Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0F3E63C2353011EE845320244AD9E6FC.roa
File: 0F3E63C2353011EE845320244AD9E6FC.roa (raw, json)
Hash identifier: bCZQzV28wdT2FyiDKVuqwO2mWtF0fZzpLHMK+QKTW/0=
Subject key identifier: DE:CE:F7:7A:EA:F7:39:0B:13:25:6D:31:58:3B:F5:F0:C7:14:BC:64
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 111C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0F3E63C2353011EE845320244AD9E6FC.roa
Signing time: Mon 07 Aug 2023 14:38:23 +0000
ROA not before: Mon 07 Aug 2023 14:38:17 +0000
ROA not after: Wed 07 Aug 2024 14:38:17 +0000
asID: 834
IP address blocks: 154.16.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4380 (0x111c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Aug 7 14:38:17 2023 GMT
Not After : Aug 7 14:38:17 2024 GMT
Subject: CN=64d101de-c771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c5:68:38:25:2e:08:b0:63:9e:72:8c:5f:e6:
13:60:2c:c1:a0:8b:6e:e9:1a:e2:94:ab:7b:98:dd:
7c:b5:b5:75:16:c5:d7:ff:0c:b4:74:22:e7:20:5c:
b0:bd:55:a3:ee:3a:d7:75:cc:25:56:e7:f5:7c:59:
1e:0a:88:17:ea:d8:5f:38:ee:d0:03:43:84:1e:c0:
c9:da:95:b0:59:34:29:ce:1b:7a:3c:fd:27:de:a6:
33:cd:a5:96:45:48:2c:48:16:02:4e:e2:b7:85:70:
34:4a:6b:48:92:2b:51:80:b1:12:f5:16:3a:eb:8a:
ff:47:34:72:d1:17:bd:d1:38:14:68:8d:3f:f0:a5:
21:75:b9:3a:3f:c8:25:a8:6c:e6:24:29:89:46:f1:
09:82:32:00:9e:09:66:d9:db:ca:d1:07:0b:b4:26:
4c:96:6d:8c:0c:af:83:2c:14:fb:2b:52:b1:69:52:
d5:89:c4:03:d7:77:77:64:ec:af:ef:63:2a:a3:ac:
91:19:53:4a:0c:16:7c:b9:b4:34:54:ce:e1:6c:b8:
6b:da:ef:b8:44:95:63:20:db:7f:fa:70:4a:dd:a9:
e7:c8:83:53:60:7c:34:bb:e2:19:47:1e:da:d0:03:
95:fd:50:81:0a:01:61:62:43:85:8a:f9:4f:e8:3f:
0c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:CE:F7:7A:EA:F7:39:0B:13:25:6D:31:58:3B:F5:F0:C7:14:BC:64
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0F3E63C2353011EE845320244AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.241.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:00:ec:02:81:b6:37:0a:14:01:7f:04:7c:5c:84:f6:2f:47:
b0:5b:3d:cd:28:fc:a0:16:7f:8a:0d:c6:71:b9:fc:48:bf:3f:
e5:e9:b7:b8:df:bd:51:67:29:a0:61:7b:6d:6f:fa:0e:f6:22:
59:d2:2d:5d:62:34:ab:ff:fb:01:de:6d:eb:ca:53:b7:02:5a:
50:e5:d6:7e:33:d6:7a:b6:0a:70:0a:d4:6d:f2:b4:db:e0:d1:
c7:0b:b8:82:b0:b6:3c:42:4e:ff:15:e0:ac:45:a4:e6:3b:db:
e3:61:7c:c5:50:a5:8a:ea:4d:40:a9:0c:d8:d9:99:e5:6a:62:
0c:06:56:66:23:35:5e:75:45:e7:c2:be:67:49:02:73:66:cb:
c0:47:6b:5d:c9:81:a7:1f:6a:69:19:9e:0a:ef:f1:1b:7a:59:
ce:88:28:70:eb:b9:f5:55:19:72:0a:05:0f:b8:2e:2d:73:cf:
db:b8:24:7d:d9:31:27:f3:d3:ce:e5:bd:b2:07:05:f6:b7:38:
d4:4f:18:27:a7:74:51:49:b7:fb:45:88:9a:f6:6d:64:77:1f:
ee:37:45:4b:1a:86:ab:eb:2f:c3:b6:4c:c9:28:e1:34:41:10:
b7:d6:fe:2c:94:ab:f3:13:ff:db:51:11:ec:5e:8d:b4:be:bd:
a4:6c:c4:9a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICERwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MDcxNDM4MTdaFw0yNDA4MDcxNDM4MTdaMBgxFjAU
BgNVBAMTDTY0ZDEwMWRlLWM3NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2xWg4JS4IsGOecoxf5hNgLMGgi27pGuKUq3uY3Xy1tXUWxdf/DLR0Iucg
XLC9VaPuOtd1zCVW5/V8WR4KiBfq2F847tADQ4QewMnalbBZNCnOG3o8/SfepjPN
pZZFSCxIFgJO4reFcDRKa0iSK1GAsRL1Fjrriv9HNHLRF73ROBRojT/wpSF1uTo/
yCWobOYkKYlG8QmCMgCeCWbZ28rRBwu0JkyWbYwMr4MsFPsrUrFpUtWJxAPXd3dk
7K/vYyqjrJEZU0oMFny5tDRUzuFsuGva77hElWMg23/6cErdqefIg1NgfDS74hlH
HtrQA5X9UIEKAWFiQ4WK+U/oPwwNAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU3s73
eur3OQsTJW0xWDv18McUvGQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzBGM0U2M0MyMzUzMDExRUU4NDUzMjAyNDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPEwDQYJKoZIhvcNAQEL
BQADggEBAE8A7AKBtjcKFAF/BHxchPYvR7BbPc0o/KAWf4oNxnG5/Ei/P+Xpt7jf
vVFnKaBhe21v+g72IlnSLV1iNKv/+wHebevKU7cCWlDl1n4z1nq2CnAK1G3ytNvg
0ccLuIKwtjxCTv8V4KxFpOY72+NhfMVQpYrqTUCpDNjZmeVqYgwGVmYjNV51RefC
vmdJAnNmy8BHa13JgacfamkZngrv8Rt6Wc6IKHDrufVVGXIKBQ+4Li1zz9u4JH3Z
MSfz087lvbIHBfa3ONRPGCendFFJt/tFiJr2bWR3H+43RUsahqvrL8O2TMko4TRB
ELfW/iyUq/MT/9tREexejbS+vaRsxJo=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:45:11 2025 by rpki-client