Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23C17652CCAE11EEAC49DA6B775412E6.roa
File: 23C17652CCAE11EEAC49DA6B775412E6.roa (raw, json)
Hash identifier: ltJukxt/q5g4fYxUUrcU8GKGIiUXN/tt89nTZhchZAs=
Subject key identifier: 01:D9:B7:C1:7E:09:8E:D1:1D:D9:88:78:45:DC:0C:E8:F1:35:92:A6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 8A81
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23C17652CCAE11EEAC49DA6B775412E6.roa
Signing time: Fri 16 Feb 2024 09:31:19 +0000
ROA not before: Fri 16 Feb 2024 09:31:15 +0000
ROA not after: Fri 26 Apr 2024 09:31:15 +0000
asID: 9009
IP address blocks: 154.218.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35457 (0x8a81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 16 09:31:15 2024 GMT
Not After : Apr 26 09:31:15 2024 GMT
Subject: CN=65cf2b67-c69a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9c:87:20:69:0f:54:49:e5:33:19:0c:83:de:
66:ba:52:a6:99:67:b6:43:e7:40:13:77:67:70:45:
62:07:a9:72:4b:41:dd:70:88:3c:67:e4:77:9c:ed:
f2:8b:5e:d5:4e:3c:d9:19:5a:af:37:95:ff:c8:3b:
ee:11:79:fd:ca:eb:f6:85:6e:ba:f6:e5:a1:dd:e1:
23:63:28:bd:6f:2f:87:b0:98:f7:ee:c9:ea:71:de:
df:0c:9f:de:7e:26:47:3f:08:4c:44:9a:b9:5a:37:
d0:d6:67:fc:6e:0c:6f:46:1c:50:06:55:73:17:ae:
a3:02:32:2a:31:7b:ee:a7:d1:ea:dc:36:ce:a8:b2:
02:77:f2:f7:09:25:73:c5:64:fa:e0:fa:b3:9c:51:
94:09:2a:67:bf:b0:66:d3:5a:a5:e3:8b:ff:27:51:
b2:a6:a0:c5:c1:f4:e7:6a:7c:4c:f1:a3:ee:7c:8a:
61:d5:6a:b4:5d:76:51:59:ae:c4:f9:8f:c5:0a:7a:
05:b8:57:08:84:ac:a6:b7:c7:38:3b:cb:00:89:f7:
97:b4:ce:d6:ab:37:25:55:c5:8d:5a:46:ef:03:c3:
69:30:e0:51:5a:85:2a:5e:8c:ca:52:33:ef:71:09:
ba:47:e5:2a:f2:aa:51:75:61:07:53:4c:96:16:c5:
16:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D9:B7:C1:7E:09:8E:D1:1D:D9:88:78:45:DC:0C:E8:F1:35:92:A6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23C17652CCAE11EEAC49DA6B775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.222.0/24
Signature Algorithm: sha256WithRSAEncryption
70:80:61:79:58:34:f1:67:40:6e:c8:d6:f4:d3:f8:1b:c3:09:
61:28:a5:54:b9:65:c9:14:0f:51:bf:17:5f:00:f6:34:1c:ab:
17:0d:14:ed:95:fe:f8:e7:7c:b3:42:38:77:a8:da:18:30:0e:
19:f9:3f:2a:3b:89:7a:71:e0:b1:a1:e8:49:65:0b:bd:9a:55:
0c:3b:95:dd:8d:17:7b:71:5f:f9:7c:5a:77:67:96:cd:c3:b0:
4d:92:6a:ab:d5:2c:b5:77:fa:37:d8:85:f4:f6:38:54:11:f9:
bf:d0:3f:03:62:0d:10:a2:26:72:c3:03:a1:09:a5:7f:64:74:
dc:69:91:be:76:d8:a2:ab:9a:e9:01:0b:8e:2f:98:60:b5:34:
e6:d2:17:54:2a:30:26:fe:1d:45:4b:b1:af:00:d3:53:94:9a:
2d:1a:3b:3e:15:73:7b:6d:3d:7f:55:5e:5f:49:28:e3:0b:9c:
d8:9f:f6:62:05:6e:ad:21:d4:09:dc:95:c8:67:02:c3:82:53:
13:d6:b8:83:4e:d2:15:8f:81:d5:c8:14:57:92:b2:f9:df:fb:
e6:f6:ee:67:55:85:f9:7a:ba:fc:2c:58:4d:c5:ec:92:dd:5e:
57:a8:d5:eb:07:1a:63:5d:6f:b9:0d:8e:79:c3:ee:11:69:d8:
1f:fd:22:dd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIqBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjE2MDkzMTE1WhcNMjQwNDI2MDkzMTE1WjAYMRYw
FAYDVQQDEw02NWNmMmI2Ny1jNjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAypyHIGkPVEnlMxkMg95mulKmmWe2Q+dAE3dncEViB6lyS0HdcIg8Z+R3
nO3yi17VTjzZGVqvN5X/yDvuEXn9yuv2hW669uWh3eEjYyi9by+HsJj37snqcd7f
DJ/efiZHPwhMRJq5WjfQ1mf8bgxvRhxQBlVzF66jAjIqMXvup9Hq3DbOqLICd/L3
CSVzxWT64PqznFGUCSpnv7Bm01ql44v/J1GypqDFwfTnanxM8aPufIph1Wq0XXZR
Wa7E+Y/FCnoFuFcIhKymt8c4O8sAifeXtM7WqzclVcWNWkbvA8NpMOBRWoUqXozK
UjPvcQm6R+Uq8qpRdWEHU0yWFsUW+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAHZ
t8F+CY7RHdmIeEXcDOjxNZKmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yM0MxNzY1MkNDQUUxMUVFQUM0OURBNkI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtreMA0GCSqGSIb3DQEB
CwUAA4IBAQBwgGF5WDTxZ0BuyNb00/gbwwlhKKVUuWXJFA9RvxdfAPY0HKsXDRTt
lf7453yzQjh3qNoYMA4Z+T8qO4l6ceCxoehJZQu9mlUMO5XdjRd7cV/5fFp3Z5bN
w7BNkmqr1Sy1d/o32IX09jhUEfm/0D8DYg0QoiZywwOhCaV/ZHTcaZG+dtiiq5rp
AQuOL5hgtTTm0hdUKjAm/h1FS7GvANNTlJotGjs+FXN7bT1/VV5fSSjjC5zYn/Zi
BW6tIdQJ3JXIZwLDglMT1riDTtIVj4HVyBRXkrL53/vm9u5nVYX5err8LFhNxeyS
3V5XqNXrBxpjXW+5DY55w+4Radgf/SLd
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:01:30 2024 by rpki-client on console-ams.rpki-client.org