Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF85E6F6CE9811EF812E2E61762E951A.roa
File: DF85E6F6CE9811EF812E2E61762E951A.roa (raw, json)
Hash identifier: qU4SECWMXO3CY8SGwrs48LV/Sjm/MZLjZcfU+uqvxS8=
Subject key identifier: DA:9E:B9:41:5E:85:52:37:D0:E2:D4:E8:92:01:BE:D8:1F:2E:F9:4E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01040E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF85E6F6CE9811EF812E2E61762E951A.roa
Signing time: Thu 09 Jan 2025 14:49:05 +0000
ROA not before: Thu 09 Jan 2025 14:49:02 +0000
ROA not after: Thu 23 Jan 2025 14:49:02 +0000
asID: 5065
IP address blocks: 45.195.216.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66574 (0x1040e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 14:49:02 2025 GMT
Not After : Jan 23 14:49:02 2025 GMT
Subject: CN=677fe1e1-c85a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:07:f5:7b:05:57:a1:f6:3f:df:5b:a1:68:3d:
88:15:ab:57:43:96:6c:9a:fa:97:e2:10:ad:f6:43:
b0:28:4a:ef:fa:74:0c:2e:87:95:e1:86:4c:ee:b2:
8d:dd:9a:6e:8f:56:d4:b8:15:db:66:c9:9d:4c:6d:
c8:93:b7:09:11:05:0f:86:f3:c4:dc:9d:8e:3d:93:
6b:4c:77:8d:15:bc:d6:f0:af:be:bd:85:3f:d4:1b:
19:55:3e:f1:1a:0a:e1:1f:fc:08:4e:62:7e:84:60:
46:aa:ff:ce:09:d5:e2:04:b0:eb:1c:b9:44:e9:bc:
4d:56:06:84:a6:f6:3f:6c:18:86:d6:32:68:3d:4b:
26:17:01:8a:9d:94:f0:5e:ca:c0:04:54:03:e8:fd:
95:ae:79:0f:30:6a:39:16:b0:b9:27:ee:4f:6a:14:
99:03:0e:d5:5d:98:4f:72:e3:a3:9d:84:2d:2e:c9:
47:d2:0c:76:20:3f:e5:38:49:dc:ee:11:e1:82:45:
2d:93:ce:e5:ea:57:b8:0a:c7:a8:6b:44:81:77:8e:
ec:5d:1e:44:6d:be:7c:78:ca:58:87:e2:69:a2:81:
9c:88:40:3d:34:c8:7f:27:fb:89:db:ce:55:5e:b3:
bb:41:7e:8c:ce:1f:f2:c3:da:c8:74:5a:a8:21:de:
a5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9E:B9:41:5E:85:52:37:D0:E2:D4:E8:92:01:BE:D8:1F:2E:F9:4E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF85E6F6CE9811EF812E2E61762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.216.0/21
Signature Algorithm: sha256WithRSAEncryption
6a:66:b1:71:3a:3b:56:7f:fe:76:60:bb:37:f8:5d:9f:e0:d5:
1d:3d:24:4b:9d:16:38:ba:5b:5f:b9:55:a4:f5:5f:9f:9d:9d:
a5:b6:15:e7:90:20:a6:dc:0e:aa:79:75:a2:72:3d:5b:ff:78:
83:0f:f1:1e:ff:6a:78:36:ca:07:b2:95:19:80:e3:8b:30:fb:
ef:5a:63:bb:25:f7:37:1a:73:b7:54:94:69:94:2f:63:ec:42:
63:c0:36:9f:9e:bf:c3:37:e0:cd:f7:14:92:a2:f6:7f:1c:c8:
38:8f:ca:11:f9:ea:3e:8e:8c:70:fe:ed:f8:a3:5c:ac:33:b3:
d2:19:be:7e:7d:c6:bf:2a:84:64:3c:76:f9:01:19:98:2d:8b:
98:b5:f1:26:f2:64:7e:09:1d:be:e4:d9:12:8d:b1:e8:0d:ed:
c6:f9:7d:9f:f2:0a:83:b1:ef:c1:4a:b8:92:f8:d4:06:30:c1:
33:1d:b8:77:23:87:1e:04:05:99:2a:0c:4e:e2:07:74:1f:4e:
c3:ac:5c:2d:24:ca:cf:6a:86:04:b8:9f:6d:f6:88:2d:fe:45:
23:41:49:5f:21:bd:f2:33:84:76:ab:28:8e:94:21:dc:ee:0e:
e4:d5:09:97:18:f5:99:d4:8e:ad:b3:58:11:f5:b7:be:0e:91:
ef:98:18:7e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQQOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTQ0OTAyWhcNMjUwMTIzMTQ0OTAyWjAYMRYw
FAYDVQQDEw02NzdmZTFlMS1jODVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5Af1ewVXofY/31uhaD2IFatXQ5ZsmvqX4hCt9kOwKErv+nQMLoeV4YZM
7rKN3Zpuj1bUuBXbZsmdTG3Ik7cJEQUPhvPE3J2OPZNrTHeNFbzW8K++vYU/1BsZ
VT7xGgrhH/wITmJ+hGBGqv/OCdXiBLDrHLlE6bxNVgaEpvY/bBiG1jJoPUsmFwGK
nZTwXsrABFQD6P2VrnkPMGo5FrC5J+5PahSZAw7VXZhPcuOjnYQtLslH0gx2ID/l
OEnc7hHhgkUtk87l6le4Cseoa0SBd47sXR5Ebb58eMpYh+JpooGciEA9NMh/J/uJ
285VXrO7QX6Mzh/yw9rIdFqoId6l8QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNqe
uUFehVI30OLU6JIBvtgfLvlOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERjg1RTZGNkNFOTgxMUVGODEyRTJFNjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcPYMA0GCSqGSIb3DQEBCwUA
A4IBAQBqZrFxOjtWf/52YLs3+F2f4NUdPSRLnRY4ultfuVWk9V+fnZ2lthXnkCCm
3A6qeXWicj1b/3iDD/Ee/2p4NsoHspUZgOOLMPvvWmO7Jfc3GnO3VJRplC9j7EJj
wDafnr/DN+DN9xSSovZ/HMg4j8oR+eo+joxw/u34o1ysM7PSGb5+fca/KoRkPHb5
ARmYLYuYtfEm8mR+CR2+5NkSjbHoDe3G+X2f8gqDse/BSriS+NQGMMEzHbh3I4ce
BAWZKgxO4gd0H07DrFwtJMrPaoYEuJ9t9ogt/kUjQUlfIb3yM4R2qyiOlCHc7g7k
1QmXGPWZ1I6ts1gR9be+DpHvmBh+
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:33 2025 by rpki-client