Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D60EC1FECCAC11EE8DC9BB69775412E6.roa
File: D60EC1FECCAC11EE8DC9BB69775412E6.roa (raw, json)
Hash identifier: lx9KUduGBrsh2ily4paFRZI8TK9m+dUgylbwtTk+nH0=
Subject key identifier: F4:AB:E6:8D:1E:47:C6:5D:32:86:1E:34:C4:CC:1A:E6:E0:1D:E3:2F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 8A75
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D60EC1FECCAC11EE8DC9BB69775412E6.roa
Signing time: Fri 16 Feb 2024 09:21:59 +0000
ROA not before: Fri 16 Feb 2024 09:21:56 +0000
ROA not after: Fri 26 Apr 2024 09:21:56 +0000
asID: 9009
IP address blocks: 154.218.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35445 (0x8a75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 16 09:21:56 2024 GMT
Not After : Apr 26 09:21:56 2024 GMT
Subject: CN=65cf2937-81b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b6:e2:9b:b2:b6:ef:ce:4a:82:47:95:1c:4b:
e5:f2:ea:6c:35:e6:68:4d:c8:7e:4c:e5:26:13:ad:
c3:c9:b3:3d:e3:7f:08:d6:c9:90:a1:cd:96:72:21:
48:7f:ab:13:e0:c7:39:8e:d9:da:4d:19:d6:9c:0e:
29:54:8e:1b:2c:22:74:0a:28:76:dd:25:5b:e7:2f:
b9:e1:14:97:5c:46:e8:ca:37:0f:dc:bc:ab:76:9c:
0c:bf:8f:af:b7:5a:57:d2:55:22:77:b1:a5:dc:e4:
f6:d1:c9:26:45:fb:a2:d7:3c:ed:3c:8d:3c:d6:64:
1d:d9:78:33:b3:52:c3:1f:55:76:ca:eb:15:3d:eb:
47:b6:48:61:02:08:43:20:a7:c3:c7:da:ae:ea:6c:
d3:5b:e9:11:4a:21:da:f1:df:40:d9:04:a4:06:21:
66:d9:fc:dc:30:ce:22:39:4e:2e:88:f7:8e:be:11:
72:6b:38:01:7e:93:d0:71:84:27:d5:f7:59:54:14:
97:11:21:e5:3b:be:3c:5c:e4:c6:7d:8f:03:ca:d3:
c9:aa:f3:4d:cf:71:ea:f7:e8:ab:fc:ca:8b:43:9c:
9e:b0:6b:b0:a7:48:6d:d1:9b:e6:1a:56:94:8a:3b:
fa:1d:b2:be:0f:47:c4:db:8d:a3:d2:fe:5f:5a:bd:
48:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AB:E6:8D:1E:47:C6:5D:32:86:1E:34:C4:CC:1A:E6:E0:1D:E3:2F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D60EC1FECCAC11EE8DC9BB69775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.219.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:bc:a1:a0:4d:61:bb:af:8a:46:29:10:60:ff:e5:de:c7:89:
ff:3d:f7:09:0d:82:00:7e:fe:61:48:2f:18:f5:f7:ce:7f:6b:
f7:1f:68:ab:75:e4:6d:a6:cb:d2:56:aa:d8:eb:1d:ef:95:18:
4f:b2:83:78:48:e7:bd:72:64:3c:b4:bb:45:ee:fc:e9:71:1d:
c6:11:63:54:d5:a1:6a:c5:da:5e:da:db:2c:72:0e:a0:0c:96:
cb:71:98:90:c2:52:c6:22:dd:9d:06:ed:77:a7:10:99:f3:2c:
d7:ae:37:4e:a8:f6:38:1a:a8:6c:c5:f5:f4:aa:07:63:9f:27:
29:e6:98:84:e1:9c:c5:43:85:4f:34:18:9d:98:07:97:51:b0:
e3:b1:72:9e:71:0c:c8:4b:b6:93:92:7d:5f:dc:32:5e:6d:bc:
6c:0e:4d:03:95:cf:ac:92:99:14:68:08:17:6e:f4:35:0e:ce:
6b:c1:bd:bc:4a:36:d3:40:00:f1:01:33:d5:bd:3a:76:4f:72:
de:9c:28:a2:1e:4c:ba:f4:b2:a9:d2:14:97:bf:d5:2a:6b:53:
a2:c6:da:ef:5a:0a:74:1d:68:5d:99:83:45:aa:ef:3b:12:db:
1d:8a:d3:4d:16:b6:a3:f0:0b:2c:c5:14:31:b8:e8:0e:25:43:
df:63:0c:14
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIp1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjE2MDkyMTU2WhcNMjQwNDI2MDkyMTU2WjAYMRYw
FAYDVQQDEw02NWNmMjkzNy04MWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArrbim7K2785KgkeVHEvl8upsNeZoTch+TOUmE63DybM9438I1smQoc2W
ciFIf6sT4Mc5jtnaTRnWnA4pVI4bLCJ0Cih23SVb5y+54RSXXEboyjcP3LyrdpwM
v4+vt1pX0lUid7Gl3OT20ckmRfui1zztPI081mQd2Xgzs1LDH1V2yusVPetHtkhh
AghDIKfDx9qu6mzTW+kRSiHa8d9A2QSkBiFm2fzcMM4iOU4uiPeOvhFyazgBfpPQ
cYQn1fdZVBSXESHlO748XOTGfY8DytPJqvNNz3Hq9+ir/MqLQ5yesGuwp0ht0Zvm
GlaUijv6HbK+D0fE242j0v5fWr1IswIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPSr
5o0eR8ZdMoYeNMTMGubgHeMvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENjBFQzFGRUNDQUMxMUVFOERDOUJCNjk3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtrbMA0GCSqGSIb3DQEB
CwUAA4IBAQCMvKGgTWG7r4pGKRBg/+Xex4n/PfcJDYIAfv5hSC8Y9ffOf2v3H2ir
deRtpsvSVqrY6x3vlRhPsoN4SOe9cmQ8tLtF7vzpcR3GEWNU1aFqxdpe2tsscg6g
DJbLcZiQwlLGIt2dBu13pxCZ8yzXrjdOqPY4GqhsxfX0qgdjnycp5piE4ZzFQ4VP
NBidmAeXUbDjsXKecQzIS7aTkn1f3DJebbxsDk0Dlc+skpkUaAgXbvQ1Ds5rwb28
SjbTQADxATPVvTp2T3LenCiiHky69LKp0hSXv9Uqa1OixtrvWgp0HWhdmYNFqu87
EtsditNNFraj8AssxRQxuOgOJUPfYwwU
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:01:49 2024 by rpki-client on console-ams.rpki-client.org