Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/40D09E52FDF911EBAE721A7AD8A014CE.roa
File: 40D09E52FDF911EBAE721A7AD8A014CE.roa (raw, json)
Hash identifier: kM6TsGorF6axeGKnV8bsBNGrHobanIVvfd2H48jctNo=
Subject key identifier: 43:6B:90:9A:4C:FE:9D:0E:31:84:D6:31:88:07:03:51:9A:54:F4:19
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0627
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/40D09E52FDF911EBAE721A7AD8A014CE.roa
Signing time: Sun 15 Aug 2021 18:48:21 +0000
ROA not before: Sun 15 Aug 2021 18:48:18 +0000
ROA not after: Mon 15 Aug 2022 18:48:18 +0000
asID: 17216
IP address blocks: 154.16.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1575 (0x627)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Aug 15 18:48:18 2021 GMT
Not After : Aug 15 18:48:18 2022 GMT
Subject: CN=61196175-d098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:8c:f5:99:1c:85:f4:f0:f7:7d:d9:50:bc:58:
8c:df:e3:44:33:bc:69:68:e0:3b:db:12:bb:1a:a2:
39:9a:33:0e:4e:ed:70:5a:89:81:25:27:9d:e8:5f:
8b:28:06:6f:09:35:23:3c:d4:3b:20:e9:25:f2:d1:
3c:7d:06:70:fa:29:b8:80:2b:e5:53:a6:c6:43:65:
82:b9:bf:1f:bf:1a:e9:81:d3:e0:4a:6f:9d:7d:cb:
f4:81:ef:22:56:eb:57:9d:9c:24:5b:97:39:e2:67:
fa:5e:60:bf:df:db:91:f3:a0:bb:81:65:8d:3b:71:
f1:94:2d:c6:fd:86:ae:93:c2:89:05:71:4f:42:3e:
1d:6a:85:34:a9:3b:09:b1:37:88:15:83:a0:56:00:
ba:f8:b6:f2:27:d3:6d:4e:0f:fd:0d:35:02:e2:b7:
f5:6e:9c:a1:90:5b:3e:75:8b:c4:ca:d9:31:4b:7b:
41:8c:fb:63:87:a0:bf:7a:2b:e0:1c:0b:97:a5:f6:
16:e9:87:08:c9:9d:7c:9b:e4:9c:2d:14:20:b8:d8:
62:b5:2a:7a:de:f3:ad:e5:60:7b:07:44:ff:ab:7c:
49:54:5b:4e:41:d9:93:0b:ea:86:d8:70:fd:e4:a8:
c8:40:5c:72:22:98:26:e0:0e:9a:3b:b1:4b:d9:be:
7c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:6B:90:9A:4C:FE:9D:0E:31:84:D6:31:88:07:03:51:9A:54:F4:19
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/40D09E52FDF911EBAE721A7AD8A014CE.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.168.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:01:01:f6:08:2b:4e:64:e4:3b:ec:cc:15:99:1f:7f:79:c8:
0e:90:7c:62:92:88:7c:4c:34:1f:1e:2d:e9:19:45:43:bd:3d:
f0:8b:36:84:5a:39:6d:16:9c:96:b8:b3:bb:a2:3d:3f:2c:8d:
c2:dc:61:86:50:75:40:d8:48:28:1f:e1:58:62:5b:98:5c:15:
db:34:06:08:9b:2d:8e:c3:ab:34:de:ea:3a:59:a9:ee:0d:01:
8b:c6:96:32:13:3d:d9:1c:01:27:87:c9:b1:6d:74:5d:2b:e6:
21:7a:f9:ee:45:85:47:c9:54:33:eb:6e:c0:83:cb:73:e0:d3:
8e:7a:7a:07:74:5a:03:2b:18:01:20:7c:13:db:67:c5:d5:f9:
71:7d:4f:04:d3:3a:31:ab:a2:92:9e:59:3f:38:94:c2:b2:ba:
e6:a4:31:e5:ca:b5:32:76:d9:58:b9:0d:1f:23:aa:e8:c6:c0:
2d:c2:4e:46:79:02:c1:d4:c7:6b:24:bd:7f:f5:7d:6e:1e:53:
e9:5a:1e:2a:fc:81:e9:19:52:6d:b2:b5:8e:62:09:56:77:04:
0f:73:34:2f:bd:81:35:51:5b:45:82:b5:cc:aa:a3:ae:97:f5:
b8:01:4c:96:58:0c:a7:bf:b5:6b:76:98:5a:f0:ee:41:17:fa:
2b:47:ae:5c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBicwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMTA4MTUxODQ4MThaFw0yMjA4MTUxODQ4MThaMBgxFjAU
BgNVBAMMDTYxMTk2MTc1LWQwOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDkjPWZHIX08Pd92VC8WIzf40QzvGlo4DvbErsaojmaMw5O7XBaiYElJ53o
X4soBm8JNSM81Dsg6SXy0Tx9BnD6KbiAK+VTpsZDZYK5vx+/GumB0+BKb519y/SB
7yJW61ednCRblzniZ/peYL/f25HzoLuBZY07cfGULcb9hq6TwokFcU9CPh1qhTSp
OwmxN4gVg6BWALr4tvIn021OD/0NNQLit/VunKGQWz51i8TK2TFLe0GM+2OHoL96
K+AcC5el9hbphwjJnXyb5JwtFCC42GK1Knre863lYHsHRP+rfElUW05B2ZML6obY
cP3kqMhAXHIimCbgDpo7sUvZvnzZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQ2uQ
mkz+nQ4xhNYxiAcDUZpU9BkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQwRDA5RTUyRkRGOTExRUJBRTcyMUE3QUQ4QTAxNENFLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKaEKgwDQYJKoZIhvcNAQEL
BQADggEBAMkBAfYIK05k5DvszBWZH395yA6QfGKSiHxMNB8eLekZRUO9PfCLNoRa
OW0WnJa4s7uiPT8sjcLcYYZQdUDYSCgf4VhiW5hcFds0BgibLY7DqzTe6jpZqe4N
AYvGljITPdkcASeHybFtdF0r5iF6+e5FhUfJVDPrbsCDy3Pg0456egd0WgMrGAEg
fBPbZ8XV+XF9TwTTOjGropKeWT84lMKyuuakMeXKtTJ22Vi5DR8jqujGwC3CTkZ5
AsHUx2skvX/1fW4eU+laHir8gekZUm2ytY5iCVZ3BA9zNC+9gTVRW0WCtcyqo66X
9bgBTJZYDKe/tWt2mFrw7kEX+itHrlw=
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:04:16 2025 by rpki-client