Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ED1A0794CCD011EF8BF89A80762E951A.roa
File: ED1A0794CCD011EF8BF89A80762E951A.roa (raw, json)
Hash identifier: Fzuh7M12eLdawrCpqBQ0niQz9WDIpJKS+Hi0lJKPMtI=
Subject key identifier: DB:D2:C8:91:5F:D9:CF:30:28:A1:94:85:42:51:51:D8:EA:7E:D5:74
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FAC9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ED1A0794CCD011EF8BF89A80762E951A.roa
Signing time: Tue 07 Jan 2025 08:25:17 +0000
ROA not before: Tue 07 Jan 2025 08:25:14 +0000
ROA not after: Tue 04 Feb 2025 08:25:14 +0000
asID: 39600
IP address blocks: 45.196.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64201 (0xfac9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:25:14 2025 GMT
Not After : Feb 4 08:25:14 2025 GMT
Subject: CN=677ce4ed-b9bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:13:20:e3:e6:82:3c:57:96:7d:c0:cf:f7:32:
d3:c2:7e:c8:bd:c9:35:f9:8e:19:cd:cc:12:ee:04:
41:74:24:8c:54:d9:b0:3e:77:cf:88:f5:7e:20:a6:
fb:33:62:ff:d1:ad:21:bc:15:bc:0a:f7:ee:6f:dc:
31:c2:72:2f:20:77:79:25:73:85:16:3c:3c:80:b4:
cd:1c:29:a8:71:85:49:7e:c2:6d:92:04:02:36:68:
97:e1:44:1d:17:08:87:a7:3b:04:93:fa:dd:5b:47:
6f:71:ed:36:4a:94:7b:73:97:c0:88:fe:77:35:fc:
22:01:40:37:7e:33:5b:0f:57:8e:a9:c0:a5:06:ec:
04:df:0c:2c:bf:b8:a4:46:2f:d6:a6:e5:7a:b7:9f:
7a:8c:56:ad:1e:5a:f3:29:29:0e:7a:aa:78:33:0a:
60:9a:35:2d:cc:17:63:4b:e7:28:82:30:49:cb:8c:
34:9b:12:89:7d:40:76:5f:20:9d:f7:8d:ef:0f:b6:
7b:81:47:ce:13:bf:73:a4:9d:b3:5b:80:ba:59:f1:
a9:54:30:d7:ec:b8:19:10:a3:9e:9f:f8:86:48:b3:
9f:1d:80:4d:fc:dd:38:59:c6:aa:15:c1:31:16:39:
d1:c1:e6:24:df:cc:d3:4c:b5:8d:88:ca:1e:58:0d:
8a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:D2:C8:91:5F:D9:CF:30:28:A1:94:85:42:51:51:D8:EA:7E:D5:74
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ED1A0794CCD011EF8BF89A80762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.132.0/22
Signature Algorithm: sha256WithRSAEncryption
07:e8:66:9a:7d:0b:55:b5:89:4b:d6:79:52:5d:de:dc:16:1a:
ae:62:f1:5f:65:96:46:2c:1f:90:09:51:20:a4:c2:6e:d7:f7:
4a:8f:24:9a:9d:cd:39:ff:50:92:54:5a:63:1f:ec:e0:6a:63:
68:22:51:2d:c7:fa:bf:0d:02:34:64:a8:22:16:1b:52:7a:c2:
68:fc:18:4d:5b:28:1c:b7:c2:1b:ce:50:a7:d3:c3:d5:03:1c:
ca:f0:7b:d6:43:fe:60:21:40:42:42:38:aa:ec:25:0a:ac:bd:
ff:a3:ad:6c:a2:a5:4f:0d:82:bb:99:ec:1f:39:4a:08:c9:93:
df:e0:2e:bd:a1:21:eb:48:10:b8:ba:67:9c:26:d7:13:f4:b1:
d2:90:07:a4:2a:a7:fb:d1:4e:5f:eb:fd:22:fb:79:55:08:37:
a0:f0:bf:e6:3a:1e:fc:22:d4:25:ad:ea:fc:54:e5:8d:5b:6b:
6f:56:31:b5:cf:95:96:45:1b:66:c3:41:ac:e9:bc:d4:05:83:
47:b9:2c:10:cf:cf:15:7a:05:1c:cd:2d:5a:41:78:35:ca:e1:
ce:2b:d1:a7:68:98:f7:c4:5a:aa:09:9d:eb:b6:18:c1:d5:db:
63:a8:e2:01:32:c0:88:cb:6b:44:82:7a:9f:2f:48:3d:f8:12:
3f:84:f5:26
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPrJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDgyNTE0WhcNMjUwMjA0MDgyNTE0WjAYMRYw
FAYDVQQDEw02NzdjZTRlZC1iOWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApxMg4+aCPFeWfcDP9zLTwn7Ivck1+Y4ZzcwS7gRBdCSMVNmwPnfPiPV+
IKb7M2L/0a0hvBW8Cvfub9wxwnIvIHd5JXOFFjw8gLTNHCmocYVJfsJtkgQCNmiX
4UQdFwiHpzsEk/rdW0dvce02SpR7c5fAiP53NfwiAUA3fjNbD1eOqcClBuwE3wws
v7ikRi/WpuV6t596jFatHlrzKSkOeqp4MwpgmjUtzBdjS+cogjBJy4w0mxKJfUB2
XyCd943vD7Z7gUfOE79zpJ2zW4C6WfGpVDDX7LgZEKOen/iGSLOfHYBN/N04Wcaq
FcExFjnRweYk38zTTLWNiMoeWA2KawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNvS
yJFf2c8wKKGUhUJRUdjqftV0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRDFBMDc5NENDRDAxMUVGOEJGODlBODA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcSEMA0GCSqGSIb3DQEBCwUA
A4IBAQAH6GaafQtVtYlL1nlSXd7cFhquYvFfZZZGLB+QCVEgpMJu1/dKjySanc05
/1CSVFpjH+zgamNoIlEtx/q/DQI0ZKgiFhtSesJo/BhNWygct8IbzlCn08PVAxzK
8HvWQ/5gIUBCQjiq7CUKrL3/o61soqVPDYK7mewfOUoIyZPf4C69oSHrSBC4umec
JtcT9LHSkAekKqf70U5f6/0i+3lVCDeg8L/mOh78ItQlrer8VOWNW2tvVjG1z5WW
RRtmw0Gs6bzUBYNHuSwQz88VegUczS1aQXg1yuHOK9GnaJj3xFqqCZ3rthjB1dtj
qOIBMsCIy2tEgnqfL0g9+BI/hPUm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:03 2025 by rpki-client