Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7C50C48E27C211EFBC86F7287DDC24C2.roa
File: 7C50C48E27C211EFBC86F7287DDC24C2.roa (raw, json)
Hash identifier: 1j3Kk8B/GH+T0EKBX0mNfrNU/XMr7lZt8z4Wvak3gYA=
Subject key identifier: 69:BA:C2:3C:78:E9:FC:0A:DF:DC:71:CA:DE:B0:E8:DE:59:EA:B9:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: C17C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7C50C48E27C211EFBC86F7287DDC24C2.roa
Signing time: Tue 11 Jun 2024 07:16:14 +0000
ROA not before: Tue 11 Jun 2024 07:16:10 +0000
ROA not after: Thu 20 Jun 2024 07:16:10 +0000
asID: 139811
IP address blocks: 154.210.13.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49532 (0xc17c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 11 07:16:10 2024 GMT
Not After : Jun 20 07:16:10 2024 GMT
Subject: CN=6667f9bd-72ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6f:7e:2f:62:a7:b8:48:6a:02:89:ea:5a:b1:
f0:12:ce:31:b6:69:2b:51:4a:12:ec:b6:9d:7c:5b:
6b:1b:4d:93:95:dd:50:70:3c:b2:42:b8:60:a5:af:
f5:62:32:11:54:ad:48:92:aa:45:fa:9f:20:13:39:
40:af:36:03:0c:69:58:00:72:58:31:84:f3:a4:fa:
10:b7:29:23:f9:99:26:13:e5:c4:85:07:cc:e7:5c:
7b:ee:e5:f4:1d:e6:5b:d4:02:8b:11:dd:2a:68:33:
e8:ce:c3:36:59:07:49:9b:24:17:00:35:97:ea:c3:
eb:2a:b8:22:ef:46:51:d5:ec:05:f6:7e:c7:62:6d:
aa:b1:7b:94:e4:5c:64:dd:73:c2:61:0f:dc:81:0b:
81:4a:8b:9f:2b:4a:aa:0b:3d:4d:42:c9:4d:14:25:
b1:c8:34:b9:3e:1c:61:a8:18:ea:50:e8:30:44:3e:
83:c1:5f:b6:cf:28:4b:c3:5c:cb:a1:db:ac:22:93:
95:c8:d1:f7:ab:ac:bc:fa:66:36:2e:c6:a6:b0:fe:
b3:d0:de:32:6a:06:69:c4:33:af:fa:47:93:8b:32:
83:a3:7c:60:fc:f3:d7:a5:0a:9d:26:20:4f:8d:1a:
51:01:f9:d7:47:5d:2c:98:e6:fe:5e:20:4b:45:16:
23:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BA:C2:3C:78:E9:FC:0A:DF:DC:71:CA:DE:B0:E8:DE:59:EA:B9:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7C50C48E27C211EFBC86F7287DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.13.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:6a:a5:0e:d4:35:2a:7b:d6:e4:4c:38:ac:61:8c:44:d2:fe:
3a:dd:e2:9c:fe:0f:a0:18:32:85:6e:32:b0:45:20:a3:24:e4:
38:62:b6:77:97:cd:81:74:4d:8a:34:c7:ad:91:58:27:4a:10:
7e:cd:0e:8e:a4:00:3b:fd:a4:9c:b3:92:41:24:67:c3:9b:e1:
87:86:f1:88:29:69:2d:88:ad:83:c3:9f:7e:aa:1a:56:19:c6:
a7:c1:02:02:1d:31:62:10:c8:b4:ac:8c:9f:91:f3:68:b4:5e:
1c:bb:44:bd:b2:50:0b:0d:e3:73:76:f0:66:3f:90:ab:89:c7:
a4:1c:32:f2:85:eb:3b:26:fb:11:96:63:b2:b6:0a:3e:53:43:
92:ce:fd:77:f9:39:49:75:af:70:8a:5a:46:c9:8c:d6:3f:e2:
a2:9b:79:52:4f:0d:6b:e0:cf:80:54:9c:54:16:40:bf:6b:68:
e8:0c:7e:2a:15:e4:63:f3:85:a9:8d:2c:c6:55:1a:b3:62:c0:
d9:15:09:c5:b6:e8:16:2c:c2:e3:65:e7:37:68:04:26:2e:4b:
c8:f0:f2:28:4e:69:17:bc:ed:87:a2:13:1d:f8:cd:71:e7:1b:
ca:fd:ce:be:05:02:4b:8b:db:69:47:51:d8:24:5f:94:f0:3e:
03:41:aa:e9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAMF8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNjExMDcxNjEwWhcNMjQwNjIwMDcxNjEwWjAYMRYw
FAYDVQQDEw02NjY3ZjliZC03MmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2G9+L2KnuEhqAonqWrHwEs4xtmkrUUoS7LadfFtrG02Tld1QcDyyQrhg
pa/1YjIRVK1IkqpF+p8gEzlArzYDDGlYAHJYMYTzpPoQtykj+ZkmE+XEhQfM51x7
7uX0HeZb1AKLEd0qaDPozsM2WQdJmyQXADWX6sPrKrgi70ZR1ewF9n7HYm2qsXuU
5Fxk3XPCYQ/cgQuBSoufK0qqCz1NQslNFCWxyDS5PhxhqBjqUOgwRD6DwV+2zyhL
w1zLodusIpOVyNH3q6y8+mY2LsamsP6z0N4yagZpxDOv+keTizKDo3xg/PPXpQqd
JiBPjRpRAfnXR10smOb+XiBLRRYjnQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGm6
wjx46fwK39xxyt6w6N5Z6rkAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QzUwQzQ4RTI3QzIxMUVGQkM4NkY3Mjg3RERDMjRDMi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtINMA0GCSqGSIb3DQEB
CwUAA4IBAQDWaqUO1DUqe9bkTDisYYxE0v463eKc/g+gGDKFbjKwRSCjJOQ4YrZ3
l82BdE2KNMetkVgnShB+zQ6OpAA7/aScs5JBJGfDm+GHhvGIKWktiK2Dw59+qhpW
GcanwQICHTFiEMi0rIyfkfNotF4cu0S9slALDeNzdvBmP5CricekHDLyhes7JvsR
lmOytgo+U0OSzv13+TlJda9wilpGyYzWP+Kim3lSTw1r4M+AVJxUFkC/a2joDH4q
FeRj84WpjSzGVRqzYsDZFQnFtugWLMLjZec3aAQmLkvI8PIoTmkXvO2HohMd+M1x
5xvK/c6+BQJLi9tpR1HYJF+U8D4DQarp
-----END CERTIFICATE-----
Generated at Thu Jun 20 10:20:59 2024 by rpki-client on console-fra.rpki-client.org