Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD9F7E54C47811EFAA18FC75762E951A.roa
File: CD9F7E54C47811EFAA18FC75762E951A.roa (raw, json)
Hash identifier: WeZ76gMhKVLJNI1PafF9g6wMdxUT9qnavl++jNJmFpE=
Subject key identifier: 88:03:CE:61:0D:0C:57:10:DD:92:A1:53:4C:6B:B1:B4:8B:96:FC:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F0F2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD9F7E54C47811EFAA18FC75762E951A.roa
Signing time: Fri 27 Dec 2024 17:34:20 +0000
ROA not before: Fri 27 Dec 2024 17:34:16 +0000
ROA not after: Sat 01 Feb 2025 17:34:16 +0000
asID: 138995
IP address blocks: 45.192.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61682 (0xf0f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 27 17:34:16 2024 GMT
Not After : Feb 1 17:34:16 2025 GMT
Subject: CN=676ee51c-70d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a8:02:c5:89:71:2b:4b:bf:af:4e:02:08:4e:
4d:e1:df:5b:e3:07:14:26:ab:2b:be:71:9f:f0:e0:
6f:9e:a8:8b:f1:8f:eb:83:54:c3:25:66:a7:51:ca:
d2:aa:88:8c:9f:21:8a:1f:3b:42:ef:e9:6d:6d:f9:
a7:16:44:17:d9:9f:e7:6b:d6:f6:71:74:da:c1:3d:
1a:e5:e1:51:98:b3:16:43:18:ca:25:e3:1a:c2:60:
0d:36:03:35:29:20:0a:8f:37:4b:09:79:69:12:03:
87:f7:c9:03:4f:3f:24:49:a9:e3:08:71:9f:0e:59:
f9:84:ba:57:23:0d:d3:60:a3:ca:26:57:f8:3d:4d:
b3:49:e6:a1:79:79:bd:78:65:aa:ed:a9:60:c2:51:
2f:c0:72:3a:fc:00:a9:60:1f:e9:37:4b:12:2d:23:
8e:3e:5f:3c:5e:62:1a:af:bc:16:d1:5e:ca:21:2b:
31:ba:db:44:bc:6a:09:e2:b8:a1:d7:c2:08:2a:ae:
f7:92:3b:94:f8:7c:a6:96:7e:98:cd:2b:ba:21:8e:
4a:50:f4:5c:c1:1c:9f:19:e2:81:a1:8d:9d:1f:48:
c7:22:6a:28:ce:50:fa:49:51:71:91:f1:0a:74:f3:
e9:f7:6e:4b:e3:0d:52:3f:49:87:15:4a:96:77:f5:
3f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:03:CE:61:0D:0C:57:10:DD:92:A1:53:4C:6B:B1:B4:8B:96:FC:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD9F7E54C47811EFAA18FC75762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.168.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:bf:9a:b9:94:a9:3b:21:70:97:52:ca:c6:37:dc:bd:a2:6e:
44:57:4c:68:9e:0d:c1:37:e3:57:7e:e7:29:72:96:db:80:44:
32:40:37:50:61:00:9d:28:60:67:ef:fc:c6:c4:76:dc:02:9e:
6b:0c:d3:fe:49:f1:57:ec:ec:42:2d:a1:cf:6f:f2:e8:a6:2f:
d2:cb:cd:72:cb:02:6d:36:00:a8:b9:bc:f6:83:a6:82:a6:01:
c8:b8:01:04:19:03:b9:b8:67:bd:1b:1a:1e:ab:87:01:39:6d:
ba:57:3e:27:e5:99:51:9f:df:e7:88:fb:1f:30:d9:55:0d:e3:
41:8b:1a:d6:09:46:8a:e7:21:4f:7f:a6:23:e8:7f:5b:19:51:
fa:0b:52:f9:44:d1:32:5e:b0:52:36:ec:22:25:63:b8:b0:9a:
b8:b3:64:f9:49:f3:82:9d:1d:2a:71:d8:4b:67:97:54:9e:42:
c0:45:a1:34:96:8c:37:07:c9:38:00:eb:8d:a5:1e:ef:19:fe:
b2:d2:47:8b:24:0f:4d:64:08:1c:30:08:29:71:2c:f1:fa:80:
cc:7b:79:75:70:45:cb:7c:15:7d:12:7f:d9:f9:ba:1c:5e:2b:
8e:b1:11:c1:89:06:d4:b1:a6:e2:23:f5:c6:04:36:b7:d2:d8:
a8:15:94:e2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPDyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI3MTczNDE2WhcNMjUwMjAxMTczNDE2WjAYMRYw
FAYDVQQDEw02NzZlZTUxYy03MGQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuKgCxYlxK0u/r04CCE5N4d9b4wcUJqsrvnGf8OBvnqiL8Y/rg1TDJWan
UcrSqoiMnyGKHztC7+ltbfmnFkQX2Z/na9b2cXTawT0a5eFRmLMWQxjKJeMawmAN
NgM1KSAKjzdLCXlpEgOH98kDTz8kSanjCHGfDln5hLpXIw3TYKPKJlf4PU2zSeah
eXm9eGWq7algwlEvwHI6/ACpYB/pN0sSLSOOPl88XmIar7wW0V7KISsxuttEvGoJ
4rih18IIKq73kjuU+Hymln6YzSu6IY5KUPRcwRyfGeKBoY2dH0jHImoozlD6SVFx
kfEKdPPp925L4w1SP0mHFUqWd/U/+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIgD
zmENDFcQ3ZKhU0xrsbSLlvzdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRDlGN0U1NEM0NzgxMUVGQUExOEZDNzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcCoMA0GCSqGSIb3DQEBCwUA
A4IBAQCKv5q5lKk7IXCXUsrGN9y9om5EV0xong3BN+NXfucpcpbbgEQyQDdQYQCd
KGBn7/zGxHbcAp5rDNP+SfFX7OxCLaHPb/Lopi/Sy81yywJtNgCoubz2g6aCpgHI
uAEEGQO5uGe9Gxoeq4cBOW26Vz4n5ZlRn9/niPsfMNlVDeNBixrWCUaK5yFPf6Yj
6H9bGVH6C1L5RNEyXrBSNuwiJWO4sJq4s2T5SfOCnR0qcdhLZ5dUnkLARaE0low3
B8k4AOuNpR7vGf6y0keLJA9NZAgcMAgpcSzx+oDMe3l1cEXLfBV9En/Z+bocXiuO
sRHBiQbUsabiI/XGBDa30tioFZTi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:23 2025 by rpki-client