Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B708DCAEC9A911EF9E528080762E951A.roa
File: B708DCAEC9A911EF9E528080762E951A.roa (raw, json)
Hash identifier: K1xwOxkv6zTBSlt8V1ivZ4hBet/fj4G3qEz6x5b/OnI=
Subject key identifier: 40:F5:CB:A7:8E:97:55:9B:05:08:B6:E1:18:1D:5C:87:67:63:97:C7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F697
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B708DCAEC9A911EF9E528080762E951A.roa
Signing time: Fri 03 Jan 2025 08:07:03 +0000
ROA not before: Fri 03 Jan 2025 08:06:59 +0000
ROA not after: Sat 18 Jan 2025 08:06:59 +0000
asID: 139646
IP address blocks: 45.200.18.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63127 (0xf697)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 08:06:59 2025 GMT
Not After : Jan 18 08:06:59 2025 GMT
Subject: CN=67779aa7-900f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:db:b3:a5:57:e0:bd:9c:eb:dd:43:bd:23:57:
f0:90:ea:2c:cc:64:71:0b:cb:ca:63:3f:ce:a7:b5:
ca:18:9e:14:32:7f:27:57:4a:fa:17:35:6d:b9:71:
d6:a2:4a:a1:19:c1:b7:a5:42:bb:97:18:f0:a4:5f:
db:71:9b:a4:1d:d1:af:3e:4d:e7:5c:93:ba:46:3f:
ca:69:a3:5f:f5:80:22:27:5b:27:19:4f:36:e2:d1:
c8:7c:cc:4c:f0:52:63:39:96:48:3a:ab:17:19:b5:
73:e6:73:fe:e0:e0:f1:8a:8a:2b:bf:20:d7:6b:1c:
76:1e:28:64:18:64:79:b8:4e:48:c7:ce:2f:ad:c3:
fb:82:d3:88:b8:ce:56:14:ed:d5:33:75:f9:4c:c8:
4e:83:f9:e5:23:32:fc:da:ba:a8:16:d8:08:9d:bc:
2a:80:50:68:7c:a4:f4:5c:1d:a7:b6:82:ee:3b:e0:
9f:59:d7:8a:76:d7:49:0c:8c:b4:58:ea:ac:43:ce:
3b:bd:09:20:83:f1:79:ac:d4:53:d4:3b:71:2f:ce:
94:40:8e:50:9c:36:a0:38:34:f8:a3:61:2f:74:1c:
7c:eb:fa:65:06:23:1b:ad:61:d3:23:64:d9:da:b1:
2f:3b:5a:79:f4:f9:bd:57:0b:3a:54:16:f0:ea:fc:
5c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F5:CB:A7:8E:97:55:9B:05:08:B6:E1:18:1D:5C:87:67:63:97:C7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B708DCAEC9A911EF9E528080762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.18.0/23
Signature Algorithm: sha256WithRSAEncryption
74:55:2f:86:72:fc:69:49:74:24:cf:6e:c8:30:19:1e:ae:fa:
ea:92:51:98:02:6a:f0:0d:79:95:82:8c:f6:51:0b:4f:30:2e:
bb:91:5c:fd:27:3f:16:60:ca:54:85:fd:39:02:97:d0:d1:ed:
93:f1:98:c8:8e:18:a6:b5:28:18:45:ec:c6:20:09:c3:b7:87:
2f:ee:4e:ed:fd:7a:29:f8:b3:1b:ca:63:27:31:78:b4:eb:74:
dc:3f:8b:d8:f0:95:6b:a0:2c:60:2c:dc:19:ba:bf:51:15:22:
72:c1:ae:d3:2e:80:f5:1f:a4:4b:a8:57:1e:8f:bb:4c:86:2b:
04:b8:6e:f9:ac:e2:bc:a3:c2:fc:a2:f5:55:fe:b0:f4:27:3d:
9c:70:bd:67:ef:04:ec:5d:be:7c:55:8c:b1:61:8a:a7:b6:72:
77:fd:92:8f:7e:80:f4:6e:98:ed:95:4b:e5:c9:4c:72:6a:5e:
7e:d3:8a:2c:e4:49:64:0d:dc:b8:51:c5:ed:4e:56:02:4f:7e:
72:da:fd:fa:71:9d:5a:c3:08:eb:55:28:b4:9b:31:49:42:77:
42:7c:06:e6:66:d4:38:86:97:d4:c4:b8:c2:36:c7:13:6e:51:
1d:5d:32:0c:6e:ac:90:3b:e3:65:04:70:80:8f:9e:59:8c:3a:
bc:f5:33:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPaXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDgwNjU5WhcNMjUwMTE4MDgwNjU5WjAYMRYw
FAYDVQQDEw02Nzc3OWFhNy05MDBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2tuzpVfgvZzr3UO9I1fwkOoszGRxC8vKYz/Op7XKGJ4UMn8nV0r6FzVt
uXHWokqhGcG3pUK7lxjwpF/bcZukHdGvPk3nXJO6Rj/KaaNf9YAiJ1snGU824tHI
fMxM8FJjOZZIOqsXGbVz5nP+4ODxioorvyDXaxx2HihkGGR5uE5Ix84vrcP7gtOI
uM5WFO3VM3X5TMhOg/nlIzL82rqoFtgInbwqgFBofKT0XB2ntoLuO+CfWdeKdtdJ
DIy0WOqsQ847vQkgg/F5rNRT1DtxL86UQI5QnDagODT4o2EvdBx86/plBiMbrWHT
I2TZ2rEvO1p59Pm9Vws6VBbw6vxchQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFED1
y6eOl1WbBQi24RgdXIdnY5fHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNzA4RENBRUM5QTkxMUVGOUU1MjgwODA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcgSMA0GCSqGSIb3DQEBCwUA
A4IBAQB0VS+GcvxpSXQkz27IMBkervrqklGYAmrwDXmVgoz2UQtPMC67kVz9Jz8W
YMpUhf05ApfQ0e2T8ZjIjhimtSgYRezGIAnDt4cv7k7t/Xop+LMbymMnMXi063Tc
P4vY8JVroCxgLNwZur9RFSJywa7TLoD1H6RLqFcej7tMhisEuG75rOK8o8L8ovVV
/rD0Jz2ccL1n7wTsXb58VYyxYYqntnJ3/ZKPfoD0bpjtlUvlyUxyal5+04os5Elk
Ddy4UcXtTlYCT35y2v36cZ1awwjrVSi0mzFJQndCfAbmZtQ4hpfUxLjCNscTblEd
XTIMbqyQO+NlBHCAj55ZjDq89TOS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:21 2025 by rpki-client