Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5F1AD9802F411EFA88B4400017001B1.roa
File: D5F1AD9802F411EFA88B4400017001B1.roa (raw, json)
Hash identifier: DlRsf8t1kZbkzzMNRD9mXDsEZnLaQNqoWzAZuN+9H74=
Subject key identifier: BE:A8:5D:E7:47:C1:8C:B2:AB:D8:DC:1C:5A:A7:FE:5B:49:BE:7E:94
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 84FB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5F1AD9802F411EFA88B4400017001B1.roa
Signing time: Thu 25 Apr 2024 11:13:26 +0000
ROA not before: Thu 25 Apr 2024 11:13:22 +0000
ROA not after: Sun 05 May 2024 11:13:22 +0000
asID: 39600
IP address blocks: 45.196.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34043 (0x84fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 25 11:13:22 2024 GMT
Not After : May 5 11:13:22 2024 GMT
Subject: CN=662a3ad6-94c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ac:79:79:30:03:44:3d:5f:e3:be:90:b5:1b:
4a:23:b0:46:6a:ee:4a:04:96:c0:f8:6b:19:70:cc:
25:26:50:eb:89:0b:42:a5:58:e6:26:f3:c4:da:ed:
ef:2b:cb:d5:0b:55:2d:4b:c3:42:5b:17:76:5f:6f:
19:6a:94:c5:62:a5:f3:cd:8f:1d:7a:47:fb:be:a8:
38:c3:4f:39:98:e7:15:e1:ac:88:fe:c7:eb:63:b9:
2b:7e:a0:d8:8d:25:80:8a:de:39:02:c0:c9:76:b9:
5c:43:7c:ba:b8:2a:7c:43:80:99:64:9b:f9:29:6a:
ad:74:b4:30:a6:f1:9f:b1:b5:b6:0f:c6:6b:9a:52:
23:4b:41:54:59:3a:f0:c7:80:71:52:47:05:05:e2:
59:b7:32:55:a6:16:bb:84:fd:85:73:41:f3:bc:5a:
48:92:35:c4:fc:2a:55:f3:4f:90:a3:e2:20:da:87:
31:2d:3b:ab:b7:96:f5:0b:14:cc:e5:29:c8:2a:c8:
eb:72:06:21:16:bc:3c:00:3d:9c:30:1f:e0:b0:de:
58:c8:9c:8d:9b:40:43:a7:dd:51:c9:c5:98:14:2d:
6c:89:cf:55:01:5e:26:eb:ad:7e:6d:a5:57:7f:e9:
24:5e:73:c6:45:aa:ce:bc:fa:fd:aa:9c:61:7b:16:
e0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:A8:5D:E7:47:C1:8C:B2:AB:D8:DC:1C:5A:A7:FE:5B:49:BE:7E:94
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5F1AD9802F411EFA88B4400017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.132.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:89:b0:a3:b9:f9:9f:74:65:55:8a:68:e3:c8:31:8a:16:04:
c2:e4:49:18:26:c6:02:83:d9:d9:65:f2:0c:d4:b5:bb:ba:4c:
3c:35:5b:1e:07:84:33:f0:f4:53:ba:04:6c:e8:bf:72:be:16:
ac:76:b1:2c:1d:86:68:b6:56:36:31:b9:c2:3f:65:61:ed:b8:
87:13:b0:da:78:55:d9:b6:47:2f:92:09:d9:0f:97:87:44:dc:
ac:66:62:e8:6a:f8:5c:b2:52:14:93:36:9c:d4:aa:dd:85:39:
fe:a2:f7:80:95:01:03:cb:04:f9:09:76:5a:5f:0c:69:75:32:
25:e8:17:ed:b6:e4:75:e2:7d:fd:14:95:77:5e:de:66:ac:11:
6f:73:d3:48:33:d0:b9:3f:fc:26:a9:47:5f:3b:c4:7b:68:74:
1d:53:d3:1e:4f:73:42:23:1e:63:be:71:a2:22:03:f0:e8:d4:
21:5b:2b:9a:c4:9b:b5:8d:c1:c2:dd:9a:79:cd:f0:69:3d:d4:
aa:f1:8b:1b:5c:91:93:b9:81:e5:23:f1:bf:80:42:3f:f0:0f:
86:b9:30:01:6c:94:43:db:a6:8e:ef:94:cb:6a:dc:5b:b4:f5:
8c:bd:fb:c3:a5:89:5a:3e:06:a4:26:c1:5c:6b:d4:fd:e7:1a:
ca:47:bd:86
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIT7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI1MTExMzIyWhcNMjQwNTA1MTExMzIyWjAYMRYw
FAYDVQQDEw02NjJhM2FkNi05NGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlax5eTADRD1f476QtRtKI7BGau5KBJbA+GsZcMwlJlDriQtCpVjmJvPE
2u3vK8vVC1UtS8NCWxd2X28ZapTFYqXzzY8dekf7vqg4w085mOcV4ayI/sfrY7kr
fqDYjSWAit45AsDJdrlcQ3y6uCp8Q4CZZJv5KWqtdLQwpvGfsbW2D8ZrmlIjS0FU
WTrwx4BxUkcFBeJZtzJVpha7hP2Fc0HzvFpIkjXE/CpV80+Qo+Ig2ocxLTurt5b1
CxTM5SnIKsjrcgYhFrw8AD2cMB/gsN5YyJyNm0BDp91RycWYFC1sic9VAV4m661+
baVXf+kkXnPGRarOvPr9qpxhexbgBwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL6o
XedHwYyyq9jcHFqn/ltJvn6UMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENUYxQUQ5ODAyRjQxMUVGQTg4QjQ0MDAwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcSEMA0GCSqGSIb3DQEBCwUA
A4IBAQCKibCjufmfdGVVimjjyDGKFgTC5EkYJsYCg9nZZfIM1LW7ukw8NVseB4Qz
8PRTugRs6L9yvhasdrEsHYZotlY2MbnCP2Vh7biHE7DaeFXZtkcvkgnZD5eHRNys
ZmLoavhcslIUkzac1KrdhTn+oveAlQEDywT5CXZaXwxpdTIl6BfttuR14n39FJV3
Xt5mrBFvc9NIM9C5P/wmqUdfO8R7aHQdU9MeT3NCIx5jvnGiIgPw6NQhWyuaxJu1
jcHC3Zp5zfBpPdSq8YsbXJGTuYHlI/G/gEI/8A+GuTABbJRD26aO75TLatxbtPWM
vfvDpYlaPgakJsFca9T95xrKR72G
-----END CERTIFICATE-----
Generated at Mon May 6 02:18:25 2024 by rpki-client on console-ams.rpki-client.org