Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD805CAAC9A111EF8FA65E51762E951A.roa
File: FD805CAAC9A111EF8FA65E51762E951A.roa (raw, json)
Hash identifier: zBC5UhmtAEmScr9jke7wbHdzzIJdP6gr4UC7HjyyBas=
Subject key identifier: FD:B1:AF:0C:A2:45:16:5B:89:DC:2B:6B:C1:20:07:80:B0:0F:5B:EB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F66B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD805CAAC9A111EF8FA65E51762E951A.roa
Signing time: Fri 03 Jan 2025 07:11:45 +0000
ROA not before: Fri 03 Jan 2025 07:11:41 +0000
ROA not after: Sat 18 Jan 2025 07:11:41 +0000
asID: 54801
IP address blocks: 45.200.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63083 (0xf66b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 07:11:41 2025 GMT
Not After : Jan 18 07:11:41 2025 GMT
Subject: CN=67778db1-ccf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:82:d1:16:87:2c:57:6d:c8:cd:ef:29:a4:51:
6b:6b:d6:87:ba:15:c9:02:1c:ce:46:c0:16:d1:88:
aa:11:60:fd:8b:13:96:85:71:39:c4:96:5f:49:5c:
e4:66:fb:7c:ad:55:3c:5b:28:f8:bc:8b:d0:a8:7c:
78:79:50:87:7f:d4:11:85:cf:ea:13:02:85:c1:bd:
0e:39:17:89:48:5b:c1:d0:6f:a3:8d:b4:d1:34:bb:
ff:7d:68:fd:ba:08:28:3d:55:a7:16:57:44:80:73:
f5:81:32:62:e8:fc:e4:75:41:52:b8:dd:d7:8e:73:
6b:cb:ac:79:3e:4a:93:09:82:90:28:cc:06:e9:18:
99:ee:b8:5c:04:9e:05:21:28:07:c0:4b:bb:17:37:
47:6e:db:0f:34:5b:ac:73:32:05:62:fa:7e:05:ff:
41:a7:5b:c9:72:e6:b8:e5:07:52:29:43:0c:db:a0:
39:df:af:d2:cf:94:23:a5:a8:6f:f1:65:a0:5c:c8:
2e:a4:c2:c2:5c:93:9e:52:00:60:2e:30:05:d3:cd:
1c:7f:64:be:9f:ed:45:16:de:d4:1b:09:8e:bc:f0:
75:2c:44:bd:6e:84:83:be:e8:1c:86:96:20:2f:f6:
9a:ce:c7:a5:c7:55:a9:65:9e:53:2b:36:80:5b:db:
3d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B1:AF:0C:A2:45:16:5B:89:DC:2B:6B:C1:20:07:80:B0:0F:5B:EB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD805CAAC9A111EF8FA65E51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.20.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:13:06:26:25:84:34:d4:2b:ad:15:9b:29:4c:5d:c4:fd:02:
b8:68:a6:68:73:f2:c8:0e:30:a3:de:b9:34:fc:8c:d9:3a:1d:
5b:22:74:60:9a:c0:42:78:25:b8:e6:45:ab:0d:df:e6:46:9a:
59:ac:c3:fe:18:82:88:ef:58:fd:20:a5:74:7b:a3:20:8e:6c:
f2:7e:b7:0b:b5:3a:04:63:85:e1:7f:5c:ba:2f:0c:6c:21:e7:
72:d0:00:17:dc:c4:31:25:9a:ea:8f:52:c5:da:9e:3a:c1:cf:
df:b5:9d:be:10:f4:2e:f3:68:30:2b:72:93:ae:10:e7:fc:49:
e8:11:4d:54:70:ab:91:5a:54:f9:47:b0:e7:d3:35:4e:60:9a:
e1:5a:61:d8:43:24:c2:b3:1f:55:c7:af:08:6c:1e:5c:4d:88:
bc:54:5d:31:c6:3f:eb:57:79:cb:e8:f2:af:e1:17:56:5d:e1:
dc:38:1a:dd:41:e3:36:c1:52:2c:7d:bf:fe:42:08:f8:f3:d5:
22:d0:06:ab:06:2f:26:d8:79:aa:1c:5d:d2:fc:82:b0:e5:87:
94:0a:fa:4e:e5:3f:89:a6:b8:1a:9d:59:7e:51:66:65:cb:02:
b6:1d:52:4e:cf:91:3a:8e:7a:c7:63:4a:45:8c:c7:50:0c:31:
4d:08:b6:1f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPZrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDcxMTQxWhcNMjUwMTE4MDcxMTQxWjAYMRYw
FAYDVQQDEw02Nzc3OGRiMS1jY2Y2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqILRFocsV23Ize8ppFFra9aHuhXJAhzORsAW0YiqEWD9ixOWhXE5xJZf
SVzkZvt8rVU8Wyj4vIvQqHx4eVCHf9QRhc/qEwKFwb0OOReJSFvB0G+jjbTRNLv/
fWj9uggoPVWnFldEgHP1gTJi6PzkdUFSuN3XjnNry6x5PkqTCYKQKMwG6RiZ7rhc
BJ4FISgHwEu7FzdHbtsPNFusczIFYvp+Bf9Bp1vJcua45QdSKUMM26A536/Sz5Qj
pahv8WWgXMgupMLCXJOeUgBgLjAF080cf2S+n+1FFt7UGwmOvPB1LES9boSDvugc
hpYgL/aazselx1WpZZ5TKzaAW9s9nQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP2x
rwyiRRZbidwra8EgB4CwD1vrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRDgwNUNBQUM5QTExMUVGOEZBNjVFNTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcgUMA0GCSqGSIb3DQEBCwUA
A4IBAQC8EwYmJYQ01CutFZspTF3E/QK4aKZoc/LIDjCj3rk0/IzZOh1bInRgmsBC
eCW45kWrDd/mRppZrMP+GIKI71j9IKV0e6MgjmzyfrcLtToEY4Xhf1y6LwxsIedy
0AAX3MQxJZrqj1LF2p46wc/ftZ2+EPQu82gwK3KTrhDn/EnoEU1UcKuRWlT5R7Dn
0zVOYJrhWmHYQyTCsx9Vx68IbB5cTYi8VF0xxj/rV3nL6PKv4RdWXeHcOBrdQeM2
wVIsfb/+Qgj489Ui0AarBi8m2HmqHF3S/IKw5YeUCvpO5T+JprganVl+UWZlywK2
HVJOz5E6jnrHY0pFjMdQDDFNCLYf
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:38 2025 by rpki-client