Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98D87C86BEB311EFBD5A4869762E951A.roa
File: 98D87C86BEB311EFBD5A4869762E951A.roa (raw, json)
Hash identifier: b3mrxXVj2IzImhwMz87pqAm7ylJskAh8m/bI4VVAp44=
Subject key identifier: 55:A2:D1:27:05:3A:31:4B:0A:00:B6:EE:C0:03:02:2F:6D:DE:DA:B4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E759
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98D87C86BEB311EFBD5A4869762E951A.roa
Signing time: Fri 20 Dec 2024 09:20:05 +0000
ROA not before: Fri 20 Dec 2024 09:20:01 +0000
ROA not after: Sat 25 Jan 2025 09:20:01 +0000
asID: 6079
IP address blocks: 45.197.208.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59225 (0xe759)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 20 09:20:01 2024 GMT
Not After : Jan 25 09:20:01 2025 GMT
Subject: CN=676536c4-7a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:19:99:10:ea:8b:b5:0b:72:83:94:4f:98:ca:
b2:f7:4d:9a:a2:04:48:00:11:7d:08:57:2d:83:50:
a4:a1:f8:bb:6d:ef:a3:7f:12:ea:1c:37:d5:e3:49:
20:6f:8d:b6:87:bf:6e:7e:5a:4f:05:08:d1:e9:a9:
8a:01:6d:72:52:44:07:15:5c:c1:b0:57:b2:89:a7:
e5:ee:78:8d:66:9e:f5:6b:ff:8e:f4:8c:83:56:aa:
4d:4d:e1:a7:f4:55:c1:ab:cf:76:c6:56:bd:01:f3:
30:1f:bb:8e:65:bd:32:90:f1:19:8d:76:36:81:30:
f8:42:0e:b5:25:30:d1:30:02:70:46:24:f6:7c:15:
ba:3e:0b:3e:f9:df:3d:d6:26:d6:74:ea:50:fa:ff:
00:6e:4e:99:bb:af:8b:56:bd:ea:bb:69:15:ab:56:
69:de:f8:2f:8f:90:0a:92:d8:74:cd:92:63:06:6e:
ea:a5:14:b4:6f:6c:9e:07:de:60:cc:e3:98:5c:93:
07:ba:af:0b:50:20:88:d4:28:2f:41:f9:37:35:26:
90:f0:01:59:20:6a:24:bc:37:24:11:78:a1:44:36:
5e:bb:04:17:61:e6:c3:cf:dd:83:2e:19:a6:fd:ad:
02:27:8b:71:de:c9:bf:f9:f9:79:32:cd:33:11:ae:
22:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A2:D1:27:05:3A:31:4B:0A:00:B6:EE:C0:03:02:2F:6D:DE:DA:B4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98D87C86BEB311EFBD5A4869762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.208.0/20
Signature Algorithm: sha256WithRSAEncryption
6f:e5:de:cd:d4:9e:6f:2f:27:0c:cd:12:bf:01:44:27:71:0c:
68:30:ca:15:65:8a:f0:a2:98:1f:26:40:a4:a6:19:7b:98:a5:
ed:dd:f4:5c:af:e5:e4:30:5c:7b:c4:f9:6d:13:58:a0:52:22:
55:4f:2b:7f:8f:a2:6b:27:3b:f7:ed:21:23:a9:94:ac:cb:c6:
01:97:33:ed:fb:f4:5f:bb:82:33:35:6e:f2:d6:40:2e:62:5b:
09:39:06:21:c1:1a:82:fa:7c:18:80:10:fd:97:9e:7f:56:d5:
09:93:61:5f:86:da:c5:e1:bc:51:49:a3:9e:78:bd:d9:7a:c9:
bd:1c:e3:23:15:4c:bd:bc:e1:17:d6:dd:21:4a:45:b1:17:00:
a9:78:7c:cc:d8:ec:bd:24:5e:98:c9:bd:7f:a4:51:51:46:16:
c2:32:dc:d1:93:27:8a:46:d2:90:23:72:09:8e:45:c9:d5:14:
a5:e8:dd:9f:47:81:84:96:3a:ad:cf:df:d2:12:76:50:fe:cd:
df:e2:d9:5a:b7:b1:b7:45:cb:7c:7c:ac:a5:c6:af:66:95:eb:
60:c4:e5:36:41:45:40:27:10:a7:13:a3:aa:b3:cd:ed:96:10:
55:1a:4c:d1:43:48:c8:31:2f:25:e5:9a:8d:5a:99:61:04:45:
25:37:6f:b1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOdZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjIwMDkyMDAxWhcNMjUwMTI1MDkyMDAxWjAYMRYw
FAYDVQQDEw02NzY1MzZjNC03YTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArBmZEOqLtQtyg5RPmMqy902aogRIABF9CFctg1Ckofi7be+jfxLqHDfV
40kgb422h79uflpPBQjR6amKAW1yUkQHFVzBsFeyiafl7niNZp71a/+O9IyDVqpN
TeGn9FXBq892xla9AfMwH7uOZb0ykPEZjXY2gTD4Qg61JTDRMAJwRiT2fBW6Pgs+
+d891ibWdOpQ+v8Abk6Zu6+LVr3qu2kVq1Zp3vgvj5AKkth0zZJjBm7qpRS0b2ye
B95gzOOYXJMHuq8LUCCI1CgvQfk3NSaQ8AFZIGokvDckEXihRDZeuwQXYebDz92D
Lhmm/a0CJ4tx3sm/+fl5Ms0zEa4icQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFWi
0ScFOjFLCgC27sADAi9t3tq0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OEQ4N0M4NkJFQjMxMUVGQkQ1QTQ4Njk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcXQMA0GCSqGSIb3DQEBCwUA
A4IBAQBv5d7N1J5vLycMzRK/AUQncQxoMMoVZYrwopgfJkCkphl7mKXt3fRcr+Xk
MFx7xPltE1igUiJVTyt/j6JrJzv37SEjqZSsy8YBlzPt+/Rfu4IzNW7y1kAuYlsJ
OQYhwRqC+nwYgBD9l55/VtUJk2FfhtrF4bxRSaOeeL3Zesm9HOMjFUy9vOEX1t0h
SkWxFwCpeHzM2Oy9JF6Yyb1/pFFRRhbCMtzRkyeKRtKQI3IJjkXJ1RSl6N2fR4GE
ljqtz9/SEnZQ/s3f4tlat7G3Rct8fKylxq9mletgxOU2QUVAJxCnE6Oqs83tlhBV
GkzRQ0jIMS8l5ZqNWplhBEUlN2+x
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:25 2025 by rpki-client