Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8FE67560DCC11EF8F60D05A017001B1.roa
File: C8FE67560DCC11EF8F60D05A017001B1.roa (raw, json)
Hash identifier: A8n84bt/4IYtzxOXCAAbWidVemSU1sB7Xc6kVtxTVPo=
Subject key identifier: B7:84:AF:A4:96:46:25:84:C3:76:72:A4:23:15:29:3F:F3:E8:1D:6B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8911
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8FE67560DCC11EF8F60D05A017001B1.roa
Signing time: Thu 09 May 2024 06:24:27 +0000
ROA not before: Thu 09 May 2024 06:24:23 +0000
ROA not after: Wed 29 May 2024 06:24:23 +0000
asID: 141883
IP address blocks: 45.200.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35089 (0x8911)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 9 06:24:23 2024 GMT
Not After : May 29 06:24:23 2024 GMT
Subject: CN=663c6c1b-c75b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d3:7d:6f:f8:27:47:aa:6c:7e:4b:c5:da:78:
e0:04:d9:c3:37:5e:2a:f3:47:dc:25:3a:ee:5f:9b:
34:5e:52:78:64:fc:89:a0:77:a0:ee:6b:8f:39:2b:
f1:30:97:ad:66:2f:b5:4b:80:9a:3e:9b:3b:73:61:
8e:ca:7d:79:8e:6d:31:68:cd:6c:ee:73:7b:25:51:
20:de:11:7c:e3:1a:9e:3f:7c:c1:7f:37:13:2a:29:
3a:7e:e5:fc:47:bd:4c:22:e3:0d:44:66:ca:95:db:
67:f0:21:6f:a7:26:5f:03:56:74:8c:cb:bc:0a:37:
ee:06:23:c4:63:0c:6b:e0:d0:57:13:6c:9e:8b:e7:
fd:29:a8:4d:1d:45:d9:2d:95:5f:96:8e:49:28:1b:
40:39:d4:3b:ba:6c:82:95:22:17:24:80:a0:9c:ed:
f4:cd:32:dc:54:82:55:3b:b4:37:6e:e4:a9:de:f1:
b4:99:bc:8f:f8:33:cb:ee:f2:9d:42:ad:df:81:3e:
34:85:c4:c8:3f:c4:6e:77:24:5b:95:a3:05:11:f1:
62:2e:ef:f0:de:c0:60:00:d8:b4:b9:ff:9f:ca:43:
b9:f1:16:96:e7:62:58:6d:ea:37:b9:71:95:2d:10:
f2:45:8b:7d:c6:70:63:ad:80:e6:d9:aa:38:7b:6f:
2e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:84:AF:A4:96:46:25:84:C3:76:72:A4:23:15:29:3F:F3:E8:1D:6B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8FE67560DCC11EF8F60D05A017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.20.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:35:da:6d:f9:3c:20:aa:97:4d:80:54:32:7b:04:82:4b:4a:
f0:0f:e5:f8:d0:31:b3:c5:94:b6:4c:91:bc:d6:8f:87:90:83:
fa:cc:6f:2c:7b:87:70:91:19:53:68:c2:5f:2b:d5:d1:43:d9:
d8:0c:79:29:1e:87:bf:0f:25:da:c1:c9:15:d4:e1:d7:e2:97:
eb:d1:26:27:65:f6:94:d4:8b:ae:09:22:91:fe:07:40:85:7b:
86:43:86:be:40:0d:8f:e2:2f:14:23:be:2e:43:e4:88:a8:07:
c8:da:bf:52:c1:50:7a:db:3f:5d:97:8c:7d:2f:bc:bd:0e:36:
12:cb:ce:36:46:3e:96:87:9d:4f:b1:67:ac:9f:0a:d4:98:72:
a7:1c:bc:4b:9e:b2:01:43:bb:c0:00:d8:6b:0a:1e:d5:9e:1b:
98:7c:bc:5c:2a:6a:09:4b:14:4a:d8:b2:c6:f7:67:e9:ad:85:
df:bd:fa:09:21:10:a4:ae:a2:f3:49:81:58:f8:a1:94:28:e7:
58:1b:57:f2:5c:0d:7c:fd:21:e1:85:18:1c:01:a6:1e:90:4f:
1b:21:39:fc:05:21:5a:14:f3:7f:d6:e1:38:3f:42:9f:a9:5f:
82:43:a4:6f:88:c3:f6:0d:d8:dc:9a:3b:c3:a8:fe:8a:01:0b:
6b:3d:d5:6b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIkRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTA5MDYyNDIzWhcNMjQwNTI5MDYyNDIzWjAYMRYw
FAYDVQQDEw02NjNjNmMxYi1jNzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApNN9b/gnR6psfkvF2njgBNnDN14q80fcJTruX5s0XlJ4ZPyJoHeg7muP
OSvxMJetZi+1S4CaPps7c2GOyn15jm0xaM1s7nN7JVEg3hF84xqeP3zBfzcTKik6
fuX8R71MIuMNRGbKldtn8CFvpyZfA1Z0jMu8CjfuBiPEYwxr4NBXE2yei+f9KahN
HUXZLZVflo5JKBtAOdQ7umyClSIXJICgnO30zTLcVIJVO7Q3buSp3vG0mbyP+DPL
7vKdQq3fgT40hcTIP8RudyRblaMFEfFiLu/w3sBgANi0uf+fykO58RaW52JYbeo3
uXGVLRDyRYt9xnBjrYDm2ao4e28uFQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLeE
r6SWRiWEw3ZypCMVKT/z6B1rMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOEZFNjc1NjBEQ0MxMUVGOEY2MEQwNUEwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcgUMA0GCSqGSIb3DQEBCwUA
A4IBAQAPNdpt+TwgqpdNgFQyewSCS0rwD+X40DGzxZS2TJG81o+HkIP6zG8se4dw
kRlTaMJfK9XRQ9nYDHkpHoe/DyXawckV1OHX4pfr0SYnZfaU1IuuCSKR/gdAhXuG
Q4a+QA2P4i8UI74uQ+SIqAfI2r9SwVB62z9dl4x9L7y9DjYSy842Rj6Wh51PsWes
nwrUmHKnHLxLnrIBQ7vAANhrCh7VnhuYfLxcKmoJSxRK2LLG92fprYXfvfoJIRCk
rqLzSYFY+KGUKOdYG1fyXA18/SHhhRgcAaYekE8bITn8BSFaFPN/1uE4P0KfqV+C
Q6RviMP2DdjcmjvDqP6KAQtrPdVr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:07 2024 by rpki-client on console-ams.rpki-client.org