Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA5CD7EECABF11EF9054575A762E951A.roa
File: CA5CD7EECABF11EF9054575A762E951A.roa (raw, json)
Hash identifier: J0JaUyHXf4/oZnYa5IEGsu/qM1M9ZF/KrTeHtr+SyXY=
Subject key identifier: D2:45:3A:D1:64:B4:EE:31:C8:D1:6C:1F:D2:2D:99:B2:15:03:CB:6F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F714
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA5CD7EECABF11EF9054575A762E951A.roa
Signing time: Sat 04 Jan 2025 17:17:36 +0000
ROA not before: Sun 05 Jan 2025 17:17:32 +0000
ROA not after: Thu 16 Jan 2025 17:17:32 +0000
asID: 395793
IP address blocks: 45.192.120.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63252 (0xf714)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 17:17:32 2025 GMT
Not After : Jan 16 17:17:32 2025 GMT
Subject: CN=67796d2f-0623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bd:f4:17:32:7b:81:3e:97:2a:0f:15:ca:98:
b0:34:e3:12:9e:3a:eb:13:fa:c5:d1:ba:82:42:ab:
96:b5:70:ef:ff:f7:03:fa:2f:c7:53:f5:f1:45:5c:
00:4c:2c:65:b8:10:6d:08:bf:9f:0a:8a:09:a0:9b:
b1:e5:48:34:ec:a5:9b:6e:52:e6:39:04:dc:73:c3:
29:a8:0d:ff:06:e6:51:b6:68:e6:aa:e2:b9:16:f3:
22:a4:59:a9:0d:6c:ac:cf:51:c1:46:cd:79:7e:b1:
7f:f0:dd:e7:3b:e1:88:0a:e8:29:44:9e:3a:18:31:
69:2b:10:47:a2:29:82:0b:9b:4d:49:72:3b:77:a8:
58:5f:ee:32:9e:78:01:92:ad:9d:75:c0:8b:4a:6d:
ad:1a:63:e0:85:db:2d:7a:22:be:e7:ee:24:93:b9:
34:15:c8:74:99:9f:d2:14:c9:1a:8f:09:a2:51:5e:
0c:53:6c:b2:58:00:32:e9:7a:45:87:8a:e7:68:1f:
c4:c5:7e:5e:b8:6f:38:69:76:b5:92:8c:a8:35:c7:
ca:01:00:a6:d3:66:d0:2b:26:01:42:0c:7d:c5:2c:
a9:41:91:4b:62:ed:45:b6:07:6f:f6:ef:14:e0:b8:
3a:df:bc:08:0d:07:7f:3f:e3:bb:51:bf:98:7a:34:
b8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:45:3A:D1:64:B4:EE:31:C8:D1:6C:1F:D2:2D:99:B2:15:03:CB:6F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA5CD7EECABF11EF9054575A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.120.0/21
Signature Algorithm: sha256WithRSAEncryption
30:af:a9:a2:fb:80:a4:3f:f9:62:56:52:b5:91:54:08:91:49:
2a:9c:8b:87:f5:cd:00:a5:5b:1a:55:9c:57:26:07:ef:86:1e:
68:37:ca:33:f4:ae:e0:64:1f:35:0d:98:f2:f5:60:e0:27:e2:
e6:e5:ab:19:3a:6f:9b:ec:af:96:03:aa:10:81:e5:39:e7:92:
ea:13:a3:5e:47:db:f1:7f:fb:52:79:ff:22:53:d7:39:e6:3b:
14:da:0b:0e:a9:41:af:e9:f9:a3:80:31:1f:d0:6d:d7:6c:75:
5d:b1:ac:45:09:86:68:1e:bc:d6:40:ba:a7:db:ec:7e:96:09:
92:30:e3:71:2b:e9:f9:0c:df:a8:b9:03:44:b7:d5:36:72:87:
c8:30:7b:09:0f:bb:f7:8e:4d:e9:8d:e2:ce:bf:be:ed:28:59:
7b:0d:34:10:d4:59:c3:f1:68:b2:4a:dc:30:b0:74:28:01:2a:
c8:28:8c:03:46:f1:38:ef:bd:0d:14:84:37:97:aa:90:7f:ec:
b2:a9:8c:19:bc:b9:15:8e:56:cd:d9:98:08:ff:35:e2:ff:b7:
b3:ff:77:29:14:67:d8:3f:02:c4:10:8b:b9:7d:61:33:7a:06:
1b:05:07:c0:74:4f:b1:b3:07:24:e3:d4:3c:8d:39:07:e6:b9:
ec:2c:c7:b4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPcUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTcxNzMyWhcNMjUwMTE2MTcxNzMyWjAYMRYw
FAYDVQQDEw02Nzc5NmQyZi0wNjIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs730FzJ7gT6XKg8VypiwNOMSnjrrE/rF0bqCQquWtXDv//cD+i/HU/Xx
RVwATCxluBBtCL+fCooJoJux5Ug07KWbblLmOQTcc8MpqA3/BuZRtmjmquK5FvMi
pFmpDWysz1HBRs15frF/8N3nO+GICugpRJ46GDFpKxBHoimCC5tNSXI7d6hYX+4y
nngBkq2ddcCLSm2tGmPghdsteiK+5+4kk7k0Fch0mZ/SFMkajwmiUV4MU2yyWAAy
6XpFh4rnaB/ExX5euG84aXa1koyoNcfKAQCm02bQKyYBQgx9xSypQZFLYu1Ftgdv
9u8U4Lg637wIDQd/P+O7Ub+YejS4XQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNJF
OtFktO4xyNFsH9ItmbIVA8tvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQTVDRDdFRUNBQkYxMUVGOTA1NDU3NUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcB4MA0GCSqGSIb3DQEBCwUA
A4IBAQAwr6mi+4CkP/liVlK1kVQIkUkqnIuH9c0ApVsaVZxXJgfvhh5oN8oz9K7g
ZB81DZjy9WDgJ+Lm5asZOm+b7K+WA6oQgeU555LqE6NeR9vxf/tSef8iU9c55jsU
2gsOqUGv6fmjgDEf0G3XbHVdsaxFCYZoHrzWQLqn2+x+lgmSMONxK+n5DN+ouQNE
t9U2cofIMHsJD7v3jk3pjeLOv77tKFl7DTQQ1FnD8WiyStwwsHQoASrIKIwDRvE4
770NFIQ3l6qQf+yyqYwZvLkVjlbN2ZgI/zXi/7ez/3cpFGfYPwLEEIu5fWEzegYb
BQfAdE+xswck49Q8jTkH5rnsLMe0
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:35 2025 by rpki-client