Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C01E81E8C99C11EF96AF1AAF762E951A.roa
File: C01E81E8C99C11EF96AF1AAF762E951A.roa (raw, json)
Hash identifier: j+CU5CTehnKKs2wHBqo7KFQHDIXNu8teEqpQBjbaA5Q=
Subject key identifier: 9C:58:8B:3B:10:8B:13:F6:0F:35:5C:AB:E2:3F:0D:F9:09:D7:05:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F649
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C01E81E8C99C11EF96AF1AAF762E951A.roa
Signing time: Fri 03 Jan 2025 06:34:15 +0000
ROA not before: Fri 03 Jan 2025 06:34:11 +0000
ROA not after: Fri 17 Jan 2025 06:34:11 +0000
asID: 137899
IP address blocks: 45.207.192.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63049 (0xf649)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 06:34:11 2025 GMT
Not After : Jan 17 06:34:11 2025 GMT
Subject: CN=677784e7-b0ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:99:79:35:10:cb:4a:3f:b2:dc:f5:f0:28:a7:
b4:11:46:5c:ed:6c:34:ff:ac:a3:64:9c:61:91:a9:
f7:23:d6:5a:f7:1d:8e:60:47:a1:b3:14:7d:42:de:
e0:55:7a:b3:5e:ae:4b:25:4d:1a:0d:f9:b1:f2:e2:
ea:5e:91:b7:32:94:e8:2a:74:14:2a:1b:7f:ba:62:
1a:05:ed:71:09:8c:93:17:38:90:19:ec:00:fb:db:
8c:da:d0:2f:e8:24:a9:53:fb:05:cd:03:ea:0e:a4:
9f:85:5c:c1:b4:2a:2b:61:67:64:72:de:fa:e8:62:
11:3d:0e:14:7a:e5:88:f6:99:e4:81:b5:ea:08:23:
b7:c1:36:f7:61:10:5f:13:75:c2:82:83:e0:bf:e3:
82:79:d1:95:9f:38:cd:da:c0:9b:21:ff:1c:0a:49:
8c:6b:50:14:b6:b0:2e:ae:d7:3c:b6:a7:bf:42:70:
01:e9:f2:ba:f2:2a:a1:67:3d:2a:67:5b:a2:b8:12:
4c:32:00:66:24:db:37:4b:aa:e0:2b:13:a7:b8:45:
28:3e:fe:a7:84:01:2a:32:d2:92:30:75:7b:05:cc:
84:7d:9e:97:0c:f0:53:5c:20:6e:96:86:6e:cd:e8:
63:e4:6d:91:11:c0:3e:a3:05:c9:d0:e0:86:f2:e4:
64:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:58:8B:3B:10:8B:13:F6:0F:35:5C:AB:E2:3F:0D:F9:09:D7:05:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C01E81E8C99C11EF96AF1AAF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.192.0/19
Signature Algorithm: sha256WithRSAEncryption
99:93:e6:66:0f:90:10:0d:b1:d6:73:27:af:a7:43:58:5c:02:
19:f7:57:79:c8:e3:dd:d5:51:4f:7f:bc:2d:e0:f9:cc:36:0b:
07:99:ba:7a:e0:34:96:87:23:fc:1c:6e:88:0a:8d:21:9b:86:
8e:c8:f4:47:d3:ba:52:95:f4:0d:e4:03:2d:26:b9:76:69:43:
c5:33:84:d5:b2:3d:24:81:8d:10:7d:81:45:a0:c6:4d:5e:78:
3b:b3:d5:16:56:cf:90:ef:43:10:fc:1a:8e:57:9f:5a:33:4b:
4b:90:6a:43:bb:68:3a:eb:7f:7e:a1:58:49:78:a9:b0:3f:80:
7f:5f:51:6e:ac:24:06:9b:2c:12:e3:b9:57:e3:04:91:90:57:
22:ad:70:15:4e:2a:c6:6a:70:21:74:cf:8c:26:90:06:6d:d2:
fe:a0:7a:c1:4d:30:dd:0f:b9:0a:db:0c:9d:2a:d6:c8:6a:22:
65:35:7f:10:99:00:2f:2e:6a:00:f4:95:0e:ff:88:e8:dd:ea:
64:34:f6:68:49:6e:2e:50:11:b1:c3:76:29:b4:6b:88:68:43:
8b:86:5e:66:5e:34:39:66:aa:91:23:f3:c0:cb:c0:0b:87:c0:
3e:91:f3:4e:4f:66:7f:ea:95:e8:98:bf:54:b2:ca:c3:56:b7:
7c:c6:5a:41
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPZJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDYzNDExWhcNMjUwMTE3MDYzNDExWjAYMRYw
FAYDVQQDEw02Nzc3ODRlNy1iMGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo5l5NRDLSj+y3PXwKKe0EUZc7Ww0/6yjZJxhkan3I9Za9x2OYEehsxR9
Qt7gVXqzXq5LJU0aDfmx8uLqXpG3MpToKnQUKht/umIaBe1xCYyTFziQGewA+9uM
2tAv6CSpU/sFzQPqDqSfhVzBtCorYWdkct766GIRPQ4UeuWI9pnkgbXqCCO3wTb3
YRBfE3XCgoPgv+OCedGVnzjN2sCbIf8cCkmMa1AUtrAurtc8tqe/QnAB6fK68iqh
Zz0qZ1uiuBJMMgBmJNs3S6rgKxOnuEUoPv6nhAEqMtKSMHV7BcyEfZ6XDPBTXCBu
loZuzehj5G2REcA+owXJ0OCG8uRk7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJxY
izsQixP2DzVcq+I/DfkJ1wU6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMDFFODFFOEM5OUMxMUVGOTZBRjFBQUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFLc/AMA0GCSqGSIb3DQEBCwUA
A4IBAQCZk+ZmD5AQDbHWcyevp0NYXAIZ91d5yOPd1VFPf7wt4PnMNgsHmbp64DSW
hyP8HG6ICo0hm4aOyPRH07pSlfQN5AMtJrl2aUPFM4TVsj0kgY0QfYFFoMZNXng7
s9UWVs+Q70MQ/BqOV59aM0tLkGpDu2g6639+oVhJeKmwP4B/X1FurCQGmywS47lX
4wSRkFcirXAVTirGanAhdM+MJpAGbdL+oHrBTTDdD7kK2wydKtbIaiJlNX8QmQAv
LmoA9JUO/4jo3epkNPZoSW4uUBGxw3YptGuIaEOLhl5mXjQ5ZqqRI/PAy8ALh8A+
kfNOT2Z/6pXomL9UssrDVrd8xlpB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:33 2025 by rpki-client