Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/400BB528060D11EF874EC33C017001B1.roa
File: 400BB528060D11EF874EC33C017001B1.roa (raw, json)
Hash identifier: O2F2eeDZKUzeFTF6sXM/L2vt2KUGqgONMm4x8y/OPx0=
Subject key identifier: 91:67:5C:EA:CA:99:F8:1B:EF:21:1F:44:A9:D1:09:3B:23:63:16:C5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B20C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/400BB528060D11EF874EC33C017001B1.roa
Signing time: Mon 29 Apr 2024 09:45:45 +0000
ROA not before: Mon 29 Apr 2024 09:45:42 +0000
ROA not after: Wed 15 May 2024 09:45:42 +0000
asID: 5065
IP address blocks: 154.85.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45580 (0xb20c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 29 09:45:42 2024 GMT
Not After : May 15 09:45:42 2024 GMT
Subject: CN=662f6c49-28d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:4a:65:71:21:97:3d:99:aa:45:2f:e1:3b:81:
bf:46:60:96:65:8d:b0:74:5f:2b:cd:c4:ac:44:3d:
a6:cd:e4:3e:7a:86:e7:53:16:93:6f:11:ed:0e:1f:
9c:22:89:4e:41:90:24:30:46:ff:58:dd:de:00:b1:
48:f4:dc:32:9d:21:ef:20:85:60:ef:48:56:84:db:
74:f4:28:b9:f8:24:5e:0f:bb:4f:1d:32:49:68:98:
1e:b2:aa:f3:97:3e:21:a3:30:fd:89:87:ec:d9:80:
d2:0e:e5:04:2d:d7:5e:0b:cf:a1:9e:f5:25:ab:16:
2c:1d:7c:73:6e:40:91:95:f0:bb:42:1c:b4:b9:5d:
25:52:78:52:3e:1e:16:07:83:88:9a:7e:b9:ab:70:
14:21:7f:91:72:3c:36:79:e8:16:1f:b7:a6:ba:2c:
6f:33:be:0b:40:5f:9b:86:84:51:73:69:cc:bd:95:
03:cb:f2:63:70:63:d8:df:45:c9:d9:6f:cc:bf:0b:
31:99:30:a2:eb:68:61:6f:20:81:aa:77:0b:de:1e:
88:74:75:7b:9a:8c:52:81:19:29:11:2e:69:c7:a0:
b6:13:ee:6b:95:f5:9e:6b:c9:ea:02:42:ee:e7:30:
5a:07:fe:2d:59:f9:c4:5c:69:a4:12:ee:3d:9a:63:
26:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:67:5C:EA:CA:99:F8:1B:EF:21:1F:44:A9:D1:09:3B:23:63:16:C5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/400BB528060D11EF874EC33C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.16.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:af:89:c2:5f:da:b1:9b:07:a8:ad:c9:57:57:a2:1a:fc:ce:
c7:dc:0b:31:b6:43:24:ed:0e:75:5d:cd:6b:15:5a:e6:46:dd:
95:18:f1:d1:49:17:11:81:54:23:5e:d6:2a:f1:76:95:49:5f:
b7:17:db:79:f2:26:51:7c:ef:16:20:cd:c6:4e:e7:49:0e:1e:
5c:6a:9e:f0:1b:e9:15:3e:e0:96:a7:9d:f0:c0:85:fb:bc:e0:
2a:47:d7:b5:d0:7a:c3:d6:81:7b:5e:8d:e0:37:4a:a6:f9:06:
31:40:9e:8f:87:d1:36:bb:98:f5:8f:86:77:63:1d:4b:34:a6:
fe:3f:f5:c8:5f:3d:35:ee:cc:4a:d8:62:45:e8:5a:af:07:7c:
cb:d7:a2:1d:f2:6f:3a:f4:61:a7:c5:d5:91:de:e1:34:4c:9d:
c9:da:0e:e2:46:7b:bf:71:0e:62:ab:c6:fb:34:b4:da:e9:f9:
8a:93:eb:8a:0f:a3:51:35:23:3f:38:35:84:04:6f:93:7f:fd:
27:e5:fe:ee:71:3f:40:99:09:24:02:66:a3:67:ad:71:01:cc:
aa:bf:46:5c:85:6e:b6:54:14:34:11:7f:04:36:38:1d:bf:36:
13:d8:7b:ca:fb:83:aa:f2:d1:89:c9:ff:38:4f:0e:37:28:0e:
32:10:c1:60
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALIMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDI5MDk0NTQyWhcNMjQwNTE1MDk0NTQyWjAYMRYw
FAYDVQQDEw02NjJmNmM0OS0yOGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA/UplcSGXPZmqRS/hO4G/RmCWZY2wdF8rzcSsRD2mzeQ+eobnUxaTbxHt
Dh+cIolOQZAkMEb/WN3eALFI9NwynSHvIIVg70hWhNt09Ci5+CReD7tPHTJJaJge
sqrzlz4hozD9iYfs2YDSDuUELddeC8+hnvUlqxYsHXxzbkCRlfC7Qhy0uV0lUnhS
Ph4WB4OImn65q3AUIX+Rcjw2eegWH7emuixvM74LQF+bhoRRc2nMvZUDy/JjcGPY
30XJ2W/MvwsxmTCi62hhbyCBqncL3h6IdHV7moxSgRkpES5px6C2E+5rlfWea8nq
AkLu5zBaB/4tWfnEXGmkEu49mmMm5QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJFn
XOrKmfgb7yEfRKnRCTsjYxbFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MDBCQjUyODA2MEQxMUVGODc0RUMzM0MwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlUQMA0GCSqGSIb3DQEB
CwUAA4IBAQAer4nCX9qxmweorclXV6Ia/M7H3AsxtkMk7Q51Xc1rFVrmRt2VGPHR
SRcRgVQjXtYq8XaVSV+3F9t58iZRfO8WIM3GTudJDh5cap7wG+kVPuCWp53wwIX7
vOAqR9e10HrD1oF7Xo3gN0qm+QYxQJ6Ph9E2u5j1j4Z3Yx1LNKb+P/XIXz017sxK
2GJF6FqvB3zL16Id8m869GGnxdWR3uE0TJ3J2g7iRnu/cQ5iq8b7NLTa6fmKk+uK
D6NRNSM/ODWEBG+Tf/0n5f7ucT9AmQkkAmajZ61xAcyqv0ZchW62VBQ0EX8ENjgd
vzYT2HvK+4Oq8tGJyf84Tw43KA4yEMFg
-----END CERTIFICATE-----
Generated at Thu May 16 01:35:16 2024 by rpki-client on console-fra.rpki-client.org