Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F928DF22CC2311EFB5F1BAAF762E951A.roa
File: F928DF22CC2311EFB5F1BAAF762E951A.roa (raw, json)
Hash identifier: 4SWrZeWhwRzpqpbLPRzCnxQcAdfyv34jMndNNQKLf3s=
Subject key identifier: 3B:72:99:17:1A:1D:EE:93:DD:7D:BB:7A:3A:7E:2B:38:90:45:7F:12
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F8C1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F928DF22CC2311EFB5F1BAAF762E951A.roa
Signing time: Mon 06 Jan 2025 11:47:15 +0000
ROA not before: Mon 06 Jan 2025 11:47:10 +0000
ROA not after: Sat 18 Jan 2025 11:47:10 +0000
asID: 151206
IP address blocks: 45.200.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63681 (0xf8c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 11:47:10 2025 GMT
Not After : Jan 18 11:47:10 2025 GMT
Subject: CN=677bc2c3-d861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:01:15:45:6d:f6:1f:90:c7:7b:02:45:ed:66:
2a:6b:f4:16:1d:89:77:ea:44:c7:72:fb:87:b2:e3:
7b:ca:44:f0:1b:14:ba:d5:a4:49:ec:80:d6:99:74:
44:05:49:97:df:8f:be:71:29:73:14:af:31:f2:af:
92:5e:10:f8:f5:8e:cd:f6:ce:2c:53:29:fe:5c:3b:
5f:78:77:6d:c1:21:6a:e0:a5:06:57:41:b7:64:45:
a6:15:52:47:15:e8:84:90:d2:c4:fa:02:f5:ac:88:
0b:f5:f7:67:28:5b:4a:43:97:8e:44:01:84:d7:cc:
2f:ba:52:fc:8e:5a:1d:5d:80:1e:6a:bc:83:e5:56:
4b:56:3e:a1:5d:c5:84:b1:7c:d2:f2:53:89:30:fa:
2a:07:67:ae:33:d0:a0:c1:4b:33:21:e6:91:be:3b:
2b:65:45:a4:57:1b:8c:f2:52:4b:d9:a9:1b:f8:fd:
92:20:b3:37:22:6e:98:1d:54:39:a3:30:b1:5c:a5:
a8:d4:96:25:ca:ef:55:62:4c:96:cc:2b:6e:fb:2e:
42:d6:de:90:4c:00:d1:b1:c5:45:3b:e9:73:96:dd:
01:23:76:7c:c9:0f:fc:55:0e:20:0f:cd:72:56:79:
9c:2b:ef:07:c5:72:88:ee:44:60:b9:60:13:b9:dc:
9b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:72:99:17:1A:1D:EE:93:DD:7D:BB:7A:3A:7E:2B:38:90:45:7F:12
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F928DF22CC2311EFB5F1BAAF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.123.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:2b:1d:cf:a8:a6:17:dc:9b:c8:9e:19:a1:07:02:09:77:46:
0b:02:22:fd:9c:7b:2d:6a:7a:32:1c:1f:33:fe:b0:90:ab:f3:
38:f3:ec:f4:da:4d:46:d5:bd:06:6b:cc:59:27:91:46:51:60:
9d:a0:21:3b:e3:d8:5c:52:1e:e9:e6:c1:f0:e3:59:bc:33:ba:
e4:f5:ae:31:4a:1d:33:f4:ee:98:7a:9f:f1:0a:c7:87:16:a7:
b9:f5:b2:bf:b8:b9:79:cc:a0:0f:d4:81:38:fa:51:26:a0:2b:
75:d9:0d:0b:f0:ef:0f:48:b3:53:1c:37:68:ac:13:b7:7c:b1:
41:b3:94:6f:2d:90:5e:ad:81:0e:34:67:07:36:7e:de:76:93:
ce:ed:3a:b4:fb:df:93:05:a4:ae:73:0a:ac:fa:f7:16:1c:e1:
0c:ef:31:2b:5d:b9:b3:55:ea:93:9e:79:62:72:a7:79:37:6c:
be:eb:b9:8e:9c:16:94:54:df:7b:8d:a9:e4:d7:9a:b6:6d:aa:
a9:ed:45:aa:ec:5a:40:8b:f1:e2:40:57:7a:38:35:38:4a:28:
48:ca:3b:32:3e:08:a2:55:fb:1a:31:8f:f4:df:cd:88:b2:d8:
bb:80:bb:87:53:9a:99:77:ba:a2:88:b8:2b:76:8a:d0:3a:e0:
d8:a1:f0:c8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPjBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MTE0NzEwWhcNMjUwMTE4MTE0NzEwWjAYMRYw
FAYDVQQDEw02NzdiYzJjMy1kODYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvgEVRW32H5DHewJF7WYqa/QWHYl36kTHcvuHsuN7ykTwGxS61aRJ7IDW
mXREBUmX34++cSlzFK8x8q+SXhD49Y7N9s4sUyn+XDtfeHdtwSFq4KUGV0G3ZEWm
FVJHFeiEkNLE+gL1rIgL9fdnKFtKQ5eORAGE18wvulL8jlodXYAearyD5VZLVj6h
XcWEsXzS8lOJMPoqB2euM9CgwUszIeaRvjsrZUWkVxuM8lJL2akb+P2SILM3Im6Y
HVQ5ozCxXKWo1JYlyu9VYkyWzCtu+y5C1t6QTADRscVFO+lzlt0BI3Z8yQ/8VQ4g
D81yVnmcK+8HxXKI7kRguWATudybOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDty
mRcaHe6T3X27ejp+KziQRX8SMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GOTI4REYyMkNDMjMxMUVGQjVGMUJBQUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALch7MA0GCSqGSIb3DQEBCwUA
A4IBAQCtKx3PqKYX3JvInhmhBwIJd0YLAiL9nHstanoyHB8z/rCQq/M48+z02k1G
1b0Ga8xZJ5FGUWCdoCE749hcUh7p5sHw41m8M7rk9a4xSh0z9O6Yep/xCseHFqe5
9bK/uLl5zKAP1IE4+lEmoCt12Q0L8O8PSLNTHDdorBO3fLFBs5RvLZBerYEONGcH
Nn7edpPO7Tq0+9+TBaSucwqs+vcWHOEM7zErXbmzVeqTnnlicqd5N2y+67mOnBaU
VN97jank15q2baqp7UWq7FpAi/HiQFd6ODU4SihIyjsyPgiiVfsaMY/0382Isti7
gLuHU5qZd7qiiLgrdorQOuDYofDI
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:10 2025 by rpki-client