Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0F043DCCCA711EEAD16EC61775412E6.roa
File: D0F043DCCCA711EEAD16EC61775412E6.roa (raw, json)
Hash identifier: 2sbQFb47H3yqAOWXoheaMBLaLUcVsW4ZHAgAfZsaoQk=
Subject key identifier: 45:71:81:DB:61:4A:1A:CE:D1:1D:88:5A:46:4C:5E:4E:58:7A:C6:AC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 8A47
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0F043DCCCA711EEAD16EC61775412E6.roa
Signing time: Fri 16 Feb 2024 08:46:03 +0000
ROA not before: Fri 16 Feb 2024 08:46:00 +0000
ROA not after: Fri 26 Apr 2024 08:46:00 +0000
asID: 9009
IP address blocks: 154.216.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35399 (0x8a47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 16 08:46:00 2024 GMT
Not After : Apr 26 08:46:00 2024 GMT
Subject: CN=65cf20cb-b5e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:38:cd:8c:5d:72:38:23:1b:3c:63:ec:5e:48:
2e:d6:0c:0a:1b:56:e3:b4:b3:a9:7b:57:33:05:03:
1b:3a:0a:13:f8:0d:12:70:71:ea:e3:9b:f2:fd:5f:
41:09:03:c9:61:37:78:e7:7c:d1:bf:14:bc:75:c6:
fc:48:df:d2:e0:07:0f:c0:cd:ce:a7:e2:3c:04:7b:
a4:23:f5:08:9f:33:28:b6:6d:50:56:d3:78:47:c1:
ef:1f:44:ea:21:90:de:88:fb:d3:38:43:30:a4:54:
2d:82:ab:9c:e3:75:ca:92:63:f6:91:9d:ac:a0:7d:
69:50:06:81:ed:91:ed:fe:f0:b5:b1:85:0c:16:d8:
43:3d:2a:0b:1c:1b:76:3d:a9:d4:10:64:aa:79:bd:
ef:b2:aa:36:60:fc:e1:2c:ef:71:83:91:f1:b6:83:
42:fc:34:18:16:63:81:d4:01:dc:1f:02:e1:31:57:
33:ff:29:1c:db:e9:cb:f0:a6:f0:42:fb:c3:f2:f2:
fa:27:a3:fe:f5:1c:df:27:3d:fc:24:00:02:60:c5:
46:7d:50:de:7f:d6:74:28:68:3a:e7:c0:23:ab:23:
1a:0d:ab:e3:29:7a:02:73:81:59:10:f3:1a:b4:5d:
2a:a4:cd:52:b9:5b:f7:77:e1:f9:14:11:92:6d:82:
e6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:71:81:DB:61:4A:1A:CE:D1:1D:88:5A:46:4C:5E:4E:58:7A:C6:AC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0F043DCCCA711EEAD16EC61775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.195.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:fa:7a:7a:f5:c6:3e:b7:e8:99:78:88:e9:8f:8c:30:53:a4:
7b:f1:ad:32:c4:90:2a:c4:43:2b:7a:55:2a:73:0f:f4:bb:08:
8f:e7:ec:fa:7d:0c:ca:93:8e:6e:59:3b:13:08:34:1c:6e:1d:
86:8c:31:b5:78:64:d4:d0:8f:d3:ea:4a:20:15:8d:4f:6d:f1:
f5:e9:a7:3a:42:88:d7:cb:ac:df:5a:7e:ee:6c:93:f4:1a:c6:
b0:b9:51:6e:5e:34:c6:55:ea:9b:8c:fe:70:4a:77:61:83:3a:
71:2d:1d:49:ad:96:b7:4a:e1:ed:20:39:fe:59:e0:2c:1f:9a:
9a:29:84:f0:ba:f6:b9:38:ed:dd:a7:50:3f:43:5d:39:78:1f:
2c:37:f8:ab:c3:c3:31:24:5c:f7:21:1a:0f:8f:8f:6f:4c:b6:
eb:39:74:0d:e5:75:9f:08:8d:66:d9:63:ff:8d:35:99:18:8b:
48:b6:d4:1f:3a:3e:3c:a8:d6:79:d2:1b:11:e9:9a:fe:84:68:
e1:e4:5d:1f:ed:18:de:87:ed:35:f7:33:53:95:5d:3a:9d:3b:
89:2b:b7:86:3e:69:c0:5c:06:9f:b1:6c:a9:b6:b0:6f:ad:75:
e2:54:78:2e:26:1c:b0:94:f8:30:92:5c:13:ce:86:bc:40:cc:
d0:5f:78:99
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIpHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjE2MDg0NjAwWhcNMjQwNDI2MDg0NjAwWjAYMRYw
FAYDVQQDEw02NWNmMjBjYi1iNWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyDjNjF1yOCMbPGPsXkgu1gwKG1bjtLOpe1czBQMbOgoT+A0ScHHq45vy
/V9BCQPJYTd453zRvxS8dcb8SN/S4AcPwM3Op+I8BHukI/UInzMotm1QVtN4R8Hv
H0TqIZDeiPvTOEMwpFQtgquc43XKkmP2kZ2soH1pUAaB7ZHt/vC1sYUMFthDPSoL
HBt2PanUEGSqeb3vsqo2YPzhLO9xg5HxtoNC/DQYFmOB1AHcHwLhMVcz/ykc2+nL
8KbwQvvD8vL6J6P+9RzfJz38JAACYMVGfVDef9Z0KGg658AjqyMaDavjKXoCc4FZ
EPMatF0qpM1SuVv3d+H5FBGSbYLmMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEVx
gdthShrO0R2IWkZMXk5YesasMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMEYwNDNEQ0NDQTcxMUVFQUQxNkVDNjE3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtjDMA0GCSqGSIb3DQEB
CwUAA4IBAQCO+np69cY+t+iZeIjpj4wwU6R78a0yxJAqxEMrelUqcw/0uwiP5+z6
fQzKk45uWTsTCDQcbh2GjDG1eGTU0I/T6kogFY1PbfH16ac6QojXy6zfWn7ubJP0
GsawuVFuXjTGVeqbjP5wSndhgzpxLR1JrZa3SuHtIDn+WeAsH5qaKYTwuva5OO3d
p1A/Q105eB8sN/irw8MxJFz3IRoPj49vTLbrOXQN5XWfCI1m2WP/jTWZGItIttQf
Oj48qNZ50hsR6Zr+hGjh5F0f7Rjeh+019zNTlV06nTuJK7eGPmnAXAafsWyptrBv
rXXiVHguJhywlPgwklwTzoa8QMzQX3iZ
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:01:49 2024 by rpki-client on console-ams.rpki-client.org