Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB454B04014311EFBA9B7A33017001B1.roa
File: DB454B04014311EFBA9B7A33017001B1.roa (raw, json)
Hash identifier: HJoXoDCF9ZpQwM7BoXSQBKgedHuaJ9FeXps4y0ZGuQg=
Subject key identifier: 56:1A:02:8E:BA:DA:12:24:4A:AD:C6:75:07:DA:C7:A4:6D:EB:3E:2F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AEF1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB454B04014311EFBA9B7A33017001B1.roa
Signing time: Tue 23 Apr 2024 07:34:03 +0000
ROA not before: Tue 23 Apr 2024 07:33:59 +0000
ROA not after: Sat 11 May 2024 07:33:59 +0000
asID: 7029
IP address blocks: 154.194.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44785 (0xaef1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 23 07:33:59 2024 GMT
Not After : May 11 07:33:59 2024 GMT
Subject: CN=6627646a-034d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5b:0f:42:cc:85:d4:0b:2c:db:e6:e7:08:49:
7c:79:33:1c:bf:e1:fc:43:e0:6e:6b:af:64:3c:1e:
9d:14:0b:0f:f1:85:99:73:15:30:6d:62:2e:3f:ee:
69:15:51:7c:ca:1d:4a:e5:8a:79:b6:be:c8:b3:d0:
8f:f9:36:65:e2:23:9c:db:23:92:c0:d9:6a:b2:06:
da:b7:6a:8e:4d:8b:29:f3:68:c8:84:38:07:28:2a:
d1:bf:c4:12:7d:88:2c:d6:af:0f:d8:69:41:14:0d:
9d:c0:cb:22:bc:7d:d6:d1:e4:d1:b5:a6:14:37:8f:
21:4e:f9:74:f7:6e:c6:48:02:b9:2e:d1:8e:29:1b:
20:9d:bf:9a:f2:9f:de:42:44:26:e9:62:8e:a6:7a:
dc:ba:a3:3d:d9:2c:26:1d:ba:38:44:a4:15:52:a2:
4d:59:c4:86:7b:25:e0:a9:66:3f:da:60:3e:5a:a9:
f8:d7:d7:37:4e:c2:5e:7d:33:a0:14:c7:18:c8:33:
0f:63:12:31:88:ee:40:44:33:8a:d7:d5:1d:89:1c:
08:ce:82:96:75:40:9d:ad:ae:f6:68:3d:ae:5e:0d:
48:15:f2:08:c9:78:bc:85:26:a4:dc:80:5f:51:b8:
f5:15:ce:c3:6c:7d:5e:bb:43:8b:44:b9:3d:c0:6c:
75:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1A:02:8E:BA:DA:12:24:4A:AD:C6:75:07:DA:C7:A4:6D:EB:3E:2F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB454B04014311EFBA9B7A33017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.16.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:2f:7f:06:88:f7:31:f2:ba:0d:5d:e7:f7:36:ba:9e:5e:1f:
41:2a:ef:ae:5f:2f:92:4f:9c:9c:b3:31:a9:42:fa:98:44:c2:
1e:0e:dd:4e:fc:9d:2d:ac:94:b2:1f:fe:ba:73:81:2c:41:df:
dc:3a:84:c8:6b:a8:a9:83:df:da:69:ab:0d:0e:58:2b:57:5c:
cf:af:19:15:a0:30:16:9f:45:fe:39:d0:eb:47:02:6e:b2:53:
6c:b2:3b:07:9c:f7:a7:e7:9a:46:a4:59:f7:45:7b:94:66:a6:
df:db:9b:02:02:d3:23:93:c2:55:f0:91:9e:91:02:0a:88:26:
75:61:25:e9:ed:fc:72:1e:f3:6e:2c:30:ed:a4:61:0f:96:14:
35:b2:b0:5c:04:c9:cd:22:13:35:0f:3f:81:71:1c:12:f7:ac:
01:47:00:85:b1:82:aa:25:b3:ff:c7:54:e4:0c:e0:f8:e4:8a:
c3:f5:eb:2b:e7:1a:24:b1:c5:08:a4:8b:e6:6e:a0:a7:55:4b:
02:70:98:98:b6:84:aa:ce:68:41:04:47:48:49:3c:c0:d5:35:
ba:52:36:f8:33:95:93:50:eb:88:25:b0:87:41:ba:13:88:c2:
57:82:e4:d9:21:09:3f:88:d6:ef:f5:ef:ff:16:36:bd:6d:1f:
bb:3a:a6:8a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK7xMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDIzMDczMzU5WhcNMjQwNTExMDczMzU5WjAYMRYw
FAYDVQQDEw02NjI3NjQ2YS0wMzRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2lsPQsyF1Ass2+bnCEl8eTMcv+H8Q+Bua69kPB6dFAsP8YWZcxUwbWIu
P+5pFVF8yh1K5Yp5tr7Is9CP+TZl4iOc2yOSwNlqsgbat2qOTYsp82jIhDgHKCrR
v8QSfYgs1q8P2GlBFA2dwMsivH3W0eTRtaYUN48hTvl0927GSAK5LtGOKRsgnb+a
8p/eQkQm6WKOpnrcuqM92SwmHbo4RKQVUqJNWcSGeyXgqWY/2mA+Wqn419c3TsJe
fTOgFMcYyDMPYxIxiO5ARDOK19UdiRwIzoKWdUCdra72aD2uXg1IFfIIyXi8hSak
3IBfUbj1Fc7DbH1eu0OLRLk9wGx12wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFYa
Ao662hIkSq3GdQfax6Rt6z4vMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQjQ1NEIwNDAxNDMxMUVGQkE5QjdBMzMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsIQMA0GCSqGSIb3DQEB
CwUAA4IBAQDBL38GiPcx8roNXef3NrqeXh9BKu+uXy+ST5ycszGpQvqYRMIeDt1O
/J0trJSyH/66c4EsQd/cOoTIa6ipg9/aaasNDlgrV1zPrxkVoDAWn0X+OdDrRwJu
slNssjsHnPen55pGpFn3RXuUZqbf25sCAtMjk8JV8JGekQIKiCZ1YSXp7fxyHvNu
LDDtpGEPlhQ1srBcBMnNIhM1Dz+BcRwS96wBRwCFsYKqJbP/x1TkDOD45IrD9esr
5xokscUIpIvmbqCnVUsCcJiYtoSqzmhBBEdISTzA1TW6Ujb4M5WTUOuIJbCHQboT
iMJXguTZIQk/iNbv9e//Fja9bR+7OqaK
-----END CERTIFICATE-----
Generated at Sun May 12 01:39:48 2024 by rpki-client on console-fra.rpki-client.org