Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36763E5/1D91ED9AF59C11E98BF85D43F8AEA228/AA887BEA462311EC8A2EE971D8A014CE.roa
File: AA887BEA462311EC8A2EE971D8A014CE.roa (raw, json)
Hash identifier: fuXybu4m0XRj5OItUZsGqkBbnc5MvLqJMS2qMfbHHuE=
Subject key identifier: F5:65:C4:FF:2B:4D:23:C0:F6:7F:04:18:10:B4:28:5E:5B:64:A4:E1
Certificate issuer: /CN=F36763E5AF/serialNumber=3D3839D5EE1D97B49315562831DCA0409331481F
Certificate serial: 0320
Authority key identifier: 3D:38:39:D5:EE:1D:97:B4:93:15:56:28:31:DC:A0:40:93:31:48:1F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/PTg51e4dl7STFVYoMdygQJMxSB8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36763E5/1D91ED9AF59C11E98BF85D43F8AEA228/AA887BEA462311EC8A2EE971D8A014CE.roa
Signing time: Mon 15 Nov 2021 14:52:34 +0000
ROA not before: Mon 15 Nov 2021 14:52:31 +0000
ROA not after: Mon 14 Nov 2022 14:52:31 +0000
asID: 37618
IP address blocks: 154.73.0.0/24 maxlen: 24
154.73.1.0/24 maxlen: 24
154.73.2.0/24 maxlen: 24
154.73.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 800 (0x320)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36763E5AF/serialNumber=3D3839D5EE1D97B49315562831DCA0409331481F
Validity
Not Before: Nov 15 14:52:31 2021 GMT
Not After : Nov 14 14:52:31 2022 GMT
Subject: CN=61927432-5fca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e3:ac:a6:88:bb:5e:03:d3:8b:e1:66:20:a4:
ed:95:27:c5:92:92:41:06:85:08:85:92:a3:98:c7:
90:42:7f:3c:84:e9:df:67:d8:de:eb:6f:03:d9:47:
40:cb:68:d0:f3:4c:52:b6:57:3d:36:39:92:8c:96:
53:cb:23:98:d6:f1:77:b0:87:b6:69:7b:e2:c0:54:
8d:c7:62:46:0d:59:3f:af:4c:6f:86:6e:fc:e0:56:
0a:4b:a9:fd:0c:bb:9c:ee:64:f5:af:b9:53:3f:92:
10:3c:10:5f:a4:be:61:e3:b4:cb:6c:7e:f9:1f:0f:
dd:7f:61:33:cf:40:bf:51:d8:c1:f3:58:e4:d3:c6:
92:58:7f:fa:d2:42:f0:5e:f2:90:69:2f:c1:60:98:
95:a8:6c:f7:20:cb:ce:69:22:02:0a:b4:78:f8:ca:
fd:e6:58:a7:bf:ca:ce:e7:1d:d4:ab:44:d3:a9:92:
05:18:a9:10:1c:f8:58:0b:96:98:74:30:3e:f3:81:
bd:6a:fd:17:47:fb:e4:70:1f:b3:80:c9:da:7a:52:
43:18:0b:78:e9:9e:dc:5a:63:da:53:30:6f:38:56:
6a:b0:7c:ce:b5:f2:25:4f:27:d8:96:a6:98:c3:75:
3a:83:d4:43:fa:90:d1:68:13:f6:6b:86:d7:84:29:
27:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:65:C4:FF:2B:4D:23:C0:F6:7F:04:18:10:B4:28:5E:5B:64:A4:E1
X509v3 Authority Key Identifier:
keyid:3D:38:39:D5:EE:1D:97:B4:93:15:56:28:31:DC:A0:40:93:31:48:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36763E5/1D91ED9AF59C11E98BF85D43F8AEA228/PTg51e4dl7STFVYoMdygQJMxSB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PTg51e4dl7STFVYoMdygQJMxSB8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36763E5/1D91ED9AF59C11E98BF85D43F8AEA228/AA887BEA462311EC8A2EE971D8A014CE.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.73.0.0/22
