Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/78C0114E551D11E9A8A3761BF8AEA228.roa
File: 78C0114E551D11E9A8A3761BF8AEA228.roa (raw, json)
Hash identifier: 3o33zdl1n81Cl9FW5MUcmU1Hj0YmJ050RT3re8qtGgU=
Subject key identifier: 77:D0:DB:DE:45:FB:7F:33:4C:4C:38:F5:83:BC:A4:8C:55:C3:C6:1A
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: AA
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/78C0114E551D11E9A8A3761BF8AEA228.roa
Signing time: Tue 02 Apr 2019 08:01:08 +0000
ROA not before: Tue 02 Apr 2019 08:01:03 +0000
ROA not after: Tue 02 Apr 2024 08:01:03 +0000
asID: 61317
IP address blocks: 154.70.152.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170 (0xaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Apr 2 08:01:03 2019 GMT
Not After : Apr 2 08:01:03 2024 GMT
Subject: CN=5ca316c4-170c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:27:a4:03:1e:4d:c6:35:7d:44:36:63:e2:02:
69:3a:04:83:d7:f3:37:81:e9:6b:c3:2f:67:f2:12:
d2:e5:a3:2b:95:37:88:91:21:66:45:84:ed:a7:8a:
99:75:b8:ff:f7:17:80:35:f4:f5:fd:7f:75:88:26:
7a:a2:00:a1:b5:9a:77:9d:43:55:e1:86:dd:45:aa:
4b:d0:c8:d1:81:20:fa:78:3d:4e:20:97:c2:47:90:
31:13:39:e8:63:38:9c:1b:bd:9e:82:01:dc:4e:53:
3e:55:63:c8:5a:6a:9a:84:39:bf:98:d8:18:c1:b6:
aa:ec:e4:2e:35:ac:0e:d1:28:41:10:15:eb:3a:19:
1b:ff:04:7c:24:ce:18:4c:61:68:fa:41:b6:2d:c5:
ed:56:f4:39:b0:e7:66:68:31:c5:78:90:fe:4c:7d:
29:5c:a1:9a:22:0d:d1:88:94:df:64:05:20:23:e9:
92:ab:b1:de:54:8c:08:eb:b0:14:1f:ea:48:87:ee:
2a:7a:e9:5a:d9:c6:5e:0b:25:47:8f:63:16:f3:bb:
bf:eb:60:68:47:3c:bd:1f:9f:2e:eb:e1:41:22:7f:
b8:44:ff:a3:b9:ae:67:47:7d:4d:4b:b0:e5:ca:83:
a7:13:0e:b9:07:fa:18:ce:8e:18:cb:78:c7:13:26:
76:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D0:DB:DE:45:FB:7F:33:4C:4C:38:F5:83:BC:A4:8C:55:C3:C6:1A
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/78C0114E551D11E9A8A3761BF8AEA228.roa
sbgp-ipAddrBlock: critical
IPv4:
154.70.152.0/22
Signature Algorithm: sha256WithRSAEncryption
74:38:14:d8:0e:36:e2:d0:4c:a1:5e:4c:45:00:d4:8a:36:ff:
8f:8a:23:27:e9:39:f9:33:56:e6:ab:fa:f0:9e:92:4e:be:d2:
ff:4c:6a:62:88:ca:8a:6f:79:70:1a:28:86:73:f1:57:db:b3:
6b:68:79:ff:b7:78:bb:1d:c2:46:9c:f7:ce:3d:65:a4:89:6b:
fd:1a:36:f0:6d:3d:d7:20:b0:db:d7:2d:e3:d4:73:c4:c0:57:
0d:b0:23:5e:e9:40:f1:5e:15:08:e2:b6:5d:a6:44:5b:68:9f:
f2:75:b3:08:e7:03:e5:0c:9a:47:a2:5e:3b:85:d1:e6:c0:55:
90:db:3b:6e:0f:2b:7c:94:1d:06:2b:00:b4:2f:e4:fe:4d:18:
f0:0c:90:21:9e:03:56:b0:ac:99:0f:fe:59:ae:7f:2f:97:2e:
26:3b:4e:18:83:c0:e1:cb:ac:24:94:4d:02:43:9a:7e:b1:14:
3d:3d:7b:15:cc:61:92:75:6b:d1:80:37:bb:ae:86:be:f8:00:
44:99:11:43:c3:6d:dc:f0:46:4c:71:aa:53:ea:da:c7:9a:13:
a2:46:80:b1:f1:33:83:26:37:c0:fb:40:b5:16:5a:41:19:68:
22:6f:53:a0:cf:67:02:02:34:05:da:d3:d4:79:be:0d:fc:01:
8d:ef:4f:55
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgICAKowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0xOTA0MDIwODAxMDNaFw0yNDA0MDIwODAxMDNaMBgxFjAU
BgNVBAMTDTVjYTMxNmM0LTE3MGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDlJ6QDHk3GNX1ENmPiAmk6BIPX8zeB6WvDL2fyEtLloyuVN4iRIWZFhO2n
ipl1uP/3F4A19PX9f3WIJnqiAKG1mnedQ1Xhht1FqkvQyNGBIPp4PU4gl8JHkDET
OehjOJwbvZ6CAdxOUz5VY8haapqEOb+Y2BjBtqrs5C41rA7RKEEQFes6GRv/BHwk
zhhMYWj6QbYtxe1W9Dmw52ZoMcV4kP5MfSlcoZoiDdGIlN9kBSAj6ZKrsd5UjAjr
sBQf6kiH7ip66VrZxl4LJUePYxbzu7/rYGhHPL0fny7r4UEif7hE/6O5rmdHfU1L
sOXKg6cTDrkH+hjOjhjLeMcTJnaXAgMBAAGjggJuMIICajAdBgNVHQ4EFgQUd9Db
3kX7fzNMTDj1g7ykjFXDxhowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzc4QzAxMTRFNTUxRDExRTlBOEEzNzYxQkY4QUVBMjI4LnJvYTAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAppGmDANBgkqhkiG9w0BAQsFAAOCAQEA
dDgU2A424tBMoV5MRQDUijb/j4ojJ+k5+TNW5qv68J6STr7S/0xqYojKim95cBoo
hnPxV9uza2h5/7d4ux3CRpz3zj1lpIlr/Ro28G091yCw29ct49RzxMBXDbAjXulA
8V4VCOK2XaZEW2if8nWzCOcD5QyaR6JeO4XR5sBVkNs7bg8rfJQdBisAtC/k/k0Y
8AyQIZ4DVrCsmQ/+Wa5/L5cuJjtOGIPA4cusJJRNAkOafrEUPT17FcxhknVr0YA3
u66GvvgARJkRQ8Nt3PBGTHGqU+rax5oTokaAsfEzgyY3wPtAtRZaQRloIm9ToM9n
AgI0BdrT1Hm+DfwBje9PVQ==
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:01:55 2025 by rpki-client