Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A5944F7C38EA11EEA425496C4AD9E6FC.roa
File: A5944F7C38EA11EEA425496C4AD9E6FC.roa (raw, json)
Hash identifier: AwBC/sTP7tsaLcruj3EBArml5ys0HKzwZ9RT7Dtiisk=
Subject key identifier: 7D:D9:31:A9:8E:44:C1:DE:FD:92:3D:AE:96:F2:2D:10:D5:73:44:1C
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1133
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A5944F7C38EA11EEA425496C4AD9E6FC.roa
Signing time: Sat 12 Aug 2023 08:31:35 +0000
ROA not before: Sat 12 Aug 2023 08:31:31 +0000
ROA not after: Wed 14 Aug 2024 08:31:31 +0000
asID: 14670
IP address blocks: 154.16.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4403 (0x1133)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Aug 12 08:31:31 2023 GMT
Not After : Aug 14 08:31:31 2024 GMT
Subject: CN=64d74367-48ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e0:dc:ae:09:73:6a:15:22:52:a8:b6:c4:7b:
75:27:3d:c5:34:1a:ba:6e:47:3d:f7:34:24:1a:f3:
15:6b:42:25:64:fa:9d:bb:63:c5:23:43:dd:bd:88:
5d:f9:43:61:0f:4b:d1:56:5e:f6:b2:4b:6d:e0:72:
fd:9c:88:63:f7:6a:66:bb:3c:49:37:a7:19:4c:eb:
49:f9:6d:d0:ba:3f:fb:8e:df:d0:1c:7f:8a:f6:bf:
9f:b3:0f:27:d2:39:66:d5:83:39:94:f4:a6:c8:c8:
b1:7a:f7:ee:47:a9:a0:39:37:46:10:3f:e6:82:ae:
f2:ff:e5:60:e9:3c:5e:4c:d8:db:7f:aa:73:5c:9f:
8b:9e:6d:d2:7a:c1:f5:13:9c:53:0a:20:61:2e:64:
4d:23:33:68:8d:df:6c:87:37:8c:1b:e6:37:87:3a:
7e:f0:bb:b7:98:ab:cf:22:99:5e:c9:61:39:10:e6:
6f:f5:34:31:11:74:63:1a:d2:10:d6:40:55:89:c4:
12:4c:0d:a0:7b:a5:39:f3:76:37:50:24:3b:99:65:
39:b0:73:85:76:8c:fd:91:a7:c4:b2:45:a9:c6:93:
50:42:a0:6e:d0:1c:fd:3b:08:66:05:33:68:a8:3c:
34:2c:df:6e:45:f2:28:db:22:e5:f1:0b:62:01:74:
49:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D9:31:A9:8E:44:C1:DE:FD:92:3D:AE:96:F2:2D:10:D5:73:44:1C
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A5944F7C38EA11EEA425496C4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.118.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:a4:34:f2:3c:ed:36:09:44:5d:ab:bd:5f:ca:9b:65:a7:5d:
42:56:5e:84:27:80:47:66:cb:44:ae:73:9b:75:14:58:a6:c2:
a1:52:c6:dd:5e:91:34:7b:2b:be:81:59:dc:96:49:35:d3:ee:
f6:17:66:c9:ef:4e:46:b5:40:63:6c:2d:ab:70:c4:a6:fe:7a:
f3:e1:40:e9:92:af:ad:2c:99:4c:b0:72:e1:bf:a6:8b:0a:ea:
d3:0c:0b:05:4e:61:27:f6:fc:b5:9e:cf:7e:23:15:ab:da:04:
60:59:e1:ea:81:67:60:17:b7:08:b8:9f:aa:4b:03:73:64:51:
82:9e:c3:58:09:9f:a5:45:a0:bf:02:74:cc:09:db:c7:9b:13:
66:18:a8:cc:90:d5:bb:d3:86:c2:be:33:59:e9:8b:e4:0a:6e:
e6:81:56:77:1a:0d:a7:6f:39:ac:5f:48:38:b8:88:05:76:39:
7b:fb:1a:80:af:d9:73:a8:8e:e4:0e:a2:10:cd:bc:af:2d:5b:
c0:06:b3:e8:b5:03:ff:05:ec:ba:c2:54:d6:ad:1d:48:8c:b8:
aa:84:d8:20:3d:98:a2:6c:83:68:0d:c2:95:7c:8c:6e:ac:4e:
de:18:ee:15:a2:d7:da:22:e5:72:23:c6:b1:14:06:bd:fe:f6:
1a:68:42:3f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICETMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MTIwODMxMzFaFw0yNDA4MTQwODMxMzFaMBgxFjAU
BgNVBAMTDTY0ZDc0MzY3LTQ4YWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJ4NyuCXNqFSJSqLbEe3UnPcU0GrpuRz33NCQa8xVrQiVk+p27Y8UjQ929
iF35Q2EPS9FWXvayS23gcv2ciGP3ama7PEk3pxlM60n5bdC6P/uO39Acf4r2v5+z
DyfSOWbVgzmU9KbIyLF69+5HqaA5N0YQP+aCrvL/5WDpPF5M2Nt/qnNcn4uebdJ6
wfUTnFMKIGEuZE0jM2iN32yHN4wb5jeHOn7wu7eYq88imV7JYTkQ5m/1NDERdGMa
0hDWQFWJxBJMDaB7pTnzdjdQJDuZZTmwc4V2jP2Rp8SyRanGk1BCoG7QHP07CGYF
M2ioPDQs325F8ijbIuXxC2IBdEnJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUfdkx
qY5Ewd79kj2ulvItENVzRBwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0E1OTQ0RjdDMzhFQTExRUVBNDI1NDk2QzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHYwDQYJKoZIhvcNAQEL
BQADggEBALKkNPI87TYJRF2rvV/Km2WnXUJWXoQngEdmy0Suc5t1FFimwqFSxt1e
kTR7K76BWdyWSTXT7vYXZsnvTka1QGNsLatwxKb+evPhQOmSr60smUywcuG/posK
6tMMCwVOYSf2/LWez34jFavaBGBZ4eqBZ2AXtwi4n6pLA3NkUYKew1gJn6VFoL8C
dMwJ28ebE2YYqMyQ1bvThsK+M1npi+QKbuaBVncaDadvOaxfSDi4iAV2OXv7GoCv
2XOojuQOohDNvK8tW8AGs+i1A/8F7LrCVNatHUiMuKqE2CA9mKJsg2gNwpV8jG6s
Tt4Y7hWi19oi5XIjxrEUBr3+9hpoQj8=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:50:02 2025 by rpki-client