Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D58E5822B85411EFBD1AFA5B762E951A.roa
File: D58E5822B85411EFBD1AFA5B762E951A.roa (raw, json)
Hash identifier: XQ+BPxYFQiGFuWq8TRdWX5/VMsnd8yuxtMNZfXmfANU=
Subject key identifier: 00:D9:55:B8:FE:59:56:B6:3B:7E:FC:EA:10:D5:42:CD:D7:B6:7C:AA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E2A2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D58E5822B85411EFBD1AFA5B762E951A.roa
Signing time: Thu 12 Dec 2024 06:46:37 +0000
ROA not before: Thu 12 Dec 2024 06:46:34 +0000
ROA not after: Fri 31 Jan 2025 06:46:34 +0000
asID: 149440
IP address blocks: 45.195.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58018 (0xe2a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 12 06:46:34 2024 GMT
Not After : Jan 31 06:46:34 2025 GMT
Subject: CN=675a86cd-4f0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e7:35:f8:af:b2:e5:8d:8d:90:10:a7:d1:65:
ef:f8:ed:0b:a3:fe:4a:da:7a:56:75:3d:fb:54:3b:
ec:5d:98:a1:b3:02:88:8c:4a:d5:37:fb:d8:52:1e:
d9:c6:f7:6a:35:e4:47:ea:b9:7b:50:b6:6a:c6:45:
f5:d9:5c:61:a9:d0:86:3e:e5:05:92:54:5e:84:d3:
50:78:72:92:1a:94:ef:9e:bc:a0:ae:f9:d8:fc:54:
6d:7e:d0:e0:df:16:62:fa:c1:38:a1:c9:18:bf:f7:
03:9c:af:45:8e:dd:b4:6d:9a:82:63:70:97:8e:9b:
14:1d:c3:2f:05:ee:1e:04:0f:4b:d7:33:ce:0d:8a:
fc:91:c8:33:23:74:e0:26:6e:00:3e:95:51:9e:bc:
62:cd:7b:39:07:79:08:16:e1:3e:50:10:a0:4c:6d:
30:d8:e0:19:ae:3e:4f:47:d5:3c:20:cf:7c:ce:dc:
1e:1a:24:d5:81:3a:f5:49:07:16:11:a8:0a:f9:6e:
e2:33:35:5e:5f:e6:c2:cc:32:00:9a:c8:6b:34:d1:
75:89:8a:f5:fa:35:17:16:19:90:ce:7d:16:ff:8b:
79:90:d6:69:fb:a8:93:69:90:67:b1:4a:a1:59:47:
e9:9f:71:77:2b:ec:d4:a4:6c:f7:3e:c7:8f:0a:50:
04:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:D9:55:B8:FE:59:56:B6:3B:7E:FC:EA:10:D5:42:CD:D7:B6:7C:AA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D58E5822B85411EFBD1AFA5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.76.0/24
Signature Algorithm: sha256WithRSAEncryption
28:90:5a:29:d6:13:68:ec:89:b9:35:64:7c:6f:f3:94:5f:32:
65:d9:09:47:46:4f:ca:ca:70:3b:f1:0a:05:72:24:c5:f2:72:
bc:a0:c0:65:2f:6c:34:99:5d:aa:8e:9d:7a:1c:88:24:c3:aa:
c3:9e:b4:3c:86:bd:62:c8:ab:b4:34:8a:54:74:d5:e8:53:df:
61:7f:5b:c9:c9:3a:c1:38:f2:57:a0:cf:b8:be:14:3b:6e:0c:
55:71:a1:7e:af:ae:40:3a:95:fd:99:66:2b:6d:88:a4:69:d2:
81:97:d7:c4:a3:a3:c7:d7:6e:f2:9a:fb:f7:27:8e:1a:cd:a9:
f3:c1:ea:29:57:88:83:83:8f:72:51:ac:41:c7:c8:6b:45:01:
01:89:a6:f8:00:8c:cf:57:d5:f8:c6:f9:11:1d:a7:1a:cf:f5:
78:1c:f0:3f:a8:67:00:11:24:19:c2:03:20:1b:49:5a:12:06:
45:aa:50:8d:09:59:2d:a7:35:eb:2b:5a:b0:0b:79:bf:b7:a8:
18:d7:06:f1:18:fd:be:af:d5:26:46:20:f0:a4:07:ac:35:b4:
fc:59:8f:e8:61:1a:2f:c5:b1:7f:fe:4c:08:da:84:9e:da:0d:
5e:89:9d:83:6f:b1:1c:d3:be:78:71:29:63:fa:69:fa:cc:7e:
c7:07:82:32
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOKiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjEyMDY0NjM0WhcNMjUwMTMxMDY0NjM0WjAYMRYw
FAYDVQQDEw02NzVhODZjZC00ZjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnec1+K+y5Y2NkBCn0WXv+O0Lo/5K2npWdT37VDvsXZihswKIjErVN/vY
Uh7ZxvdqNeRH6rl7ULZqxkX12VxhqdCGPuUFklRehNNQeHKSGpTvnrygrvnY/FRt
ftDg3xZi+sE4ockYv/cDnK9Fjt20bZqCY3CXjpsUHcMvBe4eBA9L1zPODYr8kcgz
I3TgJm4APpVRnrxizXs5B3kIFuE+UBCgTG0w2OAZrj5PR9U8IM98ztweGiTVgTr1
SQcWEagK+W7iMzVeX+bCzDIAmshrNNF1iYr1+jUXFhmQzn0W/4t5kNZp+6iTaZBn
sUqhWUfpn3F3K+zUpGz3PsePClAEZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFADZ
Vbj+WVa2O3786hDVQs3XtnyqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENThFNTgyMkI4NTQxMUVGQkQxQUZBNUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcNMMA0GCSqGSIb3DQEBCwUA
A4IBAQAokFop1hNo7Im5NWR8b/OUXzJl2QlHRk/KynA78QoFciTF8nK8oMBlL2w0
mV2qjp16HIgkw6rDnrQ8hr1iyKu0NIpUdNXoU99hf1vJyTrBOPJXoM+4vhQ7bgxV
caF+r65AOpX9mWYrbYikadKBl9fEo6PH127ymvv3J44azanzweopV4iDg49yUaxB
x8hrRQEBiab4AIzPV9X4xvkRHacaz/V4HPA/qGcAESQZwgMgG0laEgZFqlCNCVkt
pzXrK1qwC3m/t6gY1wbxGP2+r9UmRiDwpAesNbT8WY/oYRovxbF//kwI2oSe2g1e
iZ2Db7Ec0754cSlj+mn6zH7HB4Iy
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:26 2025 by rpki-client