Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FCA5C832C9B611EFB0E4F354762E951A.roa
File: FCA5C832C9B611EFB0E4F354762E951A.roa (raw, json)
Hash identifier: 157E9G0OPqG3DufPitrpla3RzQTaVuHBfsuB59dl8dU=
Subject key identifier: EC:15:29:FC:27:82:19:DC:01:37:F1:27:4D:C9:D1:D3:A0:2E:4F:14
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6D7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FCA5C832C9B611EFB0E4F354762E951A.roa
Signing time: Fri 03 Jan 2025 09:42:03 +0000
ROA not before: Fri 03 Jan 2025 09:42:00 +0000
ROA not after: Sat 18 Jan 2025 09:42:00 +0000
asID: 139646
IP address blocks: 45.201.240.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63191 (0xf6d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 09:42:00 2025 GMT
Not After : Jan 18 09:42:00 2025 GMT
Subject: CN=6777b0eb-f186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:25:e2:a8:95:9d:fc:c0:f2:cb:85:9d:65:bc:
79:13:a2:72:0c:e5:08:cf:d9:9d:56:62:12:ca:9d:
cc:f1:68:bd:50:35:7f:a7:ca:9c:a8:18:f1:5c:84:
67:7b:35:45:9e:51:2f:e0:cf:6a:d2:3e:ad:99:64:
68:c6:51:18:b4:ab:bf:14:bd:1a:94:f4:f9:d4:37:
b7:d1:bc:e6:47:ef:e2:bc:99:10:c6:b4:48:31:32:
22:4e:01:4e:f3:cc:e2:40:dc:ab:7a:e0:70:79:ae:
0b:66:13:98:19:6d:d6:e0:b4:1f:02:dd:aa:2b:50:
85:59:fd:6b:97:3b:ca:73:6e:3f:1c:86:a4:be:7f:
0a:20:ec:bd:8a:67:be:b2:9d:15:20:bc:7a:a3:13:
2e:b6:11:e4:cb:47:fd:b1:b6:b1:9e:ff:f9:74:14:
3d:5f:69:d5:c3:12:44:6e:f1:4a:1a:01:ee:b0:bd:
50:14:5e:c7:16:2e:a7:92:e7:ef:4b:8d:b0:22:c1:
c3:bc:55:31:e9:cd:82:a0:bc:84:9c:d5:a3:4f:63:
b5:4a:5e:ff:f1:87:27:5c:1a:c4:a5:c1:27:fc:c5:
10:36:0a:4c:94:bd:f1:0f:29:88:fe:01:8f:ee:fa:
29:d0:c5:6b:89:c4:de:9a:0c:20:b0:da:67:f2:be:
9e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:15:29:FC:27:82:19:DC:01:37:F1:27:4D:C9:D1:D3:A0:2E:4F:14
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FCA5C832C9B611EFB0E4F354762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.201.240.0/20
Signature Algorithm: sha256WithRSAEncryption
0c:ea:57:97:e7:9c:82:27:75:59:fd:c7:4d:e9:a9:4f:37:93:
3b:80:52:3b:da:68:98:58:0f:91:ac:21:01:13:f4:f9:3f:1b:
1e:bb:c3:4b:e0:c8:2b:de:dc:16:fa:f4:3b:f7:b5:33:2f:e9:
c5:e5:2e:b2:d8:49:7c:3a:fc:10:79:db:d9:47:60:fa:11:83:
6e:a9:56:e1:d2:dd:38:f3:6f:79:af:c4:0e:aa:10:84:f6:20:
62:05:a2:73:73:fa:6f:d3:83:2a:88:99:c4:44:c6:14:00:1c:
bc:90:98:c2:07:2f:0e:b4:11:e8:64:cb:12:89:23:94:58:0c:
e4:0e:5f:33:7d:36:09:9a:0b:52:3d:57:2e:ba:18:0c:b1:43:
5f:bb:e7:07:86:91:d9:80:25:f2:11:ba:6d:df:3b:3b:66:7b:
13:04:0e:a4:e3:0f:56:7b:7c:3d:a8:24:3a:ea:8f:f2:c6:5b:
8c:f5:a2:f9:23:8b:36:bd:56:f6:df:ef:0a:7a:88:cf:b3:2f:
db:0b:2e:10:6d:aa:02:5d:f3:49:72:fe:58:31:51:c3:e9:9b:
65:30:9a:04:ff:51:9a:d5:d7:6c:ff:b9:6e:99:0c:e3:7c:d6:
8e:b9:93:f9:8d:0d:e1:ed:f7:84:3a:4f:fe:79:a9:f8:1e:46:
bb:c7:ac:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPbXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDk0MjAwWhcNMjUwMTE4MDk0MjAwWjAYMRYw
FAYDVQQDEw02Nzc3YjBlYi1mMTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyCXiqJWd/MDyy4WdZbx5E6JyDOUIz9mdVmISyp3M8Wi9UDV/p8qcqBjx
XIRnezVFnlEv4M9q0j6tmWRoxlEYtKu/FL0alPT51De30bzmR+/ivJkQxrRIMTIi
TgFO88ziQNyreuBwea4LZhOYGW3W4LQfAt2qK1CFWf1rlzvKc24/HIakvn8KIOy9
ime+sp0VILx6oxMuthHky0f9sbaxnv/5dBQ9X2nVwxJEbvFKGgHusL1QFF7HFi6n
kufvS42wIsHDvFUx6c2CoLyEnNWjT2O1Sl7/8YcnXBrEpcEn/MUQNgpMlL3xDymI
/gGP7vop0MVricTemgwgsNpn8r6eMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOwV
KfwnghncATfxJ03J0dOgLk8UMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQ0E1QzgzMkM5QjYxMUVGQjBFNEYzNTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcnwMA0GCSqGSIb3DQEBCwUA
A4IBAQAM6leX55yCJ3VZ/cdN6alPN5M7gFI72miYWA+RrCEBE/T5Pxseu8NL4Mgr
3twW+vQ797UzL+nF5S6y2El8OvwQedvZR2D6EYNuqVbh0t048295r8QOqhCE9iBi
BaJzc/pv04MqiJnERMYUABy8kJjCBy8OtBHoZMsSiSOUWAzkDl8zfTYJmgtSPVcu
uhgMsUNfu+cHhpHZgCXyEbpt3zs7ZnsTBA6k4w9We3w9qCQ66o/yxluM9aL5I4s2
vVb23+8KeojPsy/bCy4QbaoCXfNJcv5YMVHD6ZtlMJoE/1Ga1dds/7lumQzjfNaO
uZP5jQ3h7feEOk/+ean4Hka7x6xj
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:31 2025 by rpki-client