Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AE98664CCB711EE91A9027A775412E6.roa
File: 2AE98664CCB711EE91A9027A775412E6.roa (raw, json)
Hash identifier: hca/jFbSxyIaEB/f9orX6GbWKwGBirIs9ZqicjCYTuY=
Subject key identifier: 32:8B:68:F1:A1:F5:60:8F:2F:C9:8F:83:DE:C2:4B:29:A1:6F:01:CC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 8AD3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AE98664CCB711EE91A9027A775412E6.roa
Signing time: Fri 16 Feb 2024 10:35:57 +0000
ROA not before: Fri 16 Feb 2024 10:35:53 +0000
ROA not after: Fri 26 Apr 2024 10:35:53 +0000
asID: 9009
IP address blocks: 154.218.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35539 (0x8ad3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 16 10:35:53 2024 GMT
Not After : Apr 26 10:35:53 2024 GMT
Subject: CN=65cf3a8d-0f75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a2:93:e3:7b:22:90:65:00:66:38:9b:4e:7f:
3a:52:3b:99:50:dc:32:a1:8d:d3:82:60:38:ca:21:
80:1c:91:b8:4a:83:32:e8:af:04:8c:cc:8d:a2:f1:
4c:1a:00:2f:50:b0:ab:8f:e0:a4:1f:03:68:d5:05:
0f:14:82:79:9c:07:58:10:18:4a:c0:16:2b:d3:a4:
10:c2:08:09:3b:6f:a3:7f:a0:ee:6d:f4:ba:f5:f0:
19:8e:1f:c3:28:db:2e:71:65:f7:83:5a:ed:04:c0:
5e:66:3c:97:48:6c:ed:c6:b5:d2:38:5e:4f:c5:75:
ee:5b:6f:6c:91:8f:16:04:ca:b0:5d:00:cb:e2:2e:
89:63:11:93:1f:66:7e:d8:f1:8b:e5:60:33:85:3c:
7a:74:52:92:43:a9:ff:d9:d0:e9:32:55:e8:be:01:
e3:2c:ca:19:cb:52:1d:33:29:f5:7f:da:38:73:c1:
18:d0:5f:ef:b5:01:32:04:d7:25:56:81:db:f6:d7:
c0:3c:b6:60:94:ec:81:bc:34:90:d0:b9:2a:26:d0:
d1:08:df:fc:3e:4a:7c:a0:c4:7e:ca:f7:95:3f:da:
c9:c5:f8:a3:34:8d:dd:e4:d7:4d:75:04:88:a8:d7:
51:d7:f4:66:b4:35:67:27:ca:b1:92:79:1c:06:ea:
8b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8B:68:F1:A1:F5:60:8F:2F:C9:8F:83:DE:C2:4B:29:A1:6F:01:CC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AE98664CCB711EE91A9027A775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.247.0/24
Signature Algorithm: sha256WithRSAEncryption
00:7d:ea:1f:6b:ee:16:30:80:8c:7c:c3:75:f6:8f:ff:3f:48:
eb:0e:c1:71:c1:32:00:83:ca:a3:2f:ee:5d:4a:c6:39:1f:b8:
85:36:c7:74:b8:9b:8a:ee:ac:cd:6f:60:3f:2c:03:5b:c6:c7:
d0:ad:4b:c6:4e:ce:d8:46:c7:d1:2d:b3:3c:4f:62:d3:b7:a9:
03:04:12:6e:df:ef:a7:4c:af:94:bc:92:f8:21:23:7d:29:a0:
81:2c:59:6f:72:c8:44:c5:f9:0e:72:0d:15:88:f8:97:d7:2d:
8f:d6:0a:1d:95:a6:67:27:77:3f:3a:17:ab:a6:c5:02:55:68:
b4:ae:16:a1:fa:f6:ff:f5:07:64:44:22:49:5b:fa:d5:f4:29:
6a:ab:c2:48:81:cc:cb:c1:2a:42:aa:95:10:a1:9c:0e:49:b8:
7f:84:1e:e5:7c:18:26:3a:6b:6b:66:e9:d7:51:29:40:e5:a1:
0c:31:94:f9:c5:7a:90:7b:7c:50:fa:73:8c:1d:82:57:fd:e6:
ad:96:05:8a:6a:84:2d:85:f8:e1:c6:d8:90:b6:28:3f:33:78:
89:ea:a0:43:cf:6f:ac:c4:12:ff:d3:f0:5e:06:1f:94:c1:d7:
d6:6c:91:02:00:51:fc:73:83:99:52:0d:74:ca:f9:32:a6:4b:
da:cb:89:1a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIrTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjE2MTAzNTUzWhcNMjQwNDI2MTAzNTUzWjAYMRYw
FAYDVQQDEw02NWNmM2E4ZC0wZjc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxaKT43sikGUAZjibTn86UjuZUNwyoY3TgmA4yiGAHJG4SoMy6K8EjMyN
ovFMGgAvULCrj+CkHwNo1QUPFIJ5nAdYEBhKwBYr06QQwggJO2+jf6DubfS69fAZ
jh/DKNsucWX3g1rtBMBeZjyXSGztxrXSOF5PxXXuW29skY8WBMqwXQDL4i6JYxGT
H2Z+2PGL5WAzhTx6dFKSQ6n/2dDpMlXovgHjLMoZy1IdMyn1f9o4c8EY0F/vtQEy
BNclVoHb9tfAPLZglOyBvDSQ0LkqJtDRCN/8Pkp8oMR+yveVP9rJxfijNI3d5NdN
dQSIqNdR1/RmtDVnJ8qxknkcBuqLEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDKL
aPGh9WCPL8mPg97CSymhbwHMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQUU5ODY2NENDQjcxMUVFOTFBOTAyN0E3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtr3MA0GCSqGSIb3DQEB
CwUAA4IBAQAAfeofa+4WMICMfMN19o//P0jrDsFxwTIAg8qjL+5dSsY5H7iFNsd0
uJuK7qzNb2A/LANbxsfQrUvGTs7YRsfRLbM8T2LTt6kDBBJu3++nTK+UvJL4ISN9
KaCBLFlvcshExfkOcg0ViPiX1y2P1godlaZnJ3c/OherpsUCVWi0rhah+vb/9Qdk
RCJJW/rV9Clqq8JIgczLwSpCqpUQoZwOSbh/hB7lfBgmOmtrZunXUSlA5aEMMZT5
xXqQe3xQ+nOMHYJX/eatlgWKaoQthfjhxtiQtig/M3iJ6qBDz2+sxBL/0/BeBh+U
wdfWbJECAFH8c4OZUg10yvkypkvay4ka
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:01:32 2024 by rpki-client on console-ams.rpki-client.org