Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DB74F13C182211EB85E7D329F8AEA228.roa
File: DB74F13C182211EB85E7D329F8AEA228.roa (raw, json)
Hash identifier: 0JSE/bSkDCP46LG8bHSnU5melkF4iIrnFqMGj0jDg3s=
Subject key identifier: B4:FF:CC:5B:01:49:B9:5C:00:32:7D:9B:00:54:F9:28:E9:CB:14:F5
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 03EF
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DB74F13C182211EB85E7D329F8AEA228.roa
Signing time: Tue 27 Oct 2020 07:05:57 +0000
ROA not before: Tue 27 Oct 2020 07:05:50 +0000
ROA not after: Fri 02 Sep 2022 07:05:50 +0000
asID: 3356
IP address blocks: 154.16.49.0/24 maxlen: 24
154.16.138.0/24 maxlen: 24
154.16.176.0/24 maxlen: 24
154.16.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1007 (0x3ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Oct 27 07:05:50 2020 GMT
Not After : Sep 2 07:05:50 2022 GMT
Subject: CN=5f97c6d4-2f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:72:a0:5a:6c:90:cf:ab:a8:ac:5d:81:f1:76:
2a:69:13:8e:a9:fc:4b:b4:b5:21:23:47:c9:2e:d6:
44:b9:d9:cc:1a:31:12:90:17:14:a8:04:46:dd:d3:
84:fe:00:b0:61:49:39:91:0b:2a:2b:67:42:3f:46:
04:50:a9:48:6a:92:70:6a:3a:23:48:cc:cf:75:4b:
c4:4a:e3:1f:6f:83:39:9b:77:5b:69:16:e4:ee:2b:
18:79:ce:e2:fa:18:0c:51:8f:88:a5:08:89:ae:f2:
0a:9d:b3:73:01:30:51:bd:b4:96:7d:d9:4d:20:98:
07:e5:9f:8e:97:06:ef:07:db:6b:ea:ff:59:19:0d:
d5:fb:19:ac:c9:44:44:80:b5:b4:9a:7e:37:66:58:
2f:21:88:3a:18:a1:8f:b8:6c:b8:2e:9f:6a:84:28:
3b:ca:65:86:95:8c:2e:fb:41:b4:07:29:57:7c:d2:
6e:f2:bb:d3:e6:12:42:53:c0:2e:f5:ee:eb:47:7d:
a4:63:33:75:4e:c2:6c:c0:27:4e:d3:8d:da:3b:8c:
4d:23:e2:91:cc:70:1e:52:54:f2:3d:75:98:60:6b:
4f:73:c0:6f:31:c5:02:0d:b3:33:ed:85:4e:82:b0:
7c:3e:31:38:13:06:06:55:fa:13:9f:01:66:92:53:
9f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:FF:CC:5B:01:49:B9:5C:00:32:7D:9B:00:54:F9:28:E9:CB:14:F5
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DB74F13C182211EB85E7D329F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.49.0/24
154.16.138.0/24
154.16.176.0/24
154.16.195.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:3c:43:16:2a:75:be:91:f5:2c:0e:8e:4a:dc:b5:49:b6:ee:
4b:7c:70:1f:c7:a7:30:7c:f0:42:b6:bd:ae:75:96:be:49:75:
db:35:20:53:c3:4f:bc:12:cf:93:56:9a:cb:f5:6b:48:e3:b3:
36:61:61:84:48:9a:6e:f6:00:0c:af:2d:55:68:46:19:d2:93:
dc:e1:96:24:97:01:72:21:de:54:49:43:f7:bb:7b:70:97:e2:
c1:a3:18:c0:74:ce:99:43:87:c3:9d:90:01:91:fe:c5:e5:23:
6e:12:fc:98:ea:b0:d0:fb:ba:f2:28:9b:95:d6:ae:02:ce:fe:
9a:94:85:0d:49:07:fe:4c:4e:46:e9:ac:77:7f:62:d2:e3:a3:
5d:b3:0f:eb:f3:d2:93:10:70:b8:24:b3:db:53:0d:cc:df:84:
97:25:b7:a4:f9:f4:8c:54:48:b2:c0:bb:b0:13:73:40:d9:64:
63:d6:24:20:2b:2a:f5:5b:80:24:74:f0:b3:02:df:8f:50:b6:
4e:c7:e9:7e:eb:b8:94:71:df:ee:61:2f:1e:80:d2:fd:39:89:
9b:04:ed:bb:e5:42:9d:46:8a:49:e9:c5:67:48:88:5c:be:cb:
19:d0:65:11:70:f3:f7:14:82:f2:90:53:9f:32:4f:c6:54:bb:
6e:0d:5e:80
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICA+8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMDEwMjcwNzA1NTBaFw0yMjA5MDIwNzA1NTBaMBgxFjAU
BgNVBAMTDTVmOTdjNmQ0LTJmNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUcqBabJDPq6isXYHxdippE46p/Eu0tSEjR8ku1kS52cwaMRKQFxSoBEbd
04T+ALBhSTmRCyorZ0I/RgRQqUhqknBqOiNIzM91S8RK4x9vgzmbd1tpFuTuKxh5
zuL6GAxRj4ilCImu8gqds3MBMFG9tJZ92U0gmAfln46XBu8H22vq/1kZDdX7GazJ
RESAtbSafjdmWC8hiDoYoY+4bLgun2qEKDvKZYaVjC77QbQHKVd80m7yu9PmEkJT
wC717utHfaRjM3VOwmzAJ07Tjdo7jE0j4pHMcB5SVPI9dZhga09zwG8xxQINszPt
hU6CsHw+MTgTBgZV+hOfAWaSU58jAgMBAAGjggK3MIICszAdBgNVHQ4EFgQUtP/M
WwFJuVwAMn2bAFT5KOnLFPUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RCNzRGMTNDMTgyMjExRUI4NUU3RDMyOUY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACaEDEDBACaEIoDBACaELAD
BACaEMMwDQYJKoZIhvcNAQELBQADggEBAKA8QxYqdb6R9SwOjkrctUm27kt8cB/H
pzB88EK2va51lr5Jdds1IFPDT7wSz5NWmsv1a0jjszZhYYRImm72AAyvLVVoRhnS
k9zhliSXAXIh3lRJQ/e7e3CX4sGjGMB0zplDh8OdkAGR/sXlI24S/JjqsND7uvIo
m5XWrgLO/pqUhQ1JB/5MTkbprHd/YtLjo12zD+vz0pMQcLgks9tTDczfhJclt6T5
9IxUSLLAu7ATc0DZZGPWJCArKvVbgCR08LMC349Qtk7H6X7ruJRx3+5hLx6A0v05
iZsE7bvlQp1GiknpxWdIiFy+yxnQZRFw8/cUgvKQU58yT8ZUu24NXoA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:59 2023 by rpki-client on console-ams.rpki-client.org