Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBD8A17ED00F11EFA9CBD3B1762E951A.roa
File: DBD8A17ED00F11EFA9CBD3B1762E951A.roa (raw, json)
Hash identifier: nXZxoEmP/+8NMYDjnQUhWjFgr4zL5uUFs7KnmVJqN+0=
Subject key identifier: 58:5E:27:06:6F:3E:C6:44:29:6C:7A:2E:15:F4:EC:FA:53:D2:04:FF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0105DC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBD8A17ED00F11EFA9CBD3B1762E951A.roa
Signing time: Sat 11 Jan 2025 11:33:20 +0000
ROA not before: Sat 11 Jan 2025 11:33:17 +0000
ROA not after: Sat 25 Jan 2025 11:33:17 +0000
asID: 139646
IP address blocks: 45.200.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67036 (0x105dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 11 11:33:17 2025 GMT
Not After : Jan 25 11:33:17 2025 GMT
Subject: CN=67825700-d183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:25:73:0b:0e:96:fb:f9:4e:0f:14:88:23:b5:
96:4b:2c:10:ca:ac:e2:5a:35:64:00:9e:45:75:41:
b3:7e:c8:f7:0e:63:1c:c9:70:0f:60:70:30:d3:d9:
f8:66:8e:cd:0a:01:1b:e1:a9:84:5a:e0:1c:f3:f8:
58:e3:0b:73:05:4e:af:9f:dd:da:3d:4f:c7:fb:5b:
81:83:fc:be:88:4a:d2:6d:7a:42:7d:92:40:c8:20:
d8:81:ff:e8:e4:6e:4c:a0:44:fc:a6:41:5c:db:f6:
bc:ca:9a:7e:cd:1c:99:e3:3e:89:08:2c:f8:b0:74:
75:86:f5:da:4a:b0:8c:c1:dd:a8:b9:f0:f8:ea:46:
9c:88:81:67:b9:2b:57:be:7f:4e:f8:8b:2f:1c:a1:
ae:f8:2a:84:1b:13:03:11:ef:fe:47:1a:3c:b1:bd:
9d:da:d9:4d:49:5b:d2:c6:47:e7:7d:f0:4c:ce:d8:
13:7c:72:12:fe:51:4c:3f:61:38:4c:9a:8e:47:1c:
27:e7:d8:0a:ae:07:ea:d7:f8:70:18:10:15:df:be:
eb:04:c5:31:df:53:3f:ae:e0:ed:ee:c8:1f:42:26:
75:34:90:0d:19:b6:f5:81:64:52:5d:39:5e:25:15:
33:be:c3:3c:87:25:ab:4f:c3:26:e6:d3:1e:98:dd:
9c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:5E:27:06:6F:3E:C6:44:29:6C:7A:2E:15:F4:EC:FA:53:D2:04:FF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBD8A17ED00F11EFA9CBD3B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.20.0/22
Signature Algorithm: sha256WithRSAEncryption
36:ca:66:1b:d4:40:49:4c:bc:a8:bb:26:26:bb:f8:a9:c1:9a:
59:1a:d3:a2:31:b1:d5:c7:24:5b:b3:5a:c3:2a:8e:b8:36:e8:
1c:38:d8:c2:9d:ac:bc:47:19:e6:9d:59:db:c5:74:43:49:e3:
af:2a:40:4d:22:d6:e3:8b:4b:4d:02:e8:23:37:db:31:fe:e1:
e5:ea:2e:d2:29:fb:be:ab:00:2f:d2:f8:0c:07:64:66:3f:1b:
3a:bb:ba:c3:c5:36:d9:a4:a2:cf:d1:4d:15:f6:7a:f0:65:7d:
0e:e8:15:b8:c9:75:e8:98:a8:cf:80:2e:d1:48:dd:c7:80:e5:
b4:32:f8:9d:78:8c:2d:dd:1e:a5:73:d0:9e:dc:a5:bc:4d:50:
d9:11:df:14:20:d4:84:70:51:80:34:d3:43:d7:f2:bb:c7:f0:
dd:0b:47:9b:97:fa:d6:34:78:0b:cb:7e:fb:e2:4f:e9:fc:28:
30:da:dd:39:8f:d2:5c:13:47:38:c5:ae:3d:ed:a6:42:07:81:
c2:1b:b0:d8:f3:8b:30:c1:68:92:a2:74:76:da:9c:47:8b:f2:
b5:b6:c6:3a:9b:75:b8:8b:ed:a4:f5:f8:08:14:16:7f:f4:88:
b9:ac:20:7e:85:77:36:14:dc:16:45:95:a8:ca:24:fd:1d:e4:
7d:c0:d4:f6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQXcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTExMTEzMzE3WhcNMjUwMTI1MTEzMzE3WjAYMRYw
FAYDVQQDEw02NzgyNTcwMC1kMTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqiVzCw6W+/lODxSII7WWSywQyqziWjVkAJ5FdUGzfsj3DmMcyXAPYHAw
09n4Zo7NCgEb4amEWuAc8/hY4wtzBU6vn93aPU/H+1uBg/y+iErSbXpCfZJAyCDY
gf/o5G5MoET8pkFc2/a8ypp+zRyZ4z6JCCz4sHR1hvXaSrCMwd2oufD46kaciIFn
uStXvn9O+IsvHKGu+CqEGxMDEe/+Rxo8sb2d2tlNSVvSxkfnffBMztgTfHIS/lFM
P2E4TJqORxwn59gKrgfq1/hwGBAV377rBMUx31M/ruDt7sgfQiZ1NJANGbb1gWRS
XTleJRUzvsM8hyWrT8Mm5tMemN2csQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFhe
JwZvPsZEKWx6LhX07PpT0gT/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQkQ4QTE3RUQwMEYxMUVGQTlDQkQzQjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcgUMA0GCSqGSIb3DQEBCwUA
A4IBAQA2ymYb1EBJTLyouyYmu/ipwZpZGtOiMbHVxyRbs1rDKo64NugcONjCnay8
RxnmnVnbxXRDSeOvKkBNItbji0tNAugjN9sx/uHl6i7SKfu+qwAv0vgMB2RmPxs6
u7rDxTbZpKLP0U0V9nrwZX0O6BW4yXXomKjPgC7RSN3HgOW0MvideIwt3R6lc9Ce
3KW8TVDZEd8UINSEcFGANNND1/K7x/DdC0ebl/rWNHgLy3774k/p/Cgw2t05j9Jc
E0c4xa497aZCB4HCG7DY84swwWiSonR22pxHi/K1tsY6m3W4i+2k9fgIFBZ/9Ii5
rCB+hXc2FNwWRZWoyiT9HeR9wNT2
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:39 2025 by rpki-client