Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F08FA230FA7511EF86FAFF9E762E951A.roa
File: F08FA230FA7511EF86FAFF9E762E951A.roa (raw, json)
Hash identifier: h/u1QOa4MtlTLJfBGEIx3PTgYLZMVbm2vR//+M1nGR8=
Subject key identifier: B7:A5:69:81:D2:FB:48:0A:03:62:B5:76:77:C1:8D:0A:13:4A:D1:67
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0143AB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F08FA230FA7511EF86FAFF9E762E951A.roa
Signing time: Thu 06 Mar 2025 10:29:53 +0000
ROA not before: Thu 06 Mar 2025 10:29:49 +0000
ROA not after: Tue 25 Mar 2025 10:29:49 +0000
asID: 39600
IP address blocks: 45.203.60.0/24 maxlen: 24
45.203.61.0/24 maxlen: 24
45.203.62.0/24 maxlen: 24
45.203.63.0/24 maxlen: 24
45.204.24.0/24 maxlen: 24
45.204.26.0/24 maxlen: 24
45.204.28.0/24 maxlen: 24
45.204.30.0/24 maxlen: 24
45.204.72.0/24 maxlen: 24
45.204.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82859 (0x143ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 6 10:29:49 2025 GMT
Not After : Mar 25 10:29:49 2025 GMT
Subject: CN=67c97920-6bfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:bd:30:c1:12:be:58:6d:99:12:e8:71:13:60:
02:e5:d6:76:fc:2c:40:38:10:e1:e8:d0:a7:41:e7:
d3:38:1d:3a:bf:66:00:72:17:95:a5:5f:e0:e7:43:
13:2d:c4:32:d9:29:60:f5:35:97:c0:66:1f:c9:96:
ea:6e:df:ea:16:bb:ab:13:1b:31:e8:d4:fc:3a:c1:
6a:8e:cc:27:26:56:ec:94:bf:be:c8:ae:54:5f:59:
32:1c:50:f2:0f:f9:71:0f:44:8b:3a:6b:71:4b:c9:
86:e0:70:e6:ff:87:d2:08:a9:00:e5:dd:a9:9b:b1:
d6:cb:25:e0:ae:f2:6e:c6:66:01:72:49:6d:e0:2e:
a4:c3:2c:1f:54:27:1d:14:a1:f0:27:b7:6c:fc:d3:
88:f3:72:c2:3f:4a:0e:68:55:30:74:68:70:34:ba:
18:57:47:0f:9d:37:d7:4c:40:a5:92:f1:c0:96:33:
4c:2a:61:0c:be:71:b1:48:ad:43:97:1e:53:d3:bc:
17:2d:0c:8d:57:80:5c:43:65:84:f8:67:ab:49:d4:
04:e3:d7:5b:8d:46:dc:45:33:79:9f:b5:d6:f7:17:
01:e6:76:15:d0:4b:1a:a9:5f:bb:bc:e7:3c:1e:a7:
2e:f9:cd:75:b9:f4:15:13:fd:01:d6:d4:02:5c:0a:
9f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:A5:69:81:D2:FB:48:0A:03:62:B5:76:77:C1:8D:0A:13:4A:D1:67
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F08FA230FA7511EF86FAFF9E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.203.60.0/22
45.204.24.0/24
45.204.26.0/24
45.204.28.0/24
45.204.30.0/24
45.204.72.0/24
45.204.74.0/24
Signature Algorithm: sha256WithRSAEncryption
06:f5:f7:c5:c1:7e:74:39:77:31:48:5e:c5:3d:f2:36:5f:e6:
4c:be:0e:c8:48:ab:30:15:ee:ea:a1:26:26:ff:51:9c:36:ab:
2a:59:14:ac:7a:69:44:90:32:ac:f3:d3:ed:ed:90:32:8c:f2:
87:d5:29:83:44:5c:e7:c7:13:99:f9:03:f4:e6:44:80:3f:2c:
5f:8c:67:6a:4c:1d:51:ce:d2:d7:84:98:91:d7:65:86:b1:17:
c7:54:34:fd:3b:9c:bf:83:7f:d6:a5:13:23:37:d8:bd:2f:57:
a7:e8:12:69:8d:51:4d:32:e6:a5:68:d3:e3:73:b0:c8:48:db:
c3:af:66:3c:43:ad:4a:2a:ae:88:7e:6b:b7:09:36:66:95:00:
e8:e3:89:68:d4:ac:45:82:a0:22:62:b0:cc:c2:8b:04:11:30:
c1:56:39:76:e2:17:82:b7:9b:0b:9d:5c:58:a9:8c:31:5e:b6:
16:4c:bc:2d:15:4f:7d:5d:fe:00:86:6e:e1:ca:f1:e8:0a:0d:
93:84:ab:54:30:b3:80:fa:d7:78:eb:36:76:f2:7b:7c:43:06:
58:19:1f:68:c6:5b:ec:47:29:65:60:ce:2f:3c:53:7d:b4:94:
7e:4e:fd:de:a2:7e:d1:d0:9c:f7:06:3b:43:1b:e8:2a:56:b6:
7c:a4:d9:fe
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIDAUOrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA2MTAyOTQ5WhcNMjUwMzI1MTAyOTQ5WjAYMRYw
FAYDVQQDEw02N2M5NzkyMC02YmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2L0wwRK+WG2ZEuhxE2AC5dZ2/CxAOBDh6NCnQefTOB06v2YAcheVpV/g
50MTLcQy2Slg9TWXwGYfyZbqbt/qFrurExsx6NT8OsFqjswnJlbslL++yK5UX1ky
HFDyD/lxD0SLOmtxS8mG4HDm/4fSCKkA5d2pm7HWyyXgrvJuxmYBcklt4C6kwywf
VCcdFKHwJ7ds/NOI83LCP0oOaFUwdGhwNLoYV0cPnTfXTEClkvHAljNMKmEMvnGx
SK1Dlx5T07wXLQyNV4BcQ2WE+GerSdQE49dbjUbcRTN5n7XW9xcB5nYV0EsaqV+7
vOc8Hqcu+c11ufQVE/0B1tQCXAqf7QIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFLel
aYHS+0gKA2K1dnfBjQoTStFnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMDhGQTIzMEZBNzUxMUVGODZGQUZGOUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLcs8AwQALcwYAwQALcwaAwQA
LcwcAwQALcweAwQALcxIAwQALcxKMA0GCSqGSIb3DQEBCwUAA4IBAQAG9ffFwX50
OXcxSF7FPfI2X+ZMvg7ISKswFe7qoSYm/1GcNqsqWRSsemlEkDKs89Pt7ZAyjPKH
1SmDRFznxxOZ+QP05kSAPyxfjGdqTB1RztLXhJiR12WGsRfHVDT9O5y/g3/WpRMj
N9i9L1en6BJpjVFNMualaNPjc7DISNvDr2Y8Q61KKq6Ifmu3CTZmlQDo44lo1KxF
gqAiYrDMwosEETDBVjl24heCt5sLnVxYqYwxXrYWTLwtFU99Xf4Ahm7hyvHoCg2T
hKtUMLOA+td46zZ28nt8QwZYGR9oxlvsRyllYM4vPFN9tJR+Tv3eon7R0Jz3BjtD
G+gqVrZ8pNn+
-----END CERTIFICATE-----
Generated at Sat May 10 05:03:58 2025 by rpki-client