Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/08E61BC8A7AE11EE91C56A5D775412E6.roa
File: 08E61BC8A7AE11EE91C56A5D775412E6.roa (raw, json)
Hash identifier: EXVUXkOshbJCEs5Pgxsu5S+6KVObINhsEQG4/slVjAc=
Subject key identifier: 3B:2B:B3:78:D5:35:6A:FA:2A:34:96:28:AC:CA:4F:32:0B:9B:46:1E
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 142D
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/08E61BC8A7AE11EE91C56A5D775412E6.roa
Signing time: Sun 31 Dec 2023 07:27:21 +0000
ROA not before: Sun 31 Dec 2023 07:27:18 +0000
ROA not after: Thu 30 Jan 2025 07:27:18 +0000
asID: 216414
IP address blocks: 154.16.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5165 (0x142d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 31 07:27:18 2023 GMT
Not After : Jan 30 07:27:18 2025 GMT
Subject: CN=659117d9-3e19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6d:09:96:a4:d6:c2:6c:8a:67:20:4d:07:c2:
2a:22:77:72:49:da:d5:fc:a2:de:2e:ca:5f:b7:9e:
34:98:74:7e:a4:87:82:87:a6:f8:ef:37:a5:b4:9a:
cd:62:32:d0:4e:3a:e6:93:bc:54:c8:a7:40:7d:4b:
fe:d0:ca:51:77:4e:e3:27:ef:f5:ea:d5:bd:0a:8a:
95:1a:66:99:d1:82:32:e9:46:7b:23:4b:de:13:a4:
bd:b4:a1:38:d3:a3:20:39:08:5c:0a:a2:2a:ea:20:
66:df:18:d3:e4:64:31:bd:d0:19:f6:7f:d2:03:d5:
bd:3f:11:c1:ff:99:f5:c5:e7:a5:b3:9c:00:d2:21:
11:c3:89:5f:c9:7c:d8:75:c0:1e:55:73:cc:85:95:
89:9c:fb:bc:8d:4c:bb:59:6c:19:54:9f:79:0e:fd:
d9:19:ce:4c:da:cf:01:c1:21:e9:23:92:35:2f:e0:
81:89:c8:68:42:09:70:b0:c5:f1:50:cd:5b:60:8e:
65:4d:96:f0:96:83:49:a6:ed:a4:dd:da:78:47:5e:
0b:ac:54:d8:33:50:d2:b6:53:6f:13:f5:44:85:0d:
f7:fe:2f:d8:ad:84:4c:13:8b:d1:6a:05:d1:81:c0:
f2:f0:e5:02:32:fc:13:d8:27:82:7e:60:d5:58:fa:
9f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:2B:B3:78:D5:35:6A:FA:2A:34:96:28:AC:CA:4F:32:0B:9B:46:1E
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/08E61BC8A7AE11EE91C56A5D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.208.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:69:43:e4:0a:ea:83:7f:50:fd:d4:0c:a2:70:19:aa:d8:d4:
82:1b:10:89:70:c2:67:fb:5b:41:49:9f:5b:ab:b0:be:7b:65:
96:06:ee:47:6e:0a:cd:fc:89:76:16:8e:df:3a:2d:00:8b:7c:
5a:bb:86:0d:bd:c5:74:e2:04:70:b2:98:e0:9b:00:4e:60:cd:
a1:80:d7:76:3a:f0:0c:43:b0:72:9c:52:59:22:ab:ef:c8:f1:
53:15:d4:c6:da:1d:2c:d3:ab:77:e0:3e:00:80:7e:c9:30:3f:
f6:1e:58:70:b0:74:94:bb:aa:76:9b:ce:d3:1a:31:1e:66:e3:
43:de:e9:68:0f:17:53:83:c4:54:2f:d0:50:cf:ce:ed:7e:9e:
a9:01:f8:07:d1:0e:d0:5a:79:6e:fc:00:11:54:76:76:c8:33:
56:1d:1e:25:03:d6:da:7d:88:2d:33:28:f7:d6:09:05:7d:3e:
d3:80:e0:36:d7:2f:c0:01:c1:09:a9:cd:6f:af:1a:b1:d8:f6:
ec:0d:e0:2f:1b:a5:1b:d6:34:8e:99:7e:48:bb:75:aa:85:7a:
70:78:dc:b1:5a:c4:c6:e3:aa:36:4b:f6:0c:45:cc:1e:e0:a3:
78:78:b2:23:13:f4:50:04:bb:c7:25:99:24:44:72:d1:2c:8d:
7f:62:78:93
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFC0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzEyMzEwNzI3MThaFw0yNTAxMzAwNzI3MThaMBgxFjAU
BgNVBAMTDTY1OTExN2Q5LTNlMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAbQmWpNbCbIpnIE0Hwioid3JJ2tX8ot4uyl+3njSYdH6kh4KHpvjvN6W0
ms1iMtBOOuaTvFTIp0B9S/7QylF3TuMn7/Xq1b0KipUaZpnRgjLpRnsjS94TpL20
oTjToyA5CFwKoirqIGbfGNPkZDG90Bn2f9ID1b0/EcH/mfXF56WznADSIRHDiV/J
fNh1wB5Vc8yFlYmc+7yNTLtZbBlUn3kO/dkZzkzazwHBIekjkjUv4IGJyGhCCXCw
xfFQzVtgjmVNlvCWg0mm7aTd2nhHXgusVNgzUNK2U28T9USFDff+L9ithEwTi9Fq
BdGBwPLw5QIy/BPYJ4J+YNVY+p+LAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUOyuz
eNU1avoqNJYorMpPMgubRh4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzA4RTYxQkM4QTdBRTExRUU5MUM1NkE1RDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENAwDQYJKoZIhvcNAQEL
BQADggEBALVpQ+QK6oN/UP3UDKJwGarY1IIbEIlwwmf7W0FJn1ursL57ZZYG7kdu
Cs38iXYWjt86LQCLfFq7hg29xXTiBHCymOCbAE5gzaGA13Y68AxDsHKcUlkiq+/I
8VMV1MbaHSzTq3fgPgCAfskwP/YeWHCwdJS7qnabztMaMR5m40Pe6WgPF1ODxFQv
0FDPzu1+nqkB+AfRDtBaeW78ABFUdnbIM1YdHiUD1tp9iC0zKPfWCQV9PtOA4DbX
L8ABwQmpzW+vGrHY9uwN4C8bpRvWNI6Zfki7daqFenB43LFaxMbjqjZL9gxFzB7g
o3h4siMT9FAEu8clmSREctEsjX9ieJM=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:50:48 2025 by rpki-client