Signature Algorithm: sha256WithRSAEncryption
76:2b:a6:0d:28:f8:6d:33:8c:59:53:a1:06:b5:a5:ad:5a:51:
7d:51:35:87:1c:1a:fc:fc:23:5e:5e:38:4a:e0:44:a2:d5:9b:
3f:55:53:9d:85:7a:25:0a:29:a1:ef:bc:c6:f2:e2:e3:c4:7c:
92:e2:9c:fc:96:e6:ad:99:b5:1f:6d:67:94:5d:a7:b7:2a:ce:
c4:1e:42:cd:27:3d:37:fb:89:8c:20:78:76:ae:04:f3:e2:89:
ac:fe:0b:ea:9d:c2:04:8a:8d:c9:83:21:35:ba:65:c1:16:59:
0d:82:6f:48:4c:d5:a8:b7:73:56:03:9c:a1:8d:00:f5:85:16:
db:b2:7f:36:50:e4:44:e9:d8:d4:72:1f:d1:fa:e0:ca:7d:e3:
a6:43:c3:cf:b0:14:25:9b:49:49:fd:a6:cc:d1:c2:a5:43:af:
1a:ec:c6:dc:19:31:f2:bb:bb:34:f5:2f:67:42:36:88:11:0a:
de:c0:73:44:fb:58:4a:43:ab:6b:1c:81:16:cd:65:85:89:46:
10:b9:5e:98:ba:7e:fd:84:7b:f3:31:7a:7d:e1:df:32:8a:ea:
24:00:6c:4f:8f:26:5f:30:2c:66:5d:72:88:ea:3e:f7:79:a8:
d9:9a:06:99:7c:e2:78:7e:25:d8:62:82:02:b5:f0:17:b8:84:
a1:1d:d8:96
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAyAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NzYzRTVBRjExMC8GA1UEBRMoM0QzODM5RDVFRTFEOTdCNDkzMTU1NjI4MzFEQ0Ew
NDA5MzMxNDgxRjAeFw0yMTExMTUxNDUyMzFaFw0yMjExMTQxNDUyMzFaMBgxFjAU
BgNVBAMMDTYxOTI3NDMyLTVmY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDW46ymiLteA9OL4WYgpO2VJ8WSkkEGhQiFkqOYx5BCfzyE6d9n2N7rbwPZ
R0DLaNDzTFK2Vz02OZKMllPLI5jW8Xewh7Zpe+LAVI3HYkYNWT+vTG+GbvzgVgpL
qf0Mu5zuZPWvuVM/khA8EF+kvmHjtMtsfvkfD91/YTPPQL9R2MHzWOTTxpJYf/rS
QvBe8pBpL8FgmJWobPcgy85pIgIKtHj4yv3mWKe/ys7nHdSrRNOpkgUYqRAc+FgL
lph0MD7zgb1q/RdH++RwH7OAydp6UkMYC3jpntxaY9pTMG84VmqwfM618iVPJ9iW
ppjDdTqD1EP6kNFoE/ZrhteEKSchAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9WXE
/ytNI8D2fwQYELQoXltkpOEwHwYDVR0jBBgwFoAUPTg51e4dl7STFVYoMdygQJMx
SB8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc2M0U1LzFEOTFFRDlBRjU5QzExRTk4QkY4NUQ0M0Y4QUVBMjI4L1BUZzUx
ZTRkbDdTVEZWWW9NZHlnUUpNeFNCOC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1BUZzUxZTRkbDdTVEZWWW9NZHlnUUpNeFNCOC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc2M0U1LzFEOTFFRDlBRjU5QzExRTk4QkY4NUQ0M0Y4
QUVBMjI4L0FBODg3QkVBNDYyMzExRUM4QTJFRTk3MUQ4QTAxNENFLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKaSQAwDQYJKoZIhvcNAQEL
BQADggEBAHYrpg0o+G0zjFlToQa1pa1aUX1RNYccGvz8I15eOErgRKLVmz9VU52F
eiUKKaHvvMby4uPEfJLinPyW5q2ZtR9tZ5Rdp7cqzsQeQs0nPTf7iYwgeHauBPPi
iaz+C+qdwgSKjcmDITW6ZcEWWQ2Cb0hM1ai3c1YDnKGNAPWFFtuyfzZQ5ETp2NRy
H9H64Mp946ZDw8+wFCWbSUn9pszRwqVDrxrsxtwZMfK7uzT1L2dCNogRCt7Ac0T7
WEpDq2scgRbNZYWJRhC5Xpi6fv2Ee/Mxen3h3zKK6iQAbE+PJl8wLGZdcojqPvd5
qNmaBpl84nh+JdhiggK18Be4hKEd2JY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:09 2024 by rpki-client on console-fra.rpki-client.org