Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BB995DC46A511F08E4DCBB2DAE4EC9C.roa
File: 4BB995DC46A511F08E4DCBB2DAE4EC9C.roa (raw, json)
Hash identifier: C0G1hsfv+LU8ei7wX/iTjKpRsqnaFG4U87gJTLAEZAw=
Subject key identifier: B2:6A:D5:33:62:89:5F:3A:86:51:F5:61:1E:42:39:DD:85:17:99:11
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015B4E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BB995DC46A511F08E4DCBB2DAE4EC9C.roa
Signing time: Wed 11 Jun 2025 09:20:21 +0000
ROA not before: Wed 11 Jun 2025 09:20:14 +0000
ROA not after: Mon 16 Jun 2025 09:20:14 +0000
asID: 54600
IP address blocks: 45.195.112.0/21 maxlen: 24
45.195.120.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88910 (0x15b4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 11 09:20:14 2025 GMT
Not After : Jun 16 09:20:14 2025 GMT
Subject: CN=68494a54-a951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:43:d2:7b:b5:4b:d2:c6:fc:a1:d8:5e:20:1d:
88:f2:50:ff:d6:22:e8:a5:78:0c:81:22:9f:5c:d8:
5d:a5:e3:dd:44:fc:4d:40:a0:43:59:6f:6c:6a:88:
25:5e:57:63:6d:fd:e4:0f:93:e5:a2:8c:21:a4:2c:
8f:0b:69:9e:4b:6a:50:0c:2a:d6:83:2a:3d:a8:b1:
8c:18:d7:6d:0e:ff:11:5a:31:d7:b8:62:0a:9e:be:
d4:23:8e:54:f3:d2:07:14:ba:04:35:7f:1a:06:f3:
5f:fd:69:ca:65:41:ca:d0:ce:11:e1:1c:8a:b0:84:
cb:6a:73:97:82:eb:bf:47:ec:14:5c:51:87:be:59:
ca:f6:ae:2d:c6:c8:02:2f:5a:f9:fe:3d:4e:f3:0d:
20:af:dc:22:94:31:bb:5d:73:2f:34:0f:f4:d1:6b:
32:26:0f:9d:5a:9b:06:5f:f8:24:ac:47:81:29:e1:
0e:d2:0d:ef:06:13:09:13:d3:a5:4a:ce:97:a3:0a:
ae:8c:ff:c3:ec:fc:e8:91:1d:f2:41:cd:25:e5:19:
e9:79:d8:df:5f:78:45:d2:ce:be:fe:25:7f:99:5d:
51:e8:24:d0:8a:b8:8a:a4:d1:c4:82:2d:6f:eb:11:
59:c7:d9:81:cb:41:52:36:a4:1e:43:f4:dd:38:82:
f7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:6A:D5:33:62:89:5F:3A:86:51:F5:61:1E:42:39:DD:85:17:99:11
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BB995DC46A511F08E4DCBB2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.112.0/20
Signature Algorithm: sha256WithRSAEncryption
23:24:05:e4:a5:fa:fb:ce:3f:8f:e6:2f:b2:9d:f9:b2:a5:0f:
16:fc:32:18:d7:72:44:af:d4:ae:57:b5:dd:b1:0e:ff:b7:b3:
80:34:e4:09:52:c1:de:ac:b6:47:8d:54:97:6e:28:c7:20:64:
d9:a9:5e:da:6a:70:6a:bf:da:23:1f:dc:8e:5c:3e:cf:64:d0:
28:12:99:90:25:0b:3e:17:5c:53:2b:44:21:ac:70:77:41:02:
e4:59:09:a4:4a:74:27:03:bf:54:76:53:96:38:69:1e:af:af:
10:50:1d:a2:f8:2c:74:ce:90:b8:5b:ec:85:74:9f:ba:c3:ad:
f5:d2:eb:00:22:40:63:1b:18:5d:ac:2c:53:dd:f8:f9:27:89:
42:bf:19:36:8d:b2:65:ed:aa:fe:e8:02:17:ec:2e:b9:f6:1e:
f6:aa:3d:e5:f9:f7:06:5f:c1:5e:a0:b7:72:75:84:8d:3c:0a:
8d:7e:7d:74:e3:07:2d:70:7f:10:74:f0:81:6c:f0:28:e8:ac:
c5:66:64:6a:30:a3:bf:1b:b8:84:be:aa:67:b5:55:ae:2d:eb:
5a:22:7c:20:9e:6e:89:6a:73:25:08:fd:f2:df:6c:b6:97:67:
ca:5a:b2:73:8f:35:a3:92:a0:c5:66:f5:0e:20:7d:eb:34:ff:
66:a4:8b:9b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVtOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjExMDkyMDE0WhcNMjUwNjE2MDkyMDE0WjAYMRYw
FAYDVQQDEw02ODQ5NGE1NC1hOTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwUPSe7VL0sb8odheIB2I8lD/1iLopXgMgSKfXNhdpePdRPxNQKBDWW9s
aoglXldjbf3kD5PloowhpCyPC2meS2pQDCrWgyo9qLGMGNdtDv8RWjHXuGIKnr7U
I45U89IHFLoENX8aBvNf/WnKZUHK0M4R4RyKsITLanOXguu/R+wUXFGHvlnK9q4t
xsgCL1r5/j1O8w0gr9wilDG7XXMvNA/00WsyJg+dWpsGX/gkrEeBKeEO0g3vBhMJ
E9OlSs6XowqujP/D7PzokR3yQc0l5RnpedjfX3hF0s6+/iV/mV1R6CTQiriKpNHE
gi1v6xFZx9mBy0FSNqQeQ/TdOIL3nQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLJq
1TNiiV86hlH1YR5COd2FF5kRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QkI5OTVEQzQ2QTUxMUYwOEU0RENCQjJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELcNwMA0GCSqGSIb3DQEBCwUA
A4IBAQAjJAXkpfr7zj+P5i+ynfmypQ8W/DIY13JEr9SuV7XdsQ7/t7OANOQJUsHe
rLZHjVSXbijHIGTZqV7aanBqv9ojH9yOXD7PZNAoEpmQJQs+F1xTK0QhrHB3QQLk
WQmkSnQnA79UdlOWOGker68QUB2i+Cx0zpC4W+yFdJ+6w6310usAIkBjGxhdrCxT
3fj5J4lCvxk2jbJl7ar+6AIX7C659h72qj3l+fcGX8FeoLdydYSNPAqNfn104wct
cH8QdPCBbPAo6KzFZmRqMKO/G7iEvqpntVWuLetaInwgnm6JanMlCP3y32y2l2fK
WrJzjzWjkqDFZvUOIH3rNP9mpIub
-----END CERTIFICATE-----
Generated at Mon Jun 16 12:26:09 2025 by rpki-client