Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD4993AACCB211EEAE0D3873775412E6.roa
File: BD4993AACCB211EEAE0D3873775412E6.roa (raw, json)
Hash identifier: dCeBLBzEZjKNXGdKPfpf6gmON3weIVZRyjbi1WbalEI=
Subject key identifier: 22:F2:3E:D7:1D:50:3E:13:97:6E:8F:51:CB:90:13:E3:A1:A1:55:09
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 8AAB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD4993AACCB211EEAE0D3873775412E6.roa
Signing time: Fri 16 Feb 2024 10:04:15 +0000
ROA not before: Fri 16 Feb 2024 10:04:11 +0000
ROA not after: Fri 26 Apr 2024 10:04:11 +0000
asID: 9009
IP address blocks: 154.216.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35499 (0x8aab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 16 10:04:11 2024 GMT
Not After : Apr 26 10:04:11 2024 GMT
Subject: CN=65cf331f-c860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:af:43:ee:9a:79:0f:d7:86:a3:16:da:31:fd:
74:5b:63:32:b1:2c:c7:75:d7:39:c5:b6:0b:cc:ae:
8c:5b:87:95:50:47:cb:85:85:39:13:bb:2e:8d:7d:
fd:1d:7c:b0:94:b7:e7:bc:9b:5c:8e:12:cd:75:28:
09:89:45:01:28:70:da:50:f2:80:7d:ed:46:42:3e:
4d:24:6d:44:02:48:de:17:54:08:34:12:ab:1e:2f:
f0:12:c9:a3:24:2d:b4:23:12:b5:50:d0:99:2a:c7:
cd:c7:1a:5d:47:5c:f7:e5:79:75:09:24:1c:b1:5a:
a3:44:df:f4:0f:52:4d:a3:bd:05:ff:0e:2d:e0:00:
09:8a:64:37:97:5c:ca:b6:28:4f:bb:f0:d4:01:6d:
d6:02:ec:a9:04:91:d9:cd:f4:ef:0e:33:67:5a:70:
ca:06:8f:db:d5:d5:27:06:9c:70:b8:9c:f4:28:c6:
d8:02:9e:ef:14:cb:e2:73:df:07:e7:a3:6d:f7:62:
73:8d:cc:90:79:52:ab:65:d5:a0:56:ee:7b:9d:38:
3a:71:b7:8d:c4:6b:58:07:b3:18:dc:65:ec:6d:e8:
14:1e:5e:d1:e4:d5:ca:db:05:ab:56:c5:06:17:65:
46:a1:1e:5f:6d:40:03:15:50:fd:7a:9c:8b:fe:66:
bb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F2:3E:D7:1D:50:3E:13:97:6E:8F:51:CB:90:13:E3:A1:A1:55:09
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD4993AACCB211EEAE0D3873775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
20:f5:b0:b4:24:a1:44:a0:93:45:a7:74:82:ae:ea:20:98:4c:
de:3a:dd:16:b3:59:1e:88:d6:69:98:1a:b4:44:02:af:ab:ef:
27:be:36:7b:8d:db:f3:c9:0c:c7:fa:b1:c8:8b:a4:72:a5:04:
16:54:60:f9:aa:61:6c:27:9f:7f:9a:98:c0:ae:dc:92:40:f9:
02:81:ad:d7:ec:84:5b:23:9b:e5:49:db:bd:bf:39:3e:d3:da:
c5:03:1e:6f:44:4e:b2:ca:84:12:1c:a6:6a:ae:05:73:31:24:
aa:99:46:c4:4d:f0:be:9f:bb:77:69:fb:72:18:b4:b7:eb:3f:
57:06:4e:d3:c7:e0:c6:59:94:67:db:53:42:86:b1:82:23:bc:
67:10:57:f6:9b:0c:c4:88:88:79:b6:bd:1b:7c:3b:f8:c5:73:
8a:8c:4a:f6:0c:bd:d7:92:c6:89:31:81:b6:0e:11:4f:c0:68:
8b:e0:64:f1:da:96:46:4f:87:66:c6:94:a5:29:bf:c8:69:06:
b9:ad:7d:f1:8d:c6:be:74:55:a2:08:a7:db:56:47:09:94:6c:
21:5a:b2:84:a4:93:c8:ac:9e:90:32:73:93:9e:91:91:27:b0:
49:e1:f6:eb:58:b9:af:6d:05:e1:18:9b:44:4c:84:12:ce:bc:
d3:b9:f0:c8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIqrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjE2MTAwNDExWhcNMjQwNDI2MTAwNDExWjAYMRYw
FAYDVQQDEw02NWNmMzMxZi1jODYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwq9D7pp5D9eGoxbaMf10W2MysSzHddc5xbYLzK6MW4eVUEfLhYU5E7su
jX39HXywlLfnvJtcjhLNdSgJiUUBKHDaUPKAfe1GQj5NJG1EAkjeF1QINBKrHi/w
EsmjJC20IxK1UNCZKsfNxxpdR1z35Xl1CSQcsVqjRN/0D1JNo70F/w4t4AAJimQ3
l1zKtihPu/DUAW3WAuypBJHZzfTvDjNnWnDKBo/b1dUnBpxwuJz0KMbYAp7vFMvi
c98H56Nt92JzjcyQeVKrZdWgVu57nTg6cbeNxGtYB7MY3GXsbegUHl7R5NXK2wWr
VsUGF2VGoR5fbUADFVD9epyL/ma7dQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCLy
PtcdUD4Tl26PUcuQE+OhoVUJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRDQ5OTNBQUNDQjIxMUVFQUUwRDM4NzM3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtjcMA0GCSqGSIb3DQEB
CwUAA4IBAQAg9bC0JKFEoJNFp3SCruogmEzeOt0Ws1keiNZpmBq0RAKvq+8nvjZ7
jdvzyQzH+rHIi6RypQQWVGD5qmFsJ59/mpjArtySQPkCga3X7IRbI5vlSdu9vzk+
09rFAx5vRE6yyoQSHKZqrgVzMSSqmUbETfC+n7t3aftyGLS36z9XBk7Tx+DGWZRn
21NChrGCI7xnEFf2mwzEiIh5tr0bfDv4xXOKjEr2DL3XksaJMYG2DhFPwGiL4GTx
2pZGT4dmxpSlKb/IaQa5rX3xjca+dFWiCKfbVkcJlGwhWrKEpJPIrJ6QMnOTnpGR
J7BJ4fbrWLmvbQXhGJtETIQSzrzTufDI
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:01:47 2024 by rpki-client on console-ams.rpki-client.org