Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3490478CE9F11EF91DF478A762E951A.roa
File: A3490478CE9F11EF91DF478A762E951A.roa (raw, json)
Hash identifier: 6RESCNcv7zC2k1LaXCKAPSitgeMbvjHUy4beqQvdWHo=
Subject key identifier: 16:89:66:F6:A9:9D:B6:AC:95:83:59:48:C1:3B:E7:6A:CD:66:F3:B5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01043A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3490478CE9F11EF91DF478A762E951A.roa
Signing time: Thu 09 Jan 2025 15:37:31 +0000
ROA not before: Thu 09 Jan 2025 15:37:27 +0000
ROA not after: Fri 24 Jan 2025 15:37:27 +0000
asID: 39600
IP address blocks: 45.204.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66618 (0x1043a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 15:37:27 2025 GMT
Not After : Jan 24 15:37:27 2025 GMT
Subject: CN=677fed3b-a78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:44:04:f5:9b:a1:62:66:85:74:ec:bd:81:3b:
92:d1:21:26:9d:5b:53:80:3a:fe:06:e3:6f:b1:3e:
3b:77:06:cc:f8:be:8e:4b:1c:de:7b:fe:6b:ca:d1:
fd:72:ba:cb:79:ed:1c:22:28:ce:5b:c3:43:db:d6:
6c:98:dd:26:78:f3:82:b2:78:f2:85:c4:14:70:81:
f1:88:f4:bc:24:bc:9c:fd:37:9f:d8:d4:39:a6:1d:
e8:5a:d4:54:16:af:bc:8e:9e:e0:61:2b:40:4a:0f:
95:cf:00:ad:5a:8a:11:35:a6:7b:8c:d4:6f:c1:15:
d3:6b:03:0c:65:e2:9a:48:64:90:a3:05:e4:b1:d1:
bb:bb:6f:2f:aa:ee:f9:43:d9:51:b1:31:8a:9e:c0:
2e:0b:ba:6a:2e:e0:ea:d4:f6:13:ea:e9:e4:56:77:
87:60:19:09:14:65:bd:3a:f9:95:96:11:80:a9:f3:
09:35:8f:cc:68:62:0a:e6:f3:5a:99:71:83:c0:87:
17:c8:a1:be:b9:7c:ea:60:92:a1:7b:e6:e9:de:87:
80:6f:47:d4:ba:8d:b5:51:e4:5c:29:3d:f5:4d:f0:
1b:ef:87:7f:e8:f3:0b:5a:d9:3f:bb:93:2d:39:3b:
cb:88:49:a5:da:d2:c7:e6:bb:fc:56:eb:10:c9:87:
8f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:89:66:F6:A9:9D:B6:AC:95:83:59:48:C1:3B:E7:6A:CD:66:F3:B5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3490478CE9F11EF91DF478A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.72.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:ea:f4:e8:72:77:eb:e9:3a:6e:bf:2a:b1:03:09:5c:fd:e3:
c7:4c:47:3f:15:de:eb:5f:fe:ee:72:6a:07:bb:df:65:8e:8b:
d8:84:aa:ea:df:1e:7a:ab:36:5e:cd:70:87:24:a4:49:ce:e6:
07:22:38:79:94:34:da:e5:38:56:ac:8a:bc:86:d2:41:30:b7:
17:37:3b:2c:c1:9c:f6:1b:6b:5d:06:e8:8a:57:2b:a7:54:9a:
ea:c4:4d:cc:99:39:76:d2:bf:14:37:01:db:a2:48:37:3e:35:
e3:c8:c4:83:e8:93:42:02:c0:de:d9:05:3e:b6:d6:b2:6a:59:
c5:d5:70:cd:53:4f:f0:ce:c2:1e:07:64:88:c0:66:70:47:01:
a2:f4:be:f5:63:61:d3:34:4c:71:96:45:ea:ae:be:1e:52:a1:
2f:3a:0c:ad:fc:c2:97:40:b9:44:98:80:0e:91:29:2d:44:75:
d5:39:b3:10:40:b6:52:9a:ac:10:b4:f4:84:07:2a:8c:04:29:
05:1b:3b:9e:fc:db:ab:d6:18:64:8a:b0:73:7e:bc:88:7c:09:
99:49:d1:8f:dd:a4:d1:47:44:a3:af:72:0c:8a:f9:8e:9b:8a:
b3:c7:32:ec:c9:be:a4:81:52:66:66:a6:5f:24:3c:df:5f:60:
39:01:81:39
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQQ6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTUzNzI3WhcNMjUwMTI0MTUzNzI3WjAYMRYw
FAYDVQQDEw02NzdmZWQzYi1hNzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp0QE9ZuhYmaFdOy9gTuS0SEmnVtTgDr+BuNvsT47dwbM+L6OSxzee/5r
ytH9crrLee0cIijOW8ND29ZsmN0mePOCsnjyhcQUcIHxiPS8JLyc/Tef2NQ5ph3o
WtRUFq+8jp7gYStASg+VzwCtWooRNaZ7jNRvwRXTawMMZeKaSGSQowXksdG7u28v
qu75Q9lRsTGKnsAuC7pqLuDq1PYT6unkVneHYBkJFGW9OvmVlhGAqfMJNY/MaGIK
5vNamXGDwIcXyKG+uXzqYJKhe+bp3oeAb0fUuo21UeRcKT31TfAb74d/6PMLWtk/
u5MtOTvLiEml2tLH5rv8VusQyYePVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBaJ
ZvapnbaslYNZSME752rNZvO1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMzQ5MDQ3OENFOUYxMUVGOTFERjQ3OEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcxIMA0GCSqGSIb3DQEBCwUA
A4IBAQCe6vTocnfr6TpuvyqxAwlc/ePHTEc/Fd7rX/7ucmoHu99ljovYhKrq3x56
qzZezXCHJKRJzuYHIjh5lDTa5ThWrIq8htJBMLcXNzsswZz2G2tdBuiKVyunVJrq
xE3MmTl20r8UNwHbokg3PjXjyMSD6JNCAsDe2QU+ttayalnF1XDNU0/wzsIeB2SI
wGZwRwGi9L71Y2HTNExxlkXqrr4eUqEvOgyt/MKXQLlEmIAOkSktRHXVObMQQLZS
mqwQtPSEByqMBCkFGzue/Nur1hhkirBzfryIfAmZSdGP3aTRR0Sjr3IMivmOm4qz
xzLsyb6kgVJmZqZfJDzfX2A5AYE5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:51 2025 by rpki-client