Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8EB3532CE9A11EF86A2186E762E951A.roa
File: E8EB3532CE9A11EF86A2186E762E951A.roa (raw, json)
Hash identifier: L/C+kr5kp1HgzP/paa0YsUuVEAxGJrrbpcjopQajN+4=
Subject key identifier: 26:B6:4C:D6:05:77:45:38:C5:2B:77:2E:B7:2D:A2:59:08:04:D7:63
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01041A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8EB3532CE9A11EF86A2186E762E951A.roa
Signing time: Thu 09 Jan 2025 15:03:40 +0000
ROA not before: Thu 09 Jan 2025 15:03:36 +0000
ROA not after: Fri 24 Jan 2025 15:03:36 +0000
asID: 21859
IP address blocks: 45.196.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66586 (0x1041a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 15:03:36 2025 GMT
Not After : Jan 24 15:03:36 2025 GMT
Subject: CN=677fe54c-565c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:14:e0:fc:d2:fe:f8:7f:b0:c2:85:89:51:bb:
92:b6:4e:3a:cc:09:2d:65:7b:a0:3e:37:61:b4:ac:
a8:5f:0d:38:b6:13:b9:44:5a:6d:81:19:39:54:02:
b2:de:99:02:7d:2a:a8:c4:70:0b:66:48:0c:e3:64:
8c:66:d4:a1:9d:8d:36:9c:2c:8e:7f:b5:18:af:af:
82:23:be:dc:1f:30:e0:31:5e:65:2c:87:ef:b7:94:
d9:4b:6d:24:3f:ac:fd:c1:3f:14:ed:35:38:59:c2:
73:e5:66:c5:b7:65:b3:40:d0:b1:65:ef:cb:41:65:
6b:2a:92:cb:5b:b0:81:c6:96:94:07:9b:e9:b8:8f:
27:d2:10:65:8c:9d:65:63:97:cd:42:cb:30:85:82:
95:c7:02:83:07:f7:e2:96:39:ac:39:da:82:91:02:
37:43:20:e1:3f:ac:a9:ba:a0:94:bf:12:18:b8:df:
41:72:cd:bb:ab:7f:93:24:7a:fe:f9:52:36:fe:47:
3f:e5:c2:19:ec:fc:bd:f6:9d:53:09:47:17:5e:3f:
a2:d7:70:3b:21:e1:dc:0e:38:81:7d:db:2a:2d:41:
ae:32:29:8a:6c:77:49:2c:86:1c:ad:91:83:6c:bd:
37:ea:51:25:87:60:2c:2c:a9:a9:2b:8e:75:08:ca:
ff:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B6:4C:D6:05:77:45:38:C5:2B:77:2E:B7:2D:A2:59:08:04:D7:63
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8EB3532CE9A11EF86A2186E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.138.0/24
Signature Algorithm: sha256WithRSAEncryption
86:6e:40:be:bd:b4:3e:97:3b:b9:91:94:0a:03:6f:0d:5b:1a:
d1:52:66:c0:db:14:ab:b3:24:08:98:1f:90:a2:7a:33:f6:10:
b3:47:bd:16:24:a2:47:ff:a2:aa:cd:e0:fb:50:01:3a:1d:06:
75:a7:a2:0f:66:a0:87:ef:7a:0d:95:4b:c8:8d:75:8f:be:ed:
3a:09:39:2a:65:2d:54:e7:9e:f3:24:e6:ca:3b:82:53:07:86:
1c:e9:5d:eb:c4:1a:95:3d:6c:d3:e8:24:eb:6d:e4:c5:37:9f:
12:65:43:c2:dd:67:21:1f:29:5c:ba:8f:9e:c2:c9:8d:3a:92:
ba:f5:ac:78:57:5a:13:b3:d5:36:4f:4f:80:3a:9a:d2:ef:d0:
70:89:0e:5e:d5:c6:cc:85:e9:8d:bd:3e:4a:d3:0a:c7:4b:0a:
25:8c:1e:13:ef:9d:0a:15:f6:6a:ee:80:12:b4:3a:eb:48:44:
c3:7d:1e:71:90:0d:63:36:89:50:27:fb:22:41:2a:94:16:67:
fc:1e:17:75:1f:b1:02:25:85:6f:72:e9:20:fb:45:e2:e7:69:
66:db:c2:b5:34:d5:83:32:b7:3a:8e:5f:8a:f0:ec:de:e4:41:
ab:36:19:05:9f:54:0b:98:c3:89:1f:c1:c8:d9:ea:08:45:26:
90:71:41:d9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQQaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MTUwMzM2WhcNMjUwMTI0MTUwMzM2WjAYMRYw
FAYDVQQDEw02NzdmZTU0Yy01NjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArhTg/NL++H+wwoWJUbuStk46zAktZXugPjdhtKyoXw04thO5RFptgRk5
VAKy3pkCfSqoxHALZkgM42SMZtShnY02nCyOf7UYr6+CI77cHzDgMV5lLIfvt5TZ
S20kP6z9wT8U7TU4WcJz5WbFt2WzQNCxZe/LQWVrKpLLW7CBxpaUB5vpuI8n0hBl
jJ1lY5fNQsswhYKVxwKDB/filjmsOdqCkQI3QyDhP6ypuqCUvxIYuN9Bcs27q3+T
JHr++VI2/kc/5cIZ7Py99p1TCUcXXj+i13A7IeHcDjiBfdsqLUGuMimKbHdJLIYc
rZGDbL036lElh2AsLKmpK451CMr/3QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCa2
TNYFd0U4xSt3LrctolkIBNdjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOEVCMzUzMkNFOUExMUVGODZBMjE4NkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcSKMA0GCSqGSIb3DQEBCwUA
A4IBAQCGbkC+vbQ+lzu5kZQKA28NWxrRUmbA2xSrsyQImB+Qonoz9hCzR70WJKJH
/6KqzeD7UAE6HQZ1p6IPZqCH73oNlUvIjXWPvu06CTkqZS1U557zJObKO4JTB4Yc
6V3rxBqVPWzT6CTrbeTFN58SZUPC3WchHylcuo+ewsmNOpK69ax4V1oTs9U2T0+A
OprS79BwiQ5e1cbMhemNvT5K0wrHSwoljB4T750KFfZq7oAStDrrSETDfR5xkA1j
NolQJ/siQSqUFmf8Hhd1H7ECJYVvcukg+0Xi52lm28K1NNWDMrc6jl+K8Oze5EGr
NhkFn1QLmMOJH8HI2eoIRSaQcUHZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:40 2025 by rpki-client