Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA5737EACE8011EFBCAEF149762E951A.roa
File: AA5737EACE8011EFBCAEF149762E951A.roa (raw, json)
Hash identifier: cDc0ZQAudQ08/syZGrOjR2IjElLa2SG82Xtp7OPfrnY=
Subject key identifier: 12:57:1E:E3:10:6F:40:D0:37:26:E7:B7:F4:86:AC:82:9D:1A:D7:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01039C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA5737EACE8011EFBCAEF149762E951A.roa
Signing time: Thu 09 Jan 2025 11:55:48 +0000
ROA not before: Thu 09 Jan 2025 11:55:44 +0000
ROA not after: Sat 01 Feb 2025 11:55:44 +0000
asID: 17561
IP address blocks: 45.203.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66460 (0x1039c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 11:55:44 2025 GMT
Not After : Feb 1 11:55:44 2025 GMT
Subject: CN=677fb944-e28f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:93:d9:8c:40:fe:65:36:98:7c:dd:4d:70:18:
6e:11:4f:12:47:30:42:26:26:e1:dc:71:eb:52:d1:
12:98:59:46:ec:a9:de:e7:86:8b:37:ec:50:24:bb:
45:de:07:e5:51:10:05:bf:a9:b4:36:8a:63:dc:e7:
de:14:00:65:d4:e4:cb:fd:e7:5a:28:57:93:fb:25:
30:84:ed:1f:f1:c9:6a:de:a3:4c:79:94:21:b8:1b:
37:ca:bc:df:3b:2f:a2:c8:cf:34:aa:8b:61:74:0f:
30:59:36:28:b2:da:18:57:58:fa:e4:46:4b:ad:5a:
b0:bf:02:c0:2e:ba:03:20:47:d7:8d:45:4f:19:20:
b5:ec:08:32:b6:77:2c:54:71:29:f0:39:c5:3e:2e:
13:31:ad:a7:b3:24:e2:0e:08:ae:0c:81:e8:c5:50:
72:68:68:84:e4:77:74:d4:e8:9d:09:69:fc:46:7d:
88:6f:ee:d3:e7:de:c3:16:12:3c:5d:7e:cd:7a:94:
9d:74:59:c9:56:ce:02:4f:d5:64:f5:6f:d9:c4:9f:
71:f6:cd:c2:1b:59:fc:44:78:3b:00:4b:ba:ab:b7:
14:e6:d6:b2:9e:d7:33:23:2e:88:41:99:b9:a4:96:
28:31:52:18:4c:0a:81:bf:8a:d4:4e:5f:66:b1:60:
52:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:57:1E:E3:10:6F:40:D0:37:26:E7:B7:F4:86:AC:82:9D:1A:D7:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA5737EACE8011EFBCAEF149762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.12.0/24
Signature Algorithm: sha256WithRSAEncryption
79:e7:00:e4:63:06:6a:5e:6b:84:27:b3:2e:ae:d3:d6:41:a8:
f3:0d:08:ac:b4:f4:f0:98:a5:e8:ba:2b:de:29:4b:bc:a0:c0:
5f:3c:55:1a:f6:5f:e8:d5:67:c5:5e:55:5c:ac:97:00:30:af:
ea:6c:3d:a3:52:6c:38:d7:15:b6:bb:42:f6:bb:c3:d7:a6:de:
5e:2e:df:75:01:f0:d1:7d:ca:26:86:eb:11:91:a4:41:bd:3d:
b7:ef:5f:0e:47:58:2e:3b:ca:60:be:e9:97:e1:d5:6b:ff:0c:
89:2f:07:e2:d2:68:7f:04:95:05:7c:99:d4:ba:4e:09:98:81:
35:e1:b7:f7:cd:a7:48:52:38:19:98:68:1e:9a:51:80:2a:65:
70:ff:a7:bb:18:d8:a9:39:54:35:04:43:44:36:87:03:fe:ec:
f2:43:75:aa:cc:ba:f1:85:ec:2d:6a:ce:22:d8:a3:37:a3:a9:
7c:c7:f6:b7:58:68:37:f2:67:6a:f2:9c:c5:e2:03:c3:c6:1f:
86:e5:2d:a3:74:ef:d8:62:8d:00:53:8e:cb:b3:f7:95:6d:34:
59:1e:e2:ba:2a:53:cb:d2:d9:5d:06:de:05:44:fe:a9:16:80:
9c:2d:26:17:e2:e7:9f:c4:1d:dd:81:5b:70:06:7e:9f:2b:e1:
1f:45:58:2a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQOcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTE1NTQ0WhcNMjUwMjAxMTE1NTQ0WjAYMRYw
FAYDVQQDEw02NzdmYjk0NC1lMjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxpPZjED+ZTaYfN1NcBhuEU8SRzBCJibh3HHrUtESmFlG7Kne54aLN+xQ
JLtF3gflURAFv6m0Nopj3OfeFABl1OTL/edaKFeT+yUwhO0f8clq3qNMeZQhuBs3
yrzfOy+iyM80qothdA8wWTYostoYV1j65EZLrVqwvwLALroDIEfXjUVPGSC17Agy
tncsVHEp8DnFPi4TMa2nsyTiDgiuDIHoxVByaGiE5Hd01OidCWn8Rn2Ib+7T597D
FhI8XX7NepSddFnJVs4CT9Vk9W/ZxJ9x9s3CG1n8RHg7AEu6q7cU5tayntczIy6I
QZm5pJYoMVIYTAqBv4rUTl9msWBSYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBJX
HuMQb0DQNybnt/SGrIKdGteyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQTU3MzdFQUNFODAxMUVGQkNBRUYxNDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcsMMA0GCSqGSIb3DQEBCwUA
A4IBAQB55wDkYwZqXmuEJ7MurtPWQajzDQistPTwmKXouiveKUu8oMBfPFUa9l/o
1WfFXlVcrJcAMK/qbD2jUmw41xW2u0L2u8PXpt5eLt91AfDRfcomhusRkaRBvT23
718OR1guO8pgvumX4dVr/wyJLwfi0mh/BJUFfJnUuk4JmIE14bf3zadIUjgZmGge
mlGAKmVw/6e7GNipOVQ1BENENocD/uzyQ3WqzLrxhewtas4i2KM3o6l8x/a3WGg3
8mdq8pzF4gPDxh+G5S2jdO/YYo0AU47Ls/eVbTRZHuK6KlPL0tldBt4FRP6pFoCc
LSYX4uefxB3dgVtwBn6fK+EfRVgq
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:14 2025 by rpki-client