Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4766A49E496211EE82F70D3E4AD9E6FC.roa
File: 4766A49E496211EE82F70D3E4AD9E6FC.roa (raw, json)
Hash identifier: ECXlu8RgjHVX1KfNrZOY9yOZFAEIXzhaMof81aTkFaE=
Subject key identifier: 93:79:50:7D:CC:BA:78:1C:29:8C:EB:EB:BC:54:53:88:A4:A9:22:BE
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 11EE
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4766A49E496211EE82F70D3E4AD9E6FC.roa
Signing time: Sat 02 Sep 2023 07:28:15 +0000
ROA not before: Sat 02 Sep 2023 07:28:12 +0000
ROA not after: Tue 03 Sep 2024 07:28:12 +0000
asID: 834
IP address blocks: 154.16.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4590 (0x11ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Sep 2 07:28:12 2023 GMT
Not After : Sep 3 07:28:12 2024 GMT
Subject: CN=64f2e40f-a3b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:24:a7:be:8d:a9:69:bd:bd:2a:af:47:fb:3c:
40:c6:05:b6:e7:3c:01:07:a8:95:8e:13:9a:13:67:
29:92:6f:db:3e:dd:db:df:9c:5e:00:27:d8:dd:3c:
c7:7b:fc:49:7d:4c:d5:3c:0f:66:ae:25:7f:31:d8:
e8:c3:4c:ed:ad:af:4c:7c:95:ef:6e:d2:21:19:5e:
9a:f3:5c:50:d6:6b:d0:76:87:8a:61:b3:b3:1d:c8:
fa:be:a1:07:8e:86:91:aa:03:f4:fc:e9:7b:02:16:
2c:c4:2c:78:ed:a5:c3:4b:47:4d:5d:16:e8:dc:63:
ac:e6:f7:b4:90:31:a9:21:12:e2:27:25:8a:86:b0:
d8:c0:5d:c9:76:41:c6:55:7e:91:8c:87:c6:35:3c:
14:2f:16:97:50:b4:01:ee:4d:3e:60:a4:9f:46:bc:
b8:6b:b4:e7:bd:1e:f5:be:7b:58:ee:3c:a2:a5:ba:
aa:30:cd:9b:67:0d:19:6d:3b:a3:42:c7:8d:9c:f7:
c5:c3:bb:6d:7c:c5:c7:f0:74:d1:0b:9c:3b:10:04:
31:c8:82:22:fb:7a:99:09:c8:8c:41:0a:ae:0a:db:
42:aa:02:58:90:29:b6:22:a7:22:c8:37:4e:11:22:
e2:46:b2:60:bb:c5:fa:c5:cb:f0:72:91:d1:ec:54:
5d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:79:50:7D:CC:BA:78:1C:29:8C:EB:EB:BC:54:53:88:A4:A9:22:BE
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4766A49E496211EE82F70D3E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.3.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:36:03:e0:e1:c4:80:14:22:bc:93:21:2b:6f:6d:cb:54:db:
b9:e5:c6:f0:24:75:48:34:64:3e:7d:b3:cb:a9:70:4f:e6:1e:
c6:7a:49:dc:e9:48:66:48:8a:cd:11:dd:23:31:11:ae:88:c9:
3d:11:14:b2:d4:5f:e3:f8:7b:dc:5a:28:d5:a0:ff:36:b4:1e:
de:30:4d:15:ce:e9:af:00:84:f6:c0:0c:c8:c7:21:ad:18:c2:
78:8c:22:c6:be:c6:26:10:c7:33:7f:0d:a4:38:37:0d:00:7a:
1a:63:b5:d3:76:df:ba:f3:b2:19:13:88:e2:40:d4:07:0e:27:
2f:8c:36:ea:8b:a4:c8:9a:81:62:92:43:9e:96:c5:43:9d:01:
67:d7:62:f8:70:0e:94:71:95:51:48:45:fb:1a:15:43:cb:29:
a4:2c:37:90:b3:cc:8b:cf:80:52:eb:82:80:c6:52:77:01:14:
08:a1:cd:ea:b0:ab:85:f0:f4:0f:87:d8:43:b7:73:29:34:3d:
36:13:52:26:50:9b:86:48:9a:ac:c7:02:2f:2e:19:02:0f:76:
f3:f6:26:97:33:eb:5e:72:31:c6:7f:6f:8e:16:bb:11:17:f3:
be:47:1f:79:90:72:58:0b:1e:a5:4e:42:ec:ad:f7:e3:cf:f5:
10:a3:d8:cf
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEe4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA5MDIwNzI4MTJaFw0yNDA5MDMwNzI4MTJaMBgxFjAU
BgNVBAMTDTY0ZjJlNDBmLWEzYjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDyJKe+jalpvb0qr0f7PEDGBbbnPAEHqJWOE5oTZymSb9s+3dvfnF4AJ9jd
PMd7/El9TNU8D2auJX8x2OjDTO2tr0x8le9u0iEZXprzXFDWa9B2h4phs7MdyPq+
oQeOhpGqA/T86XsCFizELHjtpcNLR01dFujcY6zm97SQMakhEuInJYqGsNjAXcl2
QcZVfpGMh8Y1PBQvFpdQtAHuTT5gpJ9GvLhrtOe9HvW+e1juPKKluqowzZtnDRlt
O6NCx42c98XDu218xcfwdNELnDsQBDHIgiL7epkJyIxBCq4K20KqAliQKbYipyLI
N04RIuJGsmC7xfrFy/BykdHsVF2LAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUk3lQ
fcy6eBwpjOvrvFRTiKSpIr4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQ3NjZBNDlFNDk2MjExRUU4MkY3MEQzRTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAMwDQYJKoZIhvcNAQEL
BQADggEBAF42A+DhxIAUIryTIStvbctU27nlxvAkdUg0ZD59s8upcE/mHsZ6Sdzp
SGZIis0R3SMxEa6IyT0RFLLUX+P4e9xaKNWg/za0Ht4wTRXO6a8AhPbADMjHIa0Y
wniMIsa+xiYQxzN/DaQ4Nw0AehpjtdN237rzshkTiOJA1AcOJy+MNuqLpMiagWKS
Q56WxUOdAWfXYvhwDpRxlVFIRfsaFUPLKaQsN5CzzIvPgFLrgoDGUncBFAihzeqw
q4Xw9A+H2EO3cyk0PTYTUiZQm4ZImqzHAi8uGQIPdvP2Jpcz615yMcZ/b44WuxEX
875HH3mQclgLHqVOQuyt9+PP9RCj2M8=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:59:32 2025 by rpki-client