Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/99FE7AE8838D11EC85EE6DB35A40D577.roa
File: 99FE7AE8838D11EC85EE6DB35A40D577.roa (raw, json)
Hash identifier: glzUOndXa6VspD4ofQYPzjnlkA/FvDZQ9PT3LIA0hLw=
Subject key identifier: E4:67:61:8A:D0:0F:38:5A:EF:D8:AE:93:F0:18:6C:C7:69:CE:F3:FA
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 07A5
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/99FE7AE8838D11EC85EE6DB35A40D577.roa
Signing time: Tue 01 Feb 2022 18:34:34 +0000
ROA not before: Tue 01 Feb 2022 18:34:29 +0000
ROA not after: Wed 01 Feb 2023 18:34:29 +0000
asID: 43260
IP address blocks: 154.16.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1957 (0x7a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 1 18:34:29 2022 GMT
Not After : Feb 1 18:34:29 2023 GMT
Subject: CN=61f97d3a-dcbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:30:55:5a:d9:06:43:20:6a:d3:9b:71:07:42:
13:56:b2:f1:e2:43:4e:3e:8b:bb:9d:2f:77:82:a1:
c3:15:99:68:97:c2:cc:aa:ea:51:3b:cd:10:45:f9:
40:c7:ca:25:16:da:75:81:6b:8b:cd:25:52:08:4e:
b6:08:0e:33:ba:ad:28:c6:6c:31:fc:d2:ff:13:de:
cf:a5:d8:ca:c8:fc:82:61:06:90:ed:ce:39:57:32:
50:54:c2:ba:93:08:84:af:ac:10:35:a7:f3:c3:fd:
42:fe:fa:4b:9c:2d:4a:56:55:9a:88:34:ad:11:2b:
1e:85:95:ea:60:14:9d:c2:e1:a9:cc:b5:96:12:aa:
db:17:64:62:08:3a:b5:96:56:5d:9f:42:99:b0:8f:
7b:ac:7a:57:31:15:63:fa:e2:46:94:68:d6:bf:d5:
5f:04:27:e0:bc:70:22:1f:67:a1:ab:3e:06:4a:51:
9e:d6:fb:b1:28:4b:dd:f5:2a:ad:53:23:a2:54:fd:
9f:8a:fc:74:47:b7:6e:b0:e3:3e:72:fa:f4:c7:2f:
6b:99:5c:48:8f:a7:f1:f9:55:a8:0b:e0:a3:02:2a:
14:15:b4:7e:8d:98:eb:d3:81:fe:28:c8:30:1d:57:
45:4c:ae:1b:38:f9:08:c2:19:4c:85:76:dd:ae:e1:
de:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:67:61:8A:D0:0F:38:5A:EF:D8:AE:93:F0:18:6C:C7:69:CE:F3:FA
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/99FE7AE8838D11EC85EE6DB35A40D577.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.3.0/24
Signature Algorithm: sha256WithRSAEncryption
40:cd:1c:eb:e7:9f:8a:28:a7:20:57:fd:c2:32:65:c1:28:6b:
24:c4:91:ff:5b:e0:ac:51:be:21:fd:51:91:b7:d9:67:a0:99:
a5:17:61:07:ea:b7:89:64:e0:ec:e9:a7:e2:75:b1:b0:0f:54:
f4:96:4a:06:ad:fd:5c:90:00:79:a9:8b:e8:21:5b:61:c9:b9:
1c:c8:f6:a6:d3:62:3d:ac:59:b6:15:f6:f2:0d:64:f5:a0:ff:
af:26:16:c4:f2:42:59:d5:c9:ac:49:28:22:1e:7b:ff:9f:ab:
8b:65:77:34:1b:14:4d:be:27:29:7b:e2:d7:00:ef:ee:8b:3f:
21:a4:12:77:5e:89:f7:85:db:a8:4d:66:dc:64:07:26:70:76:
cc:90:ed:ab:fc:86:48:67:35:bf:8c:e9:ca:bd:27:62:f7:58:
c4:f2:b1:3f:3e:d4:eb:a3:9f:51:c1:7d:d6:0e:ce:75:02:a8:
75:4b:4d:6d:9a:4d:f8:99:a4:66:ba:96:15:30:7e:8a:a1:a7:
94:b7:61:6e:8a:af:64:2d:1f:a1:99:9c:fe:f0:b3:44:5d:a7:
2b:24:79:72:90:52:53:95:f7:5b:18:8d:e7:ea:14:a5:51:27:
9b:ea:fb:dd:4a:73:d6:2d:f5:b4:17:14:aa:7d:53:cc:57:27:
8f:8a:68:10
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB6UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjAyMDExODM0MjlaFw0yMzAyMDExODM0MjlaMBgxFjAU
BgNVBAMMDTYxZjk3ZDNhLWRjYmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPMFVa2QZDIGrTm3EHQhNWsvHiQ04+i7udL3eCocMVmWiXwsyq6lE7zRBF
+UDHyiUW2nWBa4vNJVIITrYIDjO6rSjGbDH80v8T3s+l2MrI/IJhBpDtzjlXMlBU
wrqTCISvrBA1p/PD/UL++kucLUpWVZqINK0RKx6FlepgFJ3C4anMtZYSqtsXZGII
OrWWVl2fQpmwj3uselcxFWP64kaUaNa/1V8EJ+C8cCIfZ6GrPgZKUZ7W+7EoS931
Kq1TI6JU/Z+K/HRHt26w4z5y+vTHL2uZXEiPp/H5VagL4KMCKhQVtH6NmOvTgf4o
yDAdV0VMrhs4+QjCGUyFdt2u4d69AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU5Gdh
itAPOFrv2K6T8Bhsx2nO8/owHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzk5RkU3QUU4ODM4RDExRUM4NUVFNkRCMzVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAMwDQYJKoZIhvcNAQEL
BQADggEBAEDNHOvnn4oopyBX/cIyZcEoayTEkf9b4KxRviH9UZG32WegmaUXYQfq
t4lk4Ozpp+J1sbAPVPSWSgat/VyQAHmpi+ghW2HJuRzI9qbTYj2sWbYV9vINZPWg
/68mFsTyQlnVyaxJKCIee/+fq4tldzQbFE2+Jyl74tcA7+6LPyGkEndeifeF26hN
ZtxkByZwdsyQ7av8hkhnNb+M6cq9J2L3WMTysT8+1Oujn1HBfdYOznUCqHVLTW2a
TfiZpGa6lhUwfoqhp5S3YW6Kr2QtH6GZnP7ws0RdpyskeXKQUlOV91sYjefqFKVR
J5vq+91Kc9Yt9bQXFKp9U8xXJ4+KaBA=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:49:26 2025 by rpki-client