Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D02F2B5ACCA911EE959E0D65775412E6.roa
File: D02F2B5ACCA911EE959E0D65775412E6.roa (raw, json)
Hash identifier: otewJqmuNZM1Jv0DFeLEv2Fd5mGX10MCwBKoV2tCHNE=
Subject key identifier: 88:8C:96:BC:E2:0E:77:A8:CA:4D:DE:4E:2E:FA:62:C9:BD:71:0B:4B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 8A5B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D02F2B5ACCA911EE959E0D65775412E6.roa
Signing time: Fri 16 Feb 2024 09:00:21 +0000
ROA not before: Fri 16 Feb 2024 09:00:18 +0000
ROA not after: Fri 26 Apr 2024 09:00:18 +0000
asID: 9009
IP address blocks: 154.216.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35419 (0x8a5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 16 09:00:18 2024 GMT
Not After : Apr 26 09:00:18 2024 GMT
Subject: CN=65cf2425-6482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d4:df:46:58:d0:d0:ce:a3:00:b7:36:d1:21:
ca:7f:de:7e:10:61:e0:6b:2c:80:df:b5:98:d9:b2:
4a:98:76:5f:6f:e9:f1:27:08:c5:a9:31:8c:c4:da:
6c:17:00:62:ab:67:43:5b:8f:f5:11:13:79:f1:e8:
e0:d7:fb:f0:14:b6:3d:20:ea:54:4c:b8:be:99:b9:
84:d5:72:1c:ee:78:67:44:1d:c8:75:4f:12:9b:23:
d9:9b:aa:f9:ec:21:37:4a:88:01:dd:dd:ab:c8:5a:
97:78:e5:43:74:a8:35:cc:72:6c:bb:64:a1:62:8f:
21:3b:a2:96:ed:b8:11:48:d8:ce:e3:7f:e1:81:47:
74:76:db:01:95:6a:dd:14:1a:7a:dc:07:57:e5:6e:
68:84:5a:39:5e:81:07:6b:73:c3:28:f7:1d:d5:80:
2e:92:fb:c1:12:2b:68:31:46:07:88:2e:24:bb:51:
53:04:19:ca:9c:93:bf:14:77:e7:26:38:8c:31:48:
12:26:52:e3:ca:24:bf:9d:28:9d:c9:c7:87:7e:9a:
df:7a:ef:58:c4:c2:7c:ff:48:b1:b4:f4:27:95:3b:
54:94:50:a5:d8:56:46:9e:21:16:c4:1e:79:17:22:
a3:01:2a:95:82:d4:b1:3e:5e:df:a6:68:9b:e4:80:
79:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8C:96:BC:E2:0E:77:A8:CA:4D:DE:4E:2E:FA:62:C9:BD:71:0B:4B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D02F2B5ACCA911EE959E0D65775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.200.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f6:38:bf:2c:db:0e:a2:2e:d0:7e:d2:ff:ba:a9:42:d6:a8:
b1:2f:6e:44:1d:89:71:72:bf:f7:e2:bd:62:ec:26:91:00:2e:
a0:85:3d:5b:11:e5:cc:91:85:0c:ee:4c:37:07:a4:89:67:57:
8e:07:2b:45:29:10:dc:9d:22:9d:1d:21:1b:1d:37:be:6d:42:
50:cc:2b:f5:dd:58:f3:27:41:06:c0:6c:75:64:62:30:01:fe:
68:01:ab:1a:bc:1e:1e:76:d8:a5:a7:e4:97:9a:d3:49:87:71:
6a:9d:96:af:1e:5e:3e:ad:d2:c9:cb:af:bb:45:58:a3:b9:2c:
ae:b6:3f:cf:f9:45:00:a8:d7:40:0a:cc:35:90:52:0d:0e:20:
22:97:62:2c:9e:60:7e:85:1f:84:f9:bb:ad:09:b3:fe:4f:72:
f9:3c:5f:1e:11:e5:ce:01:15:e0:71:17:2b:c7:fa:ac:22:1e:
d2:ec:65:68:85:20:b9:e1:b8:1b:0e:71:6e:f0:c3:27:7a:8f:
06:15:8a:ff:6d:90:22:24:0a:b0:da:09:16:72:56:7e:93:ac:
95:0d:57:7b:d7:be:4d:c5:77:9a:cc:2c:27:74:dd:6c:f1:f5:
8a:e3:2b:d2:ab:5c:6e:68:e0:5b:b3:09:4e:14:f4:f1:72:b6:
07:97:44:69
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIpbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjE2MDkwMDE4WhcNMjQwNDI2MDkwMDE4WjAYMRYw
FAYDVQQDEw02NWNmMjQyNS02NDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3tTfRljQ0M6jALc20SHKf95+EGHgayyA37WY2bJKmHZfb+nxJwjFqTGM
xNpsFwBiq2dDW4/1ERN58ejg1/vwFLY9IOpUTLi+mbmE1XIc7nhnRB3IdU8SmyPZ
m6r57CE3SogB3d2ryFqXeOVDdKg1zHJsu2ShYo8hO6KW7bgRSNjO43/hgUd0dtsB
lWrdFBp63AdX5W5ohFo5XoEHa3PDKPcd1YAukvvBEitoMUYHiC4ku1FTBBnKnJO/
FHfnJjiMMUgSJlLjyiS/nSidyceHfprfeu9YxMJ8/0ixtPQnlTtUlFCl2FZGniEW
xB55FyKjASqVgtSxPl7fpmib5IB5iQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIiM
lrziDneoyk3eTi76Ysm9cQtLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMDJGMkI1QUNDQTkxMUVFOTU5RTBENjU3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtjIMA0GCSqGSIb3DQEB
CwUAA4IBAQCS9ji/LNsOoi7QftL/uqlC1qixL25EHYlxcr/34r1i7CaRAC6ghT1b
EeXMkYUM7kw3B6SJZ1eOBytFKRDcnSKdHSEbHTe+bUJQzCv13VjzJ0EGwGx1ZGIw
Af5oAasavB4edtilp+SXmtNJh3FqnZavHl4+rdLJy6+7RVijuSyutj/P+UUAqNdA
Csw1kFINDiAil2IsnmB+hR+E+butCbP+T3L5PF8eEeXOARXgcRcrx/qsIh7S7GVo
hSC54bgbDnFu8MMneo8GFYr/bZAiJAqw2gkWclZ+k6yVDVd7175NxXeazCwndN1s
8fWK4yvSq1xuaOBbswlOFPTxcrYHl0Rp
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:01:49 2024 by rpki-client on console-ams.rpki-client.org