Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86AF23ACBD0F11EFA777EE97762E951A.roa
File: 86AF23ACBD0F11EFA777EE97762E951A.roa (raw, json)
Hash identifier: C0fLbqf6zJRAqzW+lPB8jTCvtm7VHWOV3uFmEVLszVM=
Subject key identifier: 9A:D9:AC:5E:29:CA:15:6A:0B:E4:95:A1:AD:4A:E9:3D:7B:AE:20:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E470
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86AF23ACBD0F11EFA777EE97762E951A.roa
Signing time: Wed 18 Dec 2024 07:13:05 +0000
ROA not before: Wed 18 Dec 2024 07:13:02 +0000
ROA not after: Thu 23 Jan 2025 07:13:02 +0000
asID: 7018
IP address blocks: 45.202.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58480 (0xe470)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 18 07:13:02 2024 GMT
Not After : Jan 23 07:13:02 2025 GMT
Subject: CN=67627601-2a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7a:d1:72:59:a7:eb:0e:c1:33:f8:bb:3b:6f:
a7:fc:84:f3:06:91:d7:96:56:96:be:b1:75:66:04:
bd:b6:63:24:e8:e0:c4:67:90:f0:29:69:9a:ab:2f:
8d:11:19:a5:a0:16:ca:ea:ab:cb:6f:67:cd:90:ef:
70:f4:8a:6e:30:38:b5:46:51:c9:83:95:91:8d:db:
1d:46:a0:49:a0:f2:03:6b:db:28:ba:ca:ab:53:60:
f0:fc:e4:6e:cf:7b:8a:00:82:51:7b:b7:aa:70:a4:
e5:87:6a:57:29:d5:81:c4:23:0a:ee:0c:cb:8b:c3:
39:c1:c8:c2:ca:25:f7:a0:50:fa:3b:4e:63:bf:88:
41:1e:ad:2a:29:4f:19:1e:e6:52:62:80:7b:a1:e6:
5d:70:a9:d1:35:4f:09:02:ab:0c:39:7e:14:64:8b:
ed:de:05:11:95:21:05:c6:05:bf:03:91:6f:67:c8:
5d:d6:11:81:57:df:ad:05:23:34:ae:cb:51:95:03:
0e:a2:2e:b6:45:25:27:cd:e3:72:f3:3f:ef:98:be:
81:8e:7c:bb:9e:32:db:65:b1:21:ce:6c:11:60:0d:
c4:79:0f:b5:92:b9:d2:70:2e:f4:8a:9d:bf:b9:7e:
e6:ff:a4:fe:f4:25:e3:21:07:e6:03:17:02:33:53:
2c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D9:AC:5E:29:CA:15:6A:0B:E4:95:A1:AD:4A:E9:3D:7B:AE:20:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86AF23ACBD0F11EFA777EE97762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.74.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:4c:99:5b:f0:0e:67:65:14:57:41:8f:81:53:5e:99:c3:f8:
db:56:c5:ac:e1:b6:11:bd:64:5a:f6:47:84:75:c2:e2:8f:e4:
66:66:c6:34:b7:4e:21:41:2b:be:9d:7c:29:24:4d:75:d5:be:
97:bb:12:28:6d:52:5d:c6:30:b4:bb:b6:42:2a:7f:7c:3a:80:
8e:42:b9:c6:86:d5:ee:8e:2c:af:ba:94:35:cb:d6:00:13:d9:
49:24:6c:52:eb:0e:74:54:f1:b3:5f:ae:2d:13:62:0e:78:04:
7f:4c:db:f3:c1:2c:95:c9:93:9a:8b:2c:eb:f9:36:86:c9:a2:
26:18:f9:25:87:8e:1e:d3:66:58:f6:be:0d:ed:dc:9b:e4:15:
07:b3:3c:26:cc:7e:ef:b7:d3:be:18:9e:91:6f:3a:ec:92:86:
c3:fc:85:49:df:86:c9:01:9c:b7:d3:24:7b:96:e8:93:d5:26:
84:3b:d2:ca:29:3b:32:0a:87:ed:b1:5a:f9:45:30:c1:20:88:
61:81:b2:6b:6f:9a:b3:34:ae:28:a2:44:5d:e4:05:34:36:0f:
6a:0e:51:28:8a:95:2b:f9:56:1b:26:63:f6:b3:37:c1:62:ff:
67:13:a8:86:45:c3:0f:7d:d9:33:cb:95:06:ea:84:5c:f8:8b:
f3:d8:96:59
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAORwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE4MDcxMzAyWhcNMjUwMTIzMDcxMzAyWjAYMRYw
FAYDVQQDEw02NzYyNzYwMS0yYTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArXrRclmn6w7BM/i7O2+n/ITzBpHXllaWvrF1ZgS9tmMk6ODEZ5DwKWma
qy+NERmloBbK6qvLb2fNkO9w9IpuMDi1RlHJg5WRjdsdRqBJoPIDa9sousqrU2Dw
/ORuz3uKAIJRe7eqcKTlh2pXKdWBxCMK7gzLi8M5wcjCyiX3oFD6O05jv4hBHq0q
KU8ZHuZSYoB7oeZdcKnRNU8JAqsMOX4UZIvt3gURlSEFxgW/A5FvZ8hd1hGBV9+t
BSM0rstRlQMOoi62RSUnzeNy8z/vmL6Bjny7njLbZbEhzmwRYA3EeQ+1krnScC70
ip2/uX7m/6T+9CXjIQfmAxcCM1MsEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJrZ
rF4pyhVqC+SVoa1K6T17riCyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NkFGMjNBQ0JEMEYxMUVGQTc3N0VFOTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcpKMA0GCSqGSIb3DQEBCwUA
A4IBAQCcTJlb8A5nZRRXQY+BU16Zw/jbVsWs4bYRvWRa9keEdcLij+RmZsY0t04h
QSu+nXwpJE111b6XuxIobVJdxjC0u7ZCKn98OoCOQrnGhtXujiyvupQ1y9YAE9lJ
JGxS6w50VPGzX64tE2IOeAR/TNvzwSyVyZOaiyzr+TaGyaImGPklh44e02ZY9r4N
7dyb5BUHszwmzH7vt9O+GJ6RbzrskobD/IVJ34bJAZy30yR7luiT1SaEO9LKKTsy
CoftsVr5RTDBIIhhgbJrb5qzNK4ookRd5AU0Ng9qDlEoipUr+VYbJmP2szfBYv9n
E6iGRcMPfdkzy5UG6oRc+Ivz2JZZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:29 2025 by rpki-client