Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AC80E9EC495E11EE8060E7324AD9E6FC.roa
File: AC80E9EC495E11EE8060E7324AD9E6FC.roa (raw, json)
Hash identifier: VivSvaY7FD3aqdYAXrRVxnBWrdzHAn58tHEdtuL9cls=
Subject key identifier: ED:94:21:4F:B9:DE:28:B7:C1:36:7D:9D:FC:ED:93:45:06:A9:C5:B0
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 11DA
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AC80E9EC495E11EE8060E7324AD9E6FC.roa
Signing time: Sat 02 Sep 2023 07:02:26 +0000
ROA not before: Sat 02 Sep 2023 07:02:22 +0000
ROA not after: Tue 03 Sep 2024 07:02:22 +0000
asID: 834
IP address blocks: 154.16.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4570 (0x11da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Sep 2 07:02:22 2023 GMT
Not After : Sep 3 07:02:22 2024 GMT
Subject: CN=64f2de02-f9aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b1:fb:83:b2:3e:43:9a:ec:a9:bf:7e:55:1f:
29:4b:3c:5b:eb:6e:0f:1f:4a:04:8c:51:cd:83:fe:
c8:ae:75:56:db:78:48:f0:d1:6d:e4:c9:5a:8c:b8:
83:11:61:0c:ff:1b:27:42:01:e7:45:93:f3:42:0a:
d7:fc:c5:a4:ae:d1:67:ec:e7:a5:e9:86:59:9d:0d:
f3:f9:5b:ad:7c:e7:79:95:08:41:41:23:9f:34:26:
97:4b:82:6f:25:e9:bc:5e:c0:ce:df:85:1b:76:d1:
ca:82:0d:b9:66:10:f4:83:07:d2:a9:6d:3e:e8:7f:
91:8f:92:a1:7b:fb:22:27:27:57:23:a9:a8:2d:31:
83:7c:85:e5:c9:2d:fd:a3:0d:2d:81:c4:2a:50:5a:
a7:4d:60:4a:ea:a2:4a:bf:b6:f4:33:5e:8c:bd:89:
03:ba:d7:06:ae:50:a6:1b:ae:af:49:95:85:f1:65:
a7:f5:2b:a0:8a:5f:70:9b:1b:bd:4a:70:a3:c6:76:
51:f8:ce:e5:77:36:42:42:32:b5:7e:13:3b:ca:fd:
f3:f2:c0:16:24:c1:18:73:0e:24:9e:ae:3d:91:2a:
31:75:e0:0e:ea:68:2a:2b:71:f1:6d:59:63:27:2a:
10:be:ff:5d:95:a5:18:a2:26:a0:6b:c6:60:06:67:
80:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:94:21:4F:B9:DE:28:B7:C1:36:7D:9D:FC:ED:93:45:06:A9:C5:B0
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AC80E9EC495E11EE8060E7324AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.21.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:24:6e:35:83:58:f5:a6:a0:b6:7d:78:dd:85:f0:39:15:b6:
3e:e9:b4:0e:40:32:dc:df:48:54:67:20:b9:42:17:34:ce:7a:
bb:99:8a:af:a8:49:ff:2c:f5:41:5f:44:c2:95:73:be:c1:78:
73:03:d6:47:22:0c:fd:64:51:f1:16:fb:59:76:4c:37:22:c0:
62:20:9a:f7:bc:60:6b:cf:13:69:f2:1f:d8:70:6c:8a:bb:36:
8e:ae:42:35:a5:c9:ff:a0:e6:62:56:2b:e3:40:e1:9f:d2:a9:
02:e3:a9:75:26:18:51:1d:8f:15:b9:6a:78:64:af:dd:3d:a1:
f4:c4:21:3c:80:ab:f0:63:ac:2e:48:3d:c3:2c:2b:9a:f2:0f:
da:1b:49:27:b1:40:40:ec:ab:a8:ca:8e:2f:ec:71:4e:c3:5a:
b9:0c:40:94:24:4f:8c:29:fe:4b:dc:de:dd:13:10:88:b5:a4:
21:5e:21:17:38:81:9b:70:de:89:8f:5d:4f:fe:bc:f8:17:af:
3f:3b:d4:d9:8d:f1:9a:7e:05:63:8a:9a:dc:f6:70:02:46:de:
a1:f4:e7:bc:1c:05:e6:6b:0a:e7:1b:bc:d9:95:90:6e:e3:d0:
03:3e:c6:52:c3:b7:4a:49:6f:5b:8e:2f:38:94:e0:92:cd:ba:
70:48:82:e7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEdowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA5MDIwNzAyMjJaFw0yNDA5MDMwNzAyMjJaMBgxFjAU
BgNVBAMTDTY0ZjJkZTAyLWY5YWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6sfuDsj5Dmuypv35VHylLPFvrbg8fSgSMUc2D/siudVbbeEjw0W3kyVqM
uIMRYQz/GydCAedFk/NCCtf8xaSu0Wfs56XphlmdDfP5W61853mVCEFBI580JpdL
gm8l6bxewM7fhRt20cqCDblmEPSDB9KpbT7of5GPkqF7+yInJ1cjqagtMYN8heXJ
Lf2jDS2BxCpQWqdNYErqokq/tvQzXoy9iQO61wauUKYbrq9JlYXxZaf1K6CKX3Cb
G71KcKPGdlH4zuV3NkJCMrV+EzvK/fPywBYkwRhzDiSerj2RKjF14A7qaCorcfFt
WWMnKhC+/12VpRiiJqBrxmAGZ4DLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU7ZQh
T7neKLfBNn2d/O2TRQapxbAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0FDODBFOUVDNDk1RTExRUU4MDYwRTczMjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBUwDQYJKoZIhvcNAQEL
BQADggEBAMYkbjWDWPWmoLZ9eN2F8DkVtj7ptA5AMtzfSFRnILlCFzTOeruZiq+o
Sf8s9UFfRMKVc77BeHMD1kciDP1kUfEW+1l2TDciwGIgmve8YGvPE2nyH9hwbIq7
No6uQjWlyf+g5mJWK+NA4Z/SqQLjqXUmGFEdjxW5anhkr909ofTEITyAq/BjrC5I
PcMsK5ryD9obSSexQEDsq6jKji/scU7DWrkMQJQkT4wp/kvc3t0TEIi1pCFeIRc4
gZtw3omPXU/+vPgXrz871NmN8Zp+BWOKmtz2cAJG3qH057wcBeZrCucbvNmVkG7j
0AM+xlLDt0pJb1uOLziU4JLNunBIguc=
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:00:15 2025 by rpki-client