Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AABA1480CF3611EFAB312E51762E951A.roa
File: AABA1480CF3611EFAB312E51762E951A.roa (raw, json)
Hash identifier: 1qIgt19ISqDvX97Dp3Nux4yDpLIJjB5r/QM7KwVs1pA=
Subject key identifier: DB:4E:F6:38:59:0C:D9:3A:A1:FE:B9:56:D8:84:9C:92:C7:11:B2:43
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010531
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AABA1480CF3611EFAB312E51762E951A.roa
Signing time: Fri 10 Jan 2025 09:38:37 +0000
ROA not before: Fri 10 Jan 2025 09:38:33 +0000
ROA not after: Sat 01 Feb 2025 09:38:33 +0000
asID: 39600
IP address blocks: 45.197.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66865 (0x10531)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 09:38:33 2025 GMT
Not After : Feb 1 09:38:33 2025 GMT
Subject: CN=6780ea9d-3ea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6b:32:5a:d4:66:0c:df:1f:61:64:3f:d4:9e:
36:86:24:6a:a7:21:5d:26:4f:ca:11:e9:23:a6:e1:
dd:73:5e:28:94:8b:5e:4c:4b:0a:5c:f4:e7:e4:3f:
5b:6e:d5:77:8e:11:78:24:ff:ef:37:27:98:a0:20:
57:73:4c:f6:b0:31:c3:9b:76:3e:96:75:2a:87:77:
a2:80:74:fd:2b:1a:29:dc:92:9f:ea:3d:a4:d6:64:
40:08:af:18:57:68:3f:5d:7b:3e:92:91:7d:ca:cc:
8a:e6:64:01:cc:f8:fe:0a:1a:32:45:43:2b:ad:cf:
28:eb:0d:37:a9:b8:3c:47:96:7e:31:4e:80:08:cb:
a3:25:e1:27:70:c4:b8:3c:92:01:3a:e1:92:97:19:
3d:7a:3f:dc:bd:9f:8a:77:f6:13:5a:71:6a:7e:0b:
58:e0:8e:5f:ac:bf:88:24:68:94:d7:94:23:60:34:
a5:c0:56:25:80:dd:70:ed:08:83:92:1f:42:79:60:
75:94:01:f4:a0:1c:0d:8f:00:31:85:68:ef:2a:c5:
52:d1:28:08:75:7a:92:46:4e:9a:95:36:37:68:49:
48:39:50:ae:05:74:0a:40:cc:aa:54:28:dc:fe:26:
34:19:b2:c6:3b:a7:29:da:2a:d1:24:2b:59:66:da:
1a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4E:F6:38:59:0C:D9:3A:A1:FE:B9:56:D8:84:9C:92:C7:11:B2:43
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AABA1480CF3611EFAB312E51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.204.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:7d:76:a2:42:20:29:5f:e0:3b:5d:b0:cf:0a:c7:f3:05:dc:
5c:58:ff:60:4c:3c:1e:86:3d:e4:2a:89:40:4e:ef:4a:e5:56:
48:81:26:b2:a9:dc:8f:76:ba:d8:11:fd:a0:5c:20:a6:b4:b7:
0b:42:35:d5:36:3e:4a:79:fa:d4:ba:2f:07:05:05:87:5c:28:
b5:73:c5:5a:68:db:f4:e9:07:90:3e:c6:85:46:6d:44:b2:b7:
67:e9:75:2a:f2:87:0c:cd:2c:eb:06:0b:23:23:c6:fd:d8:1b:
cc:cc:63:36:19:56:92:1d:ca:47:df:b3:1e:0e:ec:33:21:69:
a4:81:54:47:38:f3:ab:38:fe:39:17:18:60:9e:27:fd:02:77:
58:71:8e:6a:43:35:1c:fa:71:a1:90:01:fc:10:3c:0d:82:b1:
5e:5e:eb:54:d1:21:14:ec:4b:a6:6a:33:43:8c:37:9a:31:cb:
68:02:21:fb:99:44:47:a8:d9:92:2f:8b:7e:ab:f0:b8:a7:46:
a6:75:d3:5e:63:95:c8:c4:f1:90:ce:ee:ba:77:6f:8b:94:18:
9f:fb:d6:fd:7b:78:ba:a6:c9:73:5c:3a:14:41:a3:b7:af:5e:
16:8f:d8:96:4b:f0:2e:0e:98:78:b1:13:ec:58:38:28:ed:6c:
99:f8:8d:e7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQUxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDkzODMzWhcNMjUwMjAxMDkzODMzWjAYMRYw
FAYDVQQDEw02NzgwZWE5ZC0zZWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlWsyWtRmDN8fYWQ/1J42hiRqpyFdJk/KEekjpuHdc14olIteTEsKXPTn
5D9bbtV3jhF4JP/vNyeYoCBXc0z2sDHDm3Y+lnUqh3eigHT9Kxop3JKf6j2k1mRA
CK8YV2g/XXs+kpF9ysyK5mQBzPj+ChoyRUMrrc8o6w03qbg8R5Z+MU6ACMujJeEn
cMS4PJIBOuGSlxk9ej/cvZ+Kd/YTWnFqfgtY4I5frL+IJGiU15QjYDSlwFYlgN1w
7QiDkh9CeWB1lAH0oBwNjwAxhWjvKsVS0SgIdXqSRk6alTY3aElIOVCuBXQKQMyq
VCjc/iY0GbLGO6cp2irRJCtZZtoatQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNtO
9jhZDNk6of65VtiEnJLHEbJDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQUJBMTQ4MENGMzYxMUVGQUIzMTJFNTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcXMMA0GCSqGSIb3DQEBCwUA
A4IBAQBsfXaiQiApX+A7XbDPCsfzBdxcWP9gTDwehj3kKolATu9K5VZIgSayqdyP
drrYEf2gXCCmtLcLQjXVNj5KefrUui8HBQWHXCi1c8VaaNv06QeQPsaFRm1Esrdn
6XUq8ocMzSzrBgsjI8b92BvMzGM2GVaSHcpH37MeDuwzIWmkgVRHOPOrOP45Fxhg
nif9AndYcY5qQzUc+nGhkAH8EDwNgrFeXutU0SEU7EumajNDjDeaMctoAiH7mURH
qNmSL4t+q/C4p0amddNeY5XIxPGQzu66d2+LlBif+9b9e3i6pslzXDoUQaO3r14W
j9iWS/AuDph4sRPsWDgo7WyZ+I3n
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:12 2025 by rpki-client