Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C42F8E00CCB611EEAFCCA479775412E6.roa
File: C42F8E00CCB611EEAFCCA479775412E6.roa (raw, json)
Hash identifier: M4xRli1QqbQe3mQ3M/i6LoCGc/ACL03W21/nAGkAawg=
Subject key identifier: A2:4E:98:56:F2:15:E1:B0:F6:46:3E:4C:AD:4F:65:96:DC:A2:A4:8D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 8ACF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C42F8E00CCB611EEAFCCA479775412E6.roa
Signing time: Fri 16 Feb 2024 10:33:04 +0000
ROA not before: Fri 16 Feb 2024 10:33:01 +0000
ROA not after: Fri 26 Apr 2024 10:33:01 +0000
asID: 9009
IP address blocks: 154.218.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35535 (0x8acf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 16 10:33:01 2024 GMT
Not After : Apr 26 10:33:01 2024 GMT
Subject: CN=65cf39e0-ac87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:7d:23:31:5c:17:b4:64:fe:a9:e8:24:3d:97:
5a:8d:1e:30:31:b1:33:4e:0c:82:4a:42:78:19:2c:
d6:90:b1:be:88:7c:78:b4:f8:28:c7:13:22:90:33:
c6:f8:1c:59:3e:fd:bd:f2:ef:ec:c7:2f:83:73:80:
8d:4e:c8:ca:67:94:d1:93:37:2a:62:eb:2e:41:c8:
81:73:3a:b6:1e:62:df:b1:d4:fb:d0:44:31:fb:1d:
68:a7:08:95:19:19:6b:1f:6a:43:cb:fd:a1:ec:44:
6b:10:83:ed:3a:99:d2:ad:71:79:20:97:f6:fc:b5:
f0:2e:84:50:7a:2f:06:c6:a3:28:63:0a:cf:00:8d:
d8:de:86:9a:2e:b2:2a:39:6f:af:7a:0b:d6:68:bb:
e7:77:a2:c0:36:f6:04:71:c3:b2:59:93:58:cb:2e:
b2:7f:fa:16:5c:c5:a9:54:18:ab:d4:78:60:57:ea:
2a:6c:63:95:86:9d:ec:f9:a8:78:a3:1d:fc:60:7d:
82:21:08:57:53:44:c2:68:91:f3:82:1e:6b:6c:6b:
bf:c0:47:3c:06:93:21:4e:74:e8:01:65:24:d9:7d:
58:b7:f6:84:ff:fa:95:95:0e:6c:20:6e:ba:ce:78:
d8:8a:f0:f9:ba:92:ff:38:43:cb:b9:97:a2:5c:58:
87:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:4E:98:56:F2:15:E1:B0:F6:46:3E:4C:AD:4F:65:96:DC:A2:A4:8D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C42F8E00CCB611EEAFCCA479775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.245.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:90:3f:24:70:50:dc:e4:8a:30:1e:38:50:bb:9d:db:bb:ee:
f5:f2:64:a3:74:95:60:df:e2:05:03:48:b3:29:59:67:47:8c:
67:5d:0c:ea:54:e8:98:53:05:58:55:b4:e0:e3:0d:c2:f7:06:
c8:8b:bb:8f:a6:93:b5:08:43:3c:b3:83:42:43:fc:52:76:dd:
cc:02:fc:6b:32:48:54:45:c9:34:81:73:fd:6a:c3:c8:4f:6e:
3a:4a:14:22:c5:65:65:0b:4a:76:74:14:32:94:ec:1e:51:78:
b7:09:f1:b1:b4:6c:b5:83:33:e5:61:56:6d:23:20:e1:96:c9:
d0:5b:cf:1c:be:e0:50:52:d9:cc:05:74:10:25:f9:b6:ab:90:
92:09:65:d4:9c:d9:eb:55:9d:22:dc:2d:5b:67:6f:26:77:70:
7e:a1:40:2c:b9:1c:cc:05:47:fb:b9:56:ef:d3:6a:3d:5f:25:
ee:22:8d:d5:1c:0f:69:2e:c1:d5:ef:ac:50:4b:1e:e3:c7:04:
af:91:75:78:88:1c:10:1a:b5:b3:b2:9e:cf:09:ed:b3:b0:0f:
be:e9:6d:57:ad:c8:de:9c:2c:dd:d3:35:3d:4b:fc:07:0c:15:
a1:88:b5:fc:45:22:23:62:72:25:53:d0:a8:d0:82:51:27:6b:
01:43:76:1d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIrPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjE2MTAzMzAxWhcNMjQwNDI2MTAzMzAxWjAYMRYw
FAYDVQQDEw02NWNmMzllMC1hYzg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7n0jMVwXtGT+qegkPZdajR4wMbEzTgyCSkJ4GSzWkLG+iHx4tPgoxxMi
kDPG+BxZPv298u/sxy+Dc4CNTsjKZ5TRkzcqYusuQciBczq2HmLfsdT70EQx+x1o
pwiVGRlrH2pDy/2h7ERrEIPtOpnSrXF5IJf2/LXwLoRQei8GxqMoYwrPAI3Y3oaa
LrIqOW+vegvWaLvnd6LANvYEccOyWZNYyy6yf/oWXMWpVBir1HhgV+oqbGOVhp3s
+ah4ox38YH2CIQhXU0TCaJHzgh5rbGu/wEc8BpMhTnToAWUk2X1Yt/aE//qVlQ5s
IG66znjYivD5upL/OEPLuZeiXFiHlwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKJO
mFbyFeGw9kY+TK1PZZbcoqSNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNDJGOEUwMENDQjYxMUVFQUZDQ0E0Nzk3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtr1MA0GCSqGSIb3DQEB
CwUAA4IBAQBOkD8kcFDc5IowHjhQu53bu+718mSjdJVg3+IFA0izKVlnR4xnXQzq
VOiYUwVYVbTg4w3C9wbIi7uPppO1CEM8s4NCQ/xSdt3MAvxrMkhURck0gXP9asPI
T246ShQixWVlC0p2dBQylOweUXi3CfGxtGy1gzPlYVZtIyDhlsnQW88cvuBQUtnM
BXQQJfm2q5CSCWXUnNnrVZ0i3C1bZ28md3B+oUAsuRzMBUf7uVbv02o9XyXuIo3V
HA9pLsHV76xQSx7jxwSvkXV4iBwQGrWzsp7PCe2zsA++6W1XrcjenCzd0zU9S/wH
DBWhiLX8RSIjYnIlU9Co0IJRJ2sBQ3Yd
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:01:48 2024 by rpki-client on console-ams.rpki-client.org