Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8AF63D361A5311ECBF12DE05D8A014CE.roa
File: 8AF63D361A5311ECBF12DE05D8A014CE.roa (raw, json)
Hash identifier: K9FzhRUJUCDIO11aGGU/xk6bbYDd2Lb7NnKl/zto8ww=
Subject key identifier: 4C:49:FA:83:A0:C1:C3:A5:D3:97:41:6A:4E:4E:26:D3:56:AF:1C:40
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0686
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8AF63D361A5311ECBF12DE05D8A014CE.roa
Signing time: Mon 20 Sep 2021 20:44:26 +0000
ROA not before: Mon 20 Sep 2021 20:44:21 +0000
ROA not after: Tue 20 Sep 2022 20:44:21 +0000
asID: 40676
IP address blocks: 154.16.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1670 (0x686)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Sep 20 20:44:21 2021 GMT
Not After : Sep 20 20:44:21 2022 GMT
Subject: CN=6148f2aa-425b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8c:27:20:c3:d7:0b:f3:c9:28:75:91:d2:a6:
96:d1:6f:3c:e2:59:ea:a9:47:e5:dc:82:6a:02:ee:
2b:6b:56:2b:2f:b3:b2:26:91:ea:1a:db:77:3a:5e:
07:35:42:ee:fa:8d:9b:aa:f6:1a:e1:95:ff:8b:d7:
ef:3c:0b:50:49:0e:d3:a6:83:18:77:db:68:a7:a5:
47:de:df:d2:a2:3e:09:9e:2a:18:29:7a:0e:f9:0f:
63:db:1d:20:2e:53:06:f5:aa:e3:8f:3f:cb:8f:88:
61:8b:87:4b:7d:0c:ef:e7:63:bb:84:f6:c7:dd:b8:
05:1a:26:13:d9:d7:d8:25:cd:9c:f4:8c:91:02:42:
08:29:35:b2:15:15:0f:2b:f7:f8:8f:be:08:72:e3:
e9:6e:48:84:af:ba:4f:d4:fe:8a:5c:5c:97:be:64:
d5:24:97:4a:ca:8e:ee:53:08:5a:97:f1:32:b7:5d:
ef:8c:68:6c:4b:16:3a:1b:8a:8d:5a:28:f9:b8:1e:
52:2f:02:96:a3:d9:ff:8a:ff:e2:0e:44:5c:7d:d0:
0b:58:1f:97:5d:e7:1d:b9:fd:62:c9:08:b0:92:32:
87:4e:2f:0c:4b:53:d0:8b:48:d1:cb:54:be:31:c4:
9c:6b:93:b2:9d:49:37:94:8b:ed:86:7e:36:93:f1:
82:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:49:FA:83:A0:C1:C3:A5:D3:97:41:6A:4E:4E:26:D3:56:AF:1C:40
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8AF63D361A5311ECBF12DE05D8A014CE.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.108.0/24
Signature Algorithm: sha256WithRSAEncryption
10:cb:1c:81:18:b8:54:72:f6:1b:57:4b:15:3a:9b:36:1c:32:
11:f9:73:0d:b3:ab:40:68:ed:83:a4:e8:16:7a:56:62:76:74:
55:42:9e:ed:cc:8f:1f:21:42:62:39:9c:4b:34:ec:d3:f8:d8:
d8:87:ee:0a:b0:99:2e:1f:e3:b9:9c:b5:67:9d:5b:ad:13:7e:
63:eb:e9:99:06:28:52:cf:e6:32:d1:6c:92:c1:7b:d9:26:9d:
83:02:e0:5d:87:33:4e:7c:93:74:84:8e:1a:6f:f2:10:1e:85:
9b:9f:fc:38:fb:ca:6a:1d:06:9b:aa:7c:72:8b:39:6c:f1:ef:
ba:14:51:ec:1a:61:8d:86:7d:06:1e:95:3d:84:49:8f:e2:c8:
5e:a6:39:52:c5:c5:d9:ff:48:0f:2e:bf:14:44:35:71:08:56:
6c:35:c8:00:4b:57:24:6d:5e:60:66:a0:e9:b9:c3:ba:39:7a:
e1:42:f5:59:52:91:b9:0c:6f:6b:36:0e:0a:6d:92:cd:5b:a6:
ac:d1:96:19:28:b5:37:74:fa:ec:2f:f8:16:24:0a:fe:4f:f2:
88:20:30:59:ad:35:3c:23:9a:d6:34:a1:31:a0:34:69:3e:27:
33:e1:74:f7:66:7d:ac:c9:ab:fc:99:19:97:a1:36:06:be:a6:
66:79:2d:fb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBoYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMTA5MjAyMDQ0MjFaFw0yMjA5MjAyMDQ0MjFaMBgxFjAU
BgNVBAMMDTYxNDhmMmFhLTQyNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCnjCcgw9cL88kodZHSppbRbzziWeqpR+XcgmoC7itrVisvs7Imkeoa23c6
Xgc1Qu76jZuq9hrhlf+L1+88C1BJDtOmgxh322inpUfe39KiPgmeKhgpeg75D2Pb
HSAuUwb1quOPP8uPiGGLh0t9DO/nY7uE9sfduAUaJhPZ19glzZz0jJECQggpNbIV
FQ8r9/iPvghy4+luSISvuk/U/opcXJe+ZNUkl0rKju5TCFqX8TK3Xe+MaGxLFjob
io1aKPm4HlIvApaj2f+K/+IORFx90AtYH5dd5x25/WLJCLCSModOLwxLU9CLSNHL
VL4xxJxrk7KdSTeUi+2GfjaT8YLvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUTEn6
g6DBw6XTl0FqTk4m01avHEAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzhBRjYzRDM2MUE1MzExRUNCRjEyREUwNUQ4QTAxNENFLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGwwDQYJKoZIhvcNAQEL
BQADggEBABDLHIEYuFRy9htXSxU6mzYcMhH5cw2zq0Bo7YOk6BZ6VmJ2dFVCnu3M
jx8hQmI5nEs07NP42NiH7gqwmS4f47mctWedW60TfmPr6ZkGKFLP5jLRbJLBe9km
nYMC4F2HM058k3SEjhpv8hAehZuf/Dj7ymodBpuqfHKLOWzx77oUUewaYY2GfQYe
lT2ESY/iyF6mOVLFxdn/SA8uvxRENXEIVmw1yABLVyRtXmBmoOm5w7o5euFC9VlS
kbkMb2s2Dgptks1bpqzRlhkotTd0+uwv+BYkCv5P8oggMFmtNTwjmtY0oTGgNGk+
JzPhdPdmfazJq/yZGZehNga+pmZ5Lfs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:01 2023 by rpki-client on console-fra.rpki-client.org