Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2AF1079838A111EBB57A9C69F8AEA228.roa
File: 2AF1079838A111EBB57A9C69F8AEA228.roa (raw, json)
Hash identifier: REJOdnk0NV+e2V0u5/lGNfvLWq4rQjPJviJgzbOP0lk=
Subject key identifier: CD:E6:15:EB:27:02:9A:23:B0:89:46:89:02:34:38:5C:3E:B6:00:A8
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0445
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2AF1079838A111EBB57A9C69F8AEA228.roa
Signing time: Mon 07 Dec 2020 15:30:43 +0000
ROA not before: Mon 07 Dec 2020 15:30:38 +0000
ROA not after: Wed 07 Dec 2022 15:30:38 +0000
asID: 212238
IP address blocks: 154.16.29.0/24 maxlen: 24
154.16.97.0/24 maxlen: 24
154.16.165.0/24 maxlen: 24
154.16.172.0/24 maxlen: 24
154.16.197.0/24 maxlen: 24
154.16.198.0/24 maxlen: 24
154.16.199.0/24 maxlen: 24
154.16.201.0/24 maxlen: 24
154.16.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1093 (0x445)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Dec 7 15:30:38 2020 GMT
Not After : Dec 7 15:30:38 2022 GMT
Subject: CN=5fce4aa3-d270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:12:3d:cf:67:be:24:0f:73:9b:4c:74:d4:2f:
fa:ca:bc:37:a8:7c:cf:05:d6:36:4a:42:d0:61:ca:
ca:28:60:af:c1:c3:48:7c:8d:ef:78:96:6d:65:f2:
f3:99:cd:d1:8c:3e:df:37:ae:f2:a5:40:b5:6a:e8:
a3:37:ce:9b:4b:03:65:4c:49:88:27:f2:e3:2a:5a:
7d:71:6f:d2:29:65:92:9d:d1:db:09:1b:17:f7:cc:
6b:85:cc:5a:2c:c9:ab:f1:04:3d:fe:5c:ca:75:89:
22:5a:1f:be:36:1f:59:28:ff:13:32:6c:16:b6:9b:
19:38:4e:d1:3c:f5:de:0e:cc:5a:b7:e0:fa:03:ca:
ab:2a:86:5f:21:af:5c:ed:36:40:f4:10:ce:06:63:
46:2a:9e:ee:dd:2f:bd:5b:83:a6:eb:98:14:38:9f:
39:44:fc:91:92:90:7c:1d:ce:f3:22:91:08:09:70:
cf:7a:7c:e6:1e:65:01:d0:a5:b8:10:16:a4:e7:af:
d7:29:eb:7b:94:a8:9e:3d:e4:2c:9d:2b:4a:a0:08:
ff:82:00:7c:19:26:44:77:18:72:9a:1b:84:4c:36:
d5:b2:f2:24:af:67:b3:28:e6:dc:93:a7:20:d2:fe:
ec:63:bc:8e:b4:93:b4:c8:4d:ff:b7:65:a9:fd:cb:
ef:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:E6:15:EB:27:02:9A:23:B0:89:46:89:02:34:38:5C:3E:B6:00:A8
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2AF1079838A111EBB57A9C69F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.29.0/24
154.16.97.0/24
154.16.165.0/24
154.16.172.0/24
154.16.197.0-154.16.199.255
154.16.201.0/24
154.16.224.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:d5:4b:eb:3c:64:ce:78:24:77:d8:d1:17:4a:c0:8d:89:cd:
d2:62:2f:cd:34:8d:e7:ae:df:26:f1:95:27:79:99:2a:cd:cf:
44:0e:02:54:1a:3e:db:1d:3a:37:f2:a8:00:f9:e9:db:b0:2c:
1e:b0:bd:74:7b:93:ff:a6:ce:ea:24:ca:3d:6d:9c:24:5c:be:
84:c3:e9:94:8c:a2:e8:6a:01:72:1e:50:ec:48:61:3e:4a:ce:
67:20:00:80:10:3b:17:d8:c6:51:38:10:83:92:7b:d3:a6:2d:
3d:bb:e8:34:99:45:4e:e2:fd:a0:88:13:ba:78:e5:da:94:4b:
6d:87:a3:bf:4e:55:2d:f4:09:47:6d:b9:24:07:eb:3b:17:4b:
8a:33:c8:5e:b7:68:ca:4a:e4:c4:31:21:91:ba:10:1d:d5:fb:
b7:ff:17:13:ac:70:da:14:f1:d2:9d:be:79:1c:04:0a:c2:15:
ca:a7:00:ff:4d:a4:5e:e5:67:07:2f:4e:90:d1:39:26:a5:8c:
d8:68:c8:e1:c1:9c:eb:96:3b:a8:0b:69:c6:e9:99:80:9b:93:
5c:d9:7c:c6:7e:bc:f4:79:4b:45:e5:7e:ef:af:fc:6e:86:15:
5e:88:eb:7a:f3:7f:83:bc:8c:3a:b3:9d:a9:89:c6:81:1b:66:
ec:dd:2c:da
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICBEUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMDEyMDcxNTMwMzhaFw0yMjEyMDcxNTMwMzhaMBgxFjAU
BgNVBAMTDTVmY2U0YWEzLWQyNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDTEj3PZ74kD3ObTHTUL/rKvDeofM8F1jZKQtBhysooYK/Bw0h8je94lm1l
8vOZzdGMPt83rvKlQLVq6KM3zptLA2VMSYgn8uMqWn1xb9IpZZKd0dsJGxf3zGuF
zFosyavxBD3+XMp1iSJaH742H1ko/xMybBa2mxk4TtE89d4OzFq34PoDyqsqhl8h
r1ztNkD0EM4GY0Yqnu7dL71bg6brmBQ4nzlE/JGSkHwdzvMikQgJcM96fOYeZQHQ
pbgQFqTnr9cp63uUqJ495CydK0qgCP+CAHwZJkR3GHKaG4RMNtWy8iSvZ7Mo5tyT
pyDS/uxjvI60k7TITf+3Zan9y+97AgMBAAGjggLRMIICzTAdBgNVHQ4EFgQUzeYV
6ycCmiOwiUaJAjQ4XD62AKgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzJBRjEwNzk4MzhBMTExRUJCNTdBOUM2OUY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwSwYIKwYBBQUHAQcBAf8EPDA6MDgEAgABMDIDBACaEB0DBACaEGEDBACaEKUD
BACaEKwwDAMEAJoQxQMEA5oQwAMEAJoQyQMEAJoQ4DANBgkqhkiG9w0BAQsFAAOC
AQEAt9VL6zxkzngkd9jRF0rAjYnN0mIvzTSN567fJvGVJ3mZKs3PRA4CVBo+2x06
N/KoAPnp27AsHrC9dHuT/6bO6iTKPW2cJFy+hMPplIyi6GoBch5Q7EhhPkrOZyAA
gBA7F9jGUTgQg5J706YtPbvoNJlFTuL9oIgTunjl2pRLbYejv05VLfQJR225JAfr
OxdLijPIXrdoykrkxDEhkboQHdX7t/8XE6xw2hTx0p2+eRwECsIVyqcA/02kXuVn
By9OkNE5JqWM2GjI4cGc65Y7qAtpxumZgJuTXNl8xn689HlLReV+76/8boYVXojr
evN/g7yMOrOdqYnGgRtm7N0s2g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:57 2023 by rpki-client on console-ams.rpki-client.org