Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F43380CC47411EFB5FD3B5C762E951A.roa
File: 8F43380CC47411EFB5FD3B5C762E951A.roa (raw, json)
Hash identifier: ACW/9ES3m+62NhQneu6W79DLZHMhYeL/ftRhw9plB8I=
Subject key identifier: 5D:9F:4E:84:78:98:94:99:74:5D:45:3E:B7:CD:56:66:53:A5:89:9B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F0D4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F43380CC47411EFB5FD3B5C762E951A.roa
Signing time: Fri 27 Dec 2024 17:03:57 +0000
ROA not before: Fri 27 Dec 2024 17:03:53 +0000
ROA not after: Sat 01 Feb 2025 17:03:53 +0000
asID: 203020
IP address blocks: 45.198.34.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61652 (0xf0d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 17:03:53 2024 GMT
Not After : Feb 1 17:03:53 2025 GMT
Subject: CN=676eddfd-bd32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4e:81:59:1f:31:3b:5a:bc:80:21:b4:7e:ff:
61:6f:b5:a2:e0:40:40:11:f4:01:00:0b:18:c1:29:
96:1a:99:9e:6e:ac:58:7c:5d:bf:5d:82:c8:a1:49:
52:3d:bc:ae:e0:07:79:41:24:e7:e2:f3:f1:d0:f0:
32:de:ad:8e:9f:67:aa:49:19:f8:55:fc:8b:94:8e:
f4:86:bc:2c:57:ab:64:cd:19:00:6f:eb:7c:59:9d:
a7:cd:2d:56:a3:64:57:c8:92:33:d4:fd:85:93:d5:
bc:ef:29:95:58:df:53:2d:47:29:71:de:e1:9a:a5:
14:97:af:f8:3a:3b:24:7a:bc:23:aa:e7:2f:35:dd:
33:97:68:d5:63:0a:ef:5c:1d:56:66:db:dc:c8:e5:
36:38:f2:2b:d3:2e:fa:ef:22:b7:97:d8:3c:b3:5a:
db:d6:00:ff:6b:93:90:5e:65:8d:3e:bd:4a:f6:9e:
f4:3c:52:38:c6:40:6b:ec:70:6f:7a:6b:ff:4c:a9:
02:4d:88:16:cd:94:25:65:78:35:21:6d:89:a7:aa:
0e:5f:98:26:84:a3:83:07:fa:b8:da:e8:04:f8:03:
fd:61:c9:6f:21:cc:e5:aa:05:a9:05:32:62:d3:d5:
f5:3d:10:1e:7b:6c:51:1f:9a:60:b8:cf:46:cc:82:
72:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9F:4E:84:78:98:94:99:74:5D:45:3E:B7:CD:56:66:53:A5:89:9B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F43380CC47411EFB5FD3B5C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.198.34.0/23
Signature Algorithm: sha256WithRSAEncryption
05:e4:9d:d4:53:b1:58:24:b1:80:69:d8:2e:ac:fa:13:a7:89:
ae:c7:b7:ae:2f:f6:4f:cf:06:ca:25:ca:83:d3:67:6d:b7:35:
87:50:e2:8d:a4:34:c2:4e:b9:1c:9e:32:9a:83:2c:0d:7a:0e:
37:a8:61:29:00:89:8c:8d:06:bb:66:a8:10:b9:6e:de:d5:2e:
3b:79:51:06:31:50:6c:47:11:cb:83:a7:95:8d:b0:45:55:0c:
58:82:2f:9c:61:18:47:da:c1:61:32:8b:d0:26:39:fe:1b:da:
92:0a:67:23:08:bc:60:3d:c9:10:79:43:c1:ca:71:f8:17:b6:
47:14:b9:60:5b:48:69:72:15:ec:de:0c:fd:c6:67:7a:01:a4:
99:97:52:14:1c:ba:3d:a6:ed:ae:71:2d:fe:d3:48:ea:58:53:
a9:9e:a8:1b:0e:0f:85:0c:ea:73:4d:3f:53:44:56:4c:13:07:
56:93:57:9e:fd:55:1f:6b:81:bd:77:41:62:26:ae:0a:44:c4:
78:a5:2c:eb:19:52:21:d3:d1:24:70:2e:30:28:8a:50:27:aa:
c7:fd:0d:86:d9:63:8a:8f:2e:fb:7e:c5:af:81:5c:44:58:51:
49:23:d7:98:24:b6:dd:0f:dc:b7:03:06:17:2a:3e:13:1b:a1:
b5:16:bb:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPDUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MTcwMzUzWhcNMjUwMjAxMTcwMzUzWjAYMRYw
FAYDVQQDEw02NzZlZGRmZC1iZDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyE6BWR8xO1q8gCG0fv9hb7Wi4EBAEfQBAAsYwSmWGpmebqxYfF2/XYLI
oUlSPbyu4Ad5QSTn4vPx0PAy3q2On2eqSRn4VfyLlI70hrwsV6tkzRkAb+t8WZ2n
zS1Wo2RXyJIz1P2Fk9W87ymVWN9TLUcpcd7hmqUUl6/4OjskerwjqucvNd0zl2jV
YwrvXB1WZtvcyOU2OPIr0y767yK3l9g8s1rb1gD/a5OQXmWNPr1K9p70PFI4xkBr
7HBvemv/TKkCTYgWzZQlZXg1IW2Jp6oOX5gmhKODB/q42ugE+AP9YclvIczlqgWp
BTJi09X1PRAee2xRH5pguM9GzIJycwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF2f
ToR4mJSZdF1FPrfNVmZTpYmbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RjQzMzgwQ0M0NzQxMUVGQjVGRDNCNUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcYiMA0GCSqGSIb3DQEBCwUA
A4IBAQAF5J3UU7FYJLGAadgurPoTp4mux7euL/ZPzwbKJcqD02dttzWHUOKNpDTC
TrkcnjKagywNeg43qGEpAImMjQa7ZqgQuW7e1S47eVEGMVBsRxHLg6eVjbBFVQxY
gi+cYRhH2sFhMovQJjn+G9qSCmcjCLxgPckQeUPBynH4F7ZHFLlgW0hpchXs3gz9
xmd6AaSZl1IUHLo9pu2ucS3+00jqWFOpnqgbDg+FDOpzTT9TRFZMEwdWk1ee/VUf
a4G9d0FiJq4KRMR4pSzrGVIh09EkcC4wKIpQJ6rH/Q2G2WOKjy77fsWvgVxEWFFJ
I9eYJLbdD9y3AwYXKj4TG6G1Frsa
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:25 2025 by rpki-client