Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C4A21F4CCC2411EFB032DEB5762E951A.roa
File: C4A21F4CCC2411EFB032DEB5762E951A.roa (raw, json)
Hash identifier: gzQZBpOumGZOIcTkst0XzJSgix4DVbBxTBQ1FVU66vc=
Subject key identifier: 3D:29:F6:C9:F3:E2:68:AA:7C:F4:3A:39:EF:88:BE:86:F4:C8:E1:F1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F8C7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C4A21F4CCC2411EFB032DEB5762E951A.roa
Signing time: Mon 06 Jan 2025 11:52:56 +0000
ROA not before: Mon 06 Jan 2025 11:52:51 +0000
ROA not after: Sat 18 Jan 2025 11:52:51 +0000
asID: 151206
IP address blocks: 45.200.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63687 (0xf8c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 11:52:51 2025 GMT
Not After : Jan 18 11:52:51 2025 GMT
Subject: CN=677bc418-a4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:79:cf:54:2f:15:d7:3e:05:a0:a3:5e:c8:55:
2d:31:01:ab:9d:f6:8c:f5:ca:98:05:59:57:41:9f:
46:74:64:b3:82:94:82:b8:a8:bf:7e:17:b9:bc:b1:
01:a9:19:ba:e0:bb:b9:8d:b4:84:94:2b:d7:1e:c5:
31:2b:9a:43:0b:16:44:64:40:01:d7:ef:c8:c0:64:
3d:fb:d0:6b:46:3a:dc:0b:c0:36:2b:28:13:3a:09:
4e:e1:bc:99:f9:c6:a1:f1:b4:a8:12:68:70:70:86:
2e:98:1e:23:69:ab:fa:57:90:e0:d8:4f:f5:64:1d:
62:68:88:9f:76:95:f9:95:2a:b6:14:cf:7e:93:bd:
1f:7f:b9:c0:de:73:e2:1d:fb:48:0a:5b:a4:78:61:
cd:73:b9:39:4e:16:3e:2a:9a:15:ad:e7:29:71:85:
a5:c2:3a:d7:c5:f2:06:14:9e:43:fa:5f:ce:df:a4:
4a:6c:25:9e:31:dd:4f:65:8d:af:e1:17:7f:f6:98:
1b:7b:60:21:f7:da:1e:a7:85:ad:d0:aa:df:03:dc:
b0:66:1b:84:5d:2b:fa:76:28:3a:ee:39:96:99:0e:
a1:71:93:43:13:a5:97:05:57:8f:f0:7b:ee:ea:1d:
71:a0:9a:39:f8:8c:fc:73:ae:05:8d:ac:a6:26:b1:
79:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:29:F6:C9:F3:E2:68:AA:7C:F4:3A:39:EF:88:BE:86:F4:C8:E1:F1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C4A21F4CCC2411EFB032DEB5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.125.0/24
Signature Algorithm: sha256WithRSAEncryption
94:98:35:c0:91:9d:2f:b2:f2:27:9b:51:90:91:ed:6f:ca:15:
82:a6:77:4f:69:9f:1f:2b:89:56:22:b6:4e:ad:8f:f3:e5:c8:
cb:e7:5b:85:00:15:dc:90:33:c9:1e:f6:5b:3b:e2:c0:37:ba:
63:d5:64:7b:e2:a8:4a:29:55:92:23:35:00:a4:09:ff:72:d6:
9c:45:52:e6:15:6b:4f:cc:6d:19:80:bc:a5:5a:65:0f:1e:36:
c5:f7:1e:84:27:e2:cb:20:19:aa:a1:b7:65:2b:4c:45:d5:9b:
c0:68:7c:e4:2b:17:d3:51:38:ea:f9:cf:ea:65:32:db:f7:82:
fa:4e:5e:6d:ef:bb:81:1b:b0:c6:92:70:4f:3e:0a:af:b9:21:
38:05:8b:6a:9a:ae:f5:26:4f:ba:f7:a1:23:cf:e1:0a:c1:3c:
fc:06:a3:aa:a8:38:50:3b:2a:5d:be:13:f2:56:d0:4d:1c:b0:
30:18:5c:d5:43:9c:47:84:9b:b1:94:a4:0b:ab:32:2e:d7:8f:
88:d3:b2:aa:be:ba:8e:43:13:22:55:20:fe:d6:58:c2:25:fd:
8c:34:6d:f4:d8:69:16:ee:c4:67:0c:09:e1:f6:f1:6b:b4:bb:
96:66:e0:da:e6:6c:82:33:ed:c5:04:e6:37:29:30:66:83:e6:
8c:02:02:60
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPjHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MTE1MjUxWhcNMjUwMTE4MTE1MjUxWjAYMRYw
FAYDVQQDEw02NzdiYzQxOC1hNGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoXnPVC8V1z4FoKNeyFUtMQGrnfaM9cqYBVlXQZ9GdGSzgpSCuKi/fhe5
vLEBqRm64Lu5jbSElCvXHsUxK5pDCxZEZEAB1+/IwGQ9+9BrRjrcC8A2KygTOglO
4byZ+cah8bSoEmhwcIYumB4jaav6V5Dg2E/1ZB1iaIifdpX5lSq2FM9+k70ff7nA
3nPiHftIClukeGHNc7k5ThY+KpoVrecpcYWlwjrXxfIGFJ5D+l/O36RKbCWeMd1P
ZY2v4Rd/9pgbe2Ah99oep4Wt0KrfA9ywZhuEXSv6dig67jmWmQ6hcZNDE6WXBVeP
8Hvu6h1xoJo5+Iz8c64FjaymJrF5BQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD0p
9snz4miqfPQ6Oe+Ivob0yOHxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNEEyMUY0Q0NDMjQxMUVGQjAzMkRFQjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALch9MA0GCSqGSIb3DQEBCwUA
A4IBAQCUmDXAkZ0vsvInm1GQke1vyhWCpndPaZ8fK4lWIrZOrY/z5cjL51uFABXc
kDPJHvZbO+LAN7pj1WR74qhKKVWSIzUApAn/ctacRVLmFWtPzG0ZgLylWmUPHjbF
9x6EJ+LLIBmqobdlK0xF1ZvAaHzkKxfTUTjq+c/qZTLb94L6Tl5t77uBG7DGknBP
PgqvuSE4BYtqmq71Jk+696Ejz+EKwTz8BqOqqDhQOypdvhPyVtBNHLAwGFzVQ5xH
hJuxlKQLqzIu14+I07KqvrqOQxMiVSD+1ljCJf2MNG302GkW7sRnDAnh9vFrtLuW
ZuDa5myCM+3FBOY3KTBmg+aMAgJg
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:03 2025 by rpki-client