Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/86870A8E351B11EEB84B176B4AD9E6FC.roa
File: 86870A8E351B11EEB84B176B4AD9E6FC.roa (raw, json)
Hash identifier: y8s6iW7vvtmu8SDgz3W3etYyQvz/ojEug5TWUjvkUto=
Subject key identifier: 34:B1:5C:1F:C9:A9:B7:17:B0:F2:BB:1C:33:35:1F:C9:DE:D0:F8:F2
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1116
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/86870A8E351B11EEB84B176B4AD9E6FC.roa
Signing time: Mon 07 Aug 2023 12:11:23 +0000
ROA not before: Mon 07 Aug 2023 12:11:19 +0000
ROA not after: Thu 01 Aug 2024 12:11:19 +0000
asID: 834
IP address blocks: 154.16.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4374 (0x1116)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Aug 7 12:11:19 2023 GMT
Not After : Aug 1 12:11:19 2024 GMT
Subject: CN=64d0df6b-c24a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fd:26:c3:cb:b4:c4:24:df:1d:44:b1:0b:68:
c5:18:72:ff:4b:01:8e:f5:b6:07:24:09:70:f0:b1:
02:a8:67:b5:e3:8c:7d:9a:75:f5:df:f7:11:87:1c:
21:96:85:e5:2d:8e:e8:b2:ca:98:91:84:cc:f5:2c:
c5:d1:1f:bc:61:c0:8e:0e:48:69:71:42:06:97:c5:
b7:56:5c:c0:86:25:15:d6:ce:a0:0f:cd:ed:ba:87:
2d:03:b4:20:54:54:ff:4e:3d:30:d5:38:16:61:26:
79:7e:34:b0:6d:21:48:1b:a3:5f:78:02:15:6e:4c:
34:40:21:87:68:c5:60:01:24:2a:63:bf:b9:60:11:
c8:f8:ad:85:68:b9:eb:54:db:df:5e:6c:de:57:f5:
9a:28:37:97:36:e0:03:26:20:ea:e2:ea:ae:69:ba:
7e:53:2a:e6:81:c9:96:3d:8d:9d:d6:e4:89:5c:9d:
7c:62:ef:0d:d4:8e:28:7f:9e:a4:05:da:a4:b7:5c:
c1:1d:56:93:e0:4b:00:53:9d:18:54:f4:b7:f3:88:
b5:05:3d:10:ad:da:63:3c:43:ac:3b:5b:5c:77:95:
a0:2c:19:53:16:d8:44:e2:49:e7:46:07:d6:77:af:
2c:33:22:8b:a5:8f:ff:d9:ec:82:34:3f:86:4f:b7:
df:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B1:5C:1F:C9:A9:B7:17:B0:F2:BB:1C:33:35:1F:C9:DE:D0:F8:F2
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/86870A8E351B11EEB84B176B4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.2.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:59:69:2b:03:88:c5:e3:30:2e:93:a9:38:ba:fd:4c:84:16:
be:e7:37:39:5c:2e:b2:d1:6d:6e:6e:4e:ef:88:e2:a7:3f:19:
08:b2:06:56:dd:6c:e7:34:b2:33:22:a8:ab:f4:53:57:b3:8b:
50:3a:4b:a2:d6:9e:5c:e3:bc:96:24:fc:bd:af:1c:6b:4a:a8:
0d:f9:ac:55:82:52:2e:37:ce:10:6e:64:5e:4b:71:b6:8f:ec:
ee:4b:79:6c:7a:94:78:e6:84:95:d2:fc:a9:57:7d:83:94:96:
0c:3f:df:7d:a0:ab:e4:86:51:9c:17:69:6f:ba:19:e0:c2:ee:
ed:88:a9:97:4e:93:56:da:4e:12:90:b4:52:ed:5d:ce:15:8c:
6e:df:08:b9:5d:54:51:1e:3e:e9:8e:8c:54:d4:c7:ef:7f:c4:
42:c0:6d:a3:1b:f9:3b:2b:6b:65:14:55:58:c1:fa:d5:91:02:
09:32:f3:bc:55:57:20:50:ad:90:ad:24:35:eb:00:14:38:62:
b8:e8:38:5c:bc:a1:0a:f3:ce:92:7c:27:8f:be:95:52:2f:d3:
33:15:2b:8f:8f:d6:e8:48:97:40:1d:73:3e:28:b2:a8:57:c0:
04:c9:b8:fb:c2:f4:57:c6:a8:c1:12:a4:26:1a:e7:d4:8a:c6:
ce:8b:40:ee
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICERYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MDcxMjExMTlaFw0yNDA4MDExMjExMTlaMBgxFjAU
BgNVBAMTDTY0ZDBkZjZiLWMyNGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6/SbDy7TEJN8dRLELaMUYcv9LAY71tgckCXDwsQKoZ7XjjH2adfXf9xGH
HCGWheUtjuiyypiRhMz1LMXRH7xhwI4OSGlxQgaXxbdWXMCGJRXWzqAPze26hy0D
tCBUVP9OPTDVOBZhJnl+NLBtIUgbo194AhVuTDRAIYdoxWABJCpjv7lgEcj4rYVo
uetU299ebN5X9ZooN5c24AMmIOri6q5pun5TKuaByZY9jZ3W5IlcnXxi7w3Ujih/
nqQF2qS3XMEdVpPgSwBTnRhU9LfziLUFPRCt2mM8Q6w7W1x3laAsGVMW2ETiSedG
B9Z3rywzIoulj//Z7II0P4ZPt9/pAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNLFc
H8mptxew8rscMzUfyd7Q+PIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzg2ODcwQThFMzUxQjExRUVCODRCMTc2QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAIwDQYJKoZIhvcNAQEL
BQADggEBAM5ZaSsDiMXjMC6TqTi6/UyEFr7nNzlcLrLRbW5uTu+I4qc/GQiyBlbd
bOc0sjMiqKv0U1ezi1A6S6LWnlzjvJYk/L2vHGtKqA35rFWCUi43zhBuZF5LcbaP
7O5LeWx6lHjmhJXS/KlXfYOUlgw/332gq+SGUZwXaW+6GeDC7u2IqZdOk1baThKQ
tFLtXc4VjG7fCLldVFEePumOjFTUx+9/xELAbaMb+Tsra2UUVVjB+tWRAgky87xV
VyBQrZCtJDXrABQ4YrjoOFy8oQrzzpJ8J4++lVIv0zMVK4+P1uhIl0Adcz4osqhX
wATJuPvC9FfGqMESpCYa59SKxs6LQO4=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:40:01 2025 by rpki-client