:92:cd:19:03:b1:
a9:ac:7c:22:9a:c4:98:c5:c8:d3:69:7b:ef:bc:22:bb:6d:c2:
9f:32:b4:e0:28:d6:66:41:3f:48:b3:ba:78:74:e1:3c:78:98:
3b:81:1b:2f:7e:88:8f:4c:11:0b:c8:26:8c:49:d9:ab:07:23:
8d:2d:a2:85:df:33:ae:f0:a9:86:c9:bb:cd:92:96:64:89:29:
a7:84:46:ff:04:ae:b8:73:dc:39:70:37:1f:eb:04:75:01:e5:
e0:a6:72:ef
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATz1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MDk0MzQ2WhcNMjUwMzMxMDk0MzQ2WjAYMRYw
FAYDVQQDEw02N2MxODU1Ni1hNTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnQORaYjTSrkhYS873LPEHXLwQyrqKUGLhrM+DNzPriF8MGwEYAj8kOdn
idjhpu6COnnFFDcsxb6pV3jCfA5ymD3iVRaCbp4ZnF8c0qcruCosNDr0SzwdAvvb
ZsePaZ6g5Sa9Ag06lGHkaz71N0jFC43Bl4szj5M3y9a6M/YvmjsGm4N/tmxi9ZgZ
D04Fx1xXbES7nLQqgXVuiYoMeD1d4DyM/TuycwvQ2v0AtBQ32IctE5knGt+YX2Hm
ludKgHsUgRPoz+j6Ft9oy1tI9L4AH6BaAmh8raJ9e5XR6qp0v/ED4UNWlaN8KIwT
iUM6M1IVVuMPSXw3oq4eZAEoM7YfpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBI2
0bS1alhzzkoJPVb6hohaw7WhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MzVCNTZCQ0Y1QjgxMUVGODdFMDFCNkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcvgMA0GCSqGSIb3DQEBCwUA
A4IBAQCJRm2eGVK9cAJLko6qthqIUi8pv9J32E8n/aFFuW4h4AYtPY9TFzrLeLlI
p4/PzuKylV/zxclVgbtgC0LG6JIZyNBkgXZjCS2tacBC7od3REyWXJJoDqXG7El/
9EeRA9OUUroU09Qb2Y1kmdFKJGtCDzt0pIyIjeCRAeHx2D42yA1SyAJwDxeT7lD/
4ofpV6typ2R+MAulV2XNYHpNks0ZA7GprHwimsSYxcjTaXvvvCK7bcKfMrTgKNZm
QT9Is7p4dOE8eJg7gRsvfoiPTBELyCaMSdmrByONLaKF3zOu8KmGybvNkpZkiSmn
hEb/BK64c9w5cDcf6wR1AeXgpnLv
-----END CERTIFICATE-----
Generated at Fri May 9 09:59:51 2025 by rpki-client