Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AEF2C236CCAD11EEA774536B775412E6.roa
File: AEF2C236CCAD11EEA774536B775412E6.roa (raw, json)
Hash identifier: zJNxxc64lZqIdbZ95riwn6tGfdjcYyJ3O0yynCee1O0=
Subject key identifier: B6:BD:08:2B:B5:62:2A:E7:29:B0:72:77:C9:DD:64:AA:B0:D0:AE:63
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 8A7D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AEF2C236CCAD11EEA774536B775412E6.roa
Signing time: Fri 16 Feb 2024 09:28:03 +0000
ROA not before: Fri 16 Feb 2024 09:27:59 +0000
ROA not after: Fri 26 Apr 2024 09:27:59 +0000
asID: 9009
IP address blocks: 154.218.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35453 (0x8a7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 16 09:27:59 2024 GMT
Not After : Apr 26 09:27:59 2024 GMT
Subject: CN=65cf2aa3-fc60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ea:c2:60:d6:6b:22:ff:a4:3f:f1:97:a1:98:
a2:22:36:23:f7:4c:78:cf:db:1e:1e:d4:b2:3b:37:
a2:d0:1c:7b:13:e5:7f:07:b0:62:a6:ff:2c:48:c0:
b9:95:fd:00:6d:a2:9c:8d:24:87:d1:78:4e:f9:98:
47:e7:a1:d6:61:b2:bc:fa:0d:73:60:22:65:61:4f:
52:23:c8:f2:ad:8d:23:f7:19:c5:68:d3:50:74:7d:
d7:1e:21:92:db:63:27:3b:05:50:89:5a:da:c2:fc:
fc:b0:a7:f1:26:0c:36:af:6d:4e:91:79:86:71:67:
5f:af:df:68:06:19:b7:19:fb:16:d6:a6:67:0f:14:
9a:1c:29:f2:15:86:d5:1f:ee:cc:ba:d3:fb:59:5b:
ea:9e:3d:bb:64:b3:b1:d6:bb:18:19:d2:b9:ce:8a:
c5:9f:ae:3a:fe:0c:9d:5b:5f:35:9c:41:ec:83:a9:
2d:d3:1c:ff:89:5e:ed:b4:af:f1:e8:9f:8f:fb:e0:
cf:ce:84:16:9d:ba:3a:fd:52:00:e3:c0:71:cd:02:
b4:22:fa:15:71:ae:6a:3e:a5:7e:fc:f5:57:1b:a2:
ed:0a:f9:6f:f4:e3:00:a2:69:02:81:c6:32:07:98:
35:c4:6d:73:a9:d6:22:e6:7f:ce:4b:e9:64:57:b7:
c6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:BD:08:2B:B5:62:2A:E7:29:B0:72:77:C9:DD:64:AA:B0:D0:AE:63
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AEF2C236CCAD11EEA774536B775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.221.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:f9:31:2d:fe:85:99:5a:6a:b7:ad:39:9d:5a:a7:8d:26:51:
b0:1d:5b:7c:65:85:06:51:13:61:08:22:ca:67:8b:66:f8:5d:
d9:72:b7:c2:4c:0a:55:33:3c:47:06:b0:08:2e:a6:0e:48:80:
eb:70:0d:b6:ca:94:94:ba:c8:23:c6:d2:0f:cd:6d:88:20:08:
1b:29:b4:6b:c2:95:a5:07:5c:2a:44:43:86:68:9e:f3:42:99:
ed:4e:3c:4a:c1:0a:a2:50:e2:7e:98:85:90:97:1d:87:25:5d:
d2:e3:d2:11:83:b9:21:53:66:03:22:2f:2e:bc:14:00:dc:09:
69:2d:fd:28:1a:f8:ac:f8:31:93:57:96:52:00:4a:d4:8c:63:
17:23:68:d2:64:50:7e:66:5f:e2:2a:e9:3b:c0:20:66:bd:84:
5a:28:6a:1b:ab:66:9b:d0:ca:f3:d3:cb:8b:48:f2:77:7e:12:
70:30:dc:a2:6a:17:23:00:c3:55:82:89:61:13:93:bd:b4:c3:
83:85:54:e9:5e:6d:6d:35:e7:28:2c:85:58:72:29:66:2b:bb:
60:bd:c2:6e:d4:40:04:52:56:36:d5:80:6f:68:20:a4:14:cc:
6c:00:ce:2d:f1:30:e3:b7:3c:bc:08:03:d8:53:a3:30:3b:a5:
4d:6c:c7:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIp9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjE2MDkyNzU5WhcNMjQwNDI2MDkyNzU5WjAYMRYw
FAYDVQQDEw02NWNmMmFhMy1mYzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1urCYNZrIv+kP/GXoZiiIjYj90x4z9seHtSyOzei0Bx7E+V/B7Bipv8s
SMC5lf0AbaKcjSSH0XhO+ZhH56HWYbK8+g1zYCJlYU9SI8jyrY0j9xnFaNNQdH3X
HiGS22MnOwVQiVrawvz8sKfxJgw2r21OkXmGcWdfr99oBhm3GfsW1qZnDxSaHCny
FYbVH+7MutP7WVvqnj27ZLOx1rsYGdK5zorFn646/gydW181nEHsg6kt0xz/iV7t
tK/x6J+P++DPzoQWnbo6/VIA48BxzQK0IvoVca5qPqV+/PVXG6LtCvlv9OMAomkC
gcYyB5g1xG1zqdYi5n/OS+lkV7fGvQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLa9
CCu1YirnKbByd8ndZKqw0K5jMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRUYyQzIzNkNDQUQxMUVFQTc3NDUzNkI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtrdMA0GCSqGSIb3DQEB
CwUAA4IBAQCo+TEt/oWZWmq3rTmdWqeNJlGwHVt8ZYUGURNhCCLKZ4tm+F3ZcrfC
TApVMzxHBrAILqYOSIDrcA22ypSUusgjxtIPzW2IIAgbKbRrwpWlB1wqREOGaJ7z
QpntTjxKwQqiUOJ+mIWQlx2HJV3S49IRg7khU2YDIi8uvBQA3AlpLf0oGvis+DGT
V5ZSAErUjGMXI2jSZFB+Zl/iKuk7wCBmvYRaKGobq2ab0Mrz08uLSPJ3fhJwMNyi
ahcjAMNVgolhE5O9tMODhVTpXm1tNecoLIVYcilmK7tgvcJu1EAEUlY21YBvaCCk
FMxsAM4t8TDjtzy8CAPYU6MwO6VNbMdz
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:01:46 2024 by rpki-client on console-ams.rpki-client.org