Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A76950A4A7AD11EEBBD2AA5C775412E6.roa
File: A76950A4A7AD11EEBBD2AA5C775412E6.roa (raw, json)
Hash identifier: W1Vr1xzUiwWNT3+qJY/aHWx3UeVR0y8WsmMsKQVkXoY=
Subject key identifier: 46:F9:CE:BF:F8:A6:51:DC:F5:6A:6B:0C:53:5C:13:AF:B4:D0:1C:61
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 142A
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A76950A4A7AD11EEBBD2AA5C775412E6.roa
Signing time: Sun 31 Dec 2023 07:24:37 +0000
ROA not before: Sun 31 Dec 2023 07:24:34 +0000
ROA not after: Tue 31 Dec 2024 07:24:34 +0000
asID: 834
IP address blocks: 154.16.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5162 (0x142a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 31 07:24:34 2023 GMT
Not After : Dec 31 07:24:34 2024 GMT
Subject: CN=65911735-8568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:55:22:74:82:ec:33:17:94:4d:6a:3b:d4:bc:
32:b4:be:5e:08:24:75:64:19:b6:75:4f:71:19:91:
6e:6a:f9:95:9e:6b:ec:e8:7d:72:1d:1d:dd:18:e0:
9b:ea:bb:38:64:b9:bd:f4:13:d6:b4:49:a4:19:6d:
ed:65:db:ab:97:b6:a4:e6:4a:a0:fa:fd:2b:c9:5a:
4a:e6:40:78:a3:6e:f7:05:7b:4a:79:8e:86:77:26:
4d:49:d1:86:68:d7:06:08:6c:51:52:6a:12:3b:ff:
67:22:d5:bc:ee:8f:52:a6:a2:6e:dc:c3:98:98:03:
79:75:53:1e:79:5d:c8:6f:62:7e:d4:f8:70:2d:96:
56:b6:f3:4c:72:ac:a6:48:b9:db:c3:0b:b9:23:a7:
34:b8:13:7c:3e:64:5d:c0:e3:7c:b7:3e:bb:50:05:
e5:64:fd:0d:6f:a1:24:3e:c0:7f:f4:ab:b8:4a:4a:
3e:f3:9b:d0:e1:57:02:d6:2a:26:6b:5b:df:45:9d:
17:b4:0f:d6:ec:13:55:e7:39:1a:2c:29:3b:22:3e:
fe:f6:4a:95:74:a2:c2:f1:21:65:48:b7:ee:cc:73:
15:d2:02:20:d7:bd:f5:70:dc:8f:32:fa:f7:c7:8d:
bb:96:48:22:6f:07:d3:3d:02:10:24:d5:4f:a0:85:
60:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F9:CE:BF:F8:A6:51:DC:F5:6A:6B:0C:53:5C:13:AF:B4:D0:1C:61
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A76950A4A7AD11EEBBD2AA5C775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.86.0/24
Signature Algorithm: sha256WithRSAEncryption
00:7f:65:d2:e2:c6:2e:fc:0b:79:aa:fa:f4:e0:2f:12:42:f9:
6f:e8:be:04:d4:b4:09:5d:cb:8f:95:77:b1:7e:3b:99:f3:96:
eb:4f:7c:bd:e8:56:db:f8:8f:0e:0d:ef:06:d1:bd:fb:03:3c:
31:71:66:90:24:e4:c4:2c:1f:70:e5:f5:d9:aa:17:c6:73:36:
05:17:59:b0:e1:1b:cf:7d:cd:1d:67:73:ce:54:c5:ad:e7:93:
aa:1a:70:bc:d1:ca:7a:07:d3:98:f2:ac:65:59:58:dc:94:51:
a1:23:cb:9c:e5:e9:97:91:fe:83:b5:2c:6f:1c:f8:89:54:28:
93:90:47:1e:3d:4b:ec:48:68:f6:f2:b7:b2:67:b3:bd:ab:5c:
4b:00:78:af:eb:61:22:3f:02:07:b0:1f:24:81:b4:56:dc:bb:
f4:a4:0a:f9:4b:7d:c2:b8:28:9e:8c:3e:e1:94:b1:9e:39:1e:
0e:c7:c9:61:c7:ca:29:07:83:ec:04:12:3e:c5:39:44:5d:18:
0d:2e:f6:c6:7f:1e:6e:b8:3d:ae:01:6b:16:c0:5e:fc:e4:c1:
0a:8b:ef:d9:83:85:7f:da:98:b6:33:a5:09:4b:20:30:2a:96:
e7:32:51:9b:8b:41:1f:0e:4e:21:e7:c1:eb:d8:78:4b:4e:8f:
60:a1:64:9c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFCowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzEyMzEwNzI0MzRaFw0yNDEyMzEwNzI0MzRaMBgxFjAU
BgNVBAMTDTY1OTExNzM1LTg1NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQVSJ0guwzF5RNajvUvDK0vl4IJHVkGbZ1T3EZkW5q+ZWea+zofXIdHd0Y
4Jvquzhkub30E9a0SaQZbe1l26uXtqTmSqD6/SvJWkrmQHijbvcFe0p5joZ3Jk1J
0YZo1wYIbFFSahI7/2ci1bzuj1Kmom7cw5iYA3l1Ux55XchvYn7U+HAtlla280xy
rKZIudvDC7kjpzS4E3w+ZF3A43y3PrtQBeVk/Q1voSQ+wH/0q7hKSj7zm9DhVwLW
KiZrW99FnRe0D9bsE1XnORosKTsiPv72SpV0osLxIWVIt+7McxXSAiDXvfVw3I8y
+vfHjbuWSCJvB9M9AhAk1U+ghWAJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQURvnO
v/imUdz1amsMU1wTr7TQHGEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0E3Njk1MEE0QTdBRDExRUVCQkQyQUE1Qzc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFYwDQYJKoZIhvcNAQEL
BQADggEBAAB/ZdLixi78C3mq+vTgLxJC+W/ovgTUtAldy4+Vd7F+O5nzlutPfL3o
Vtv4jw4N7wbRvfsDPDFxZpAk5MQsH3Dl9dmqF8ZzNgUXWbDhG899zR1nc85Uxa3n
k6oacLzRynoH05jyrGVZWNyUUaEjy5zl6ZeR/oO1LG8c+IlUKJOQRx49S+xIaPby
t7Jns72rXEsAeK/rYSI/AgewHySBtFbcu/SkCvlLfcK4KJ6MPuGUsZ45Hg7HyWHH
yikHg+wEEj7FOURdGA0u9sZ/Hm64Pa4BaxbAXvzkwQqL79mDhX/amLYzpQlLIDAq
lucyUZuLQR8OTiHnwevYeEtOj2ChZJw=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:48:59 2025 by rpki-client