Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B56A473E91F911EBBBB67E6FF8AEA228.roa
File: B56A473E91F911EBBBB67E6FF8AEA228.roa (raw, json)
Hash identifier: W9ysmGeFt6IJxM+B0IILGaELIEprS8Qk7JKwdMtXnSY=
Subject key identifier: 91:B2:92:2F:CA:3B:7D:60:CC:B1:C9:50:03:1D:57:CC:67:3E:D8:EE
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 053A
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B56A473E91F911EBBBB67E6FF8AEA228.roa
Signing time: Wed 31 Mar 2021 08:18:44 +0000
ROA not before: Wed 31 Mar 2021 08:18:39 +0000
ROA not after: Thu 31 Mar 2022 08:18:39 +0000
asID: 133752
IP address blocks: 154.16.158.0/24 maxlen: 24
154.16.181.0/24 maxlen: 24
154.16.220.0/24 maxlen: 24
154.16.233.0/24 maxlen: 24
154.16.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1338 (0x53a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Mar 31 08:18:39 2021 GMT
Not After : Mar 31 08:18:39 2022 GMT
Subject: CN=60643064-9595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fb:b5:54:5d:5d:c8:bd:32:2a:d6:ac:f4:7c:
9d:e7:25:8e:17:54:f6:d0:66:69:d0:9c:9b:97:fd:
f2:cc:e7:57:81:ae:b9:a3:7a:c0:ea:9f:10:b4:ef:
f9:70:1c:2a:20:b7:bd:91:45:5e:d2:84:1e:ba:58:
07:e3:d5:de:26:ad:16:c2:06:c2:75:ae:1e:a4:d8:
c9:3e:50:2e:b5:80:89:db:49:ce:bc:98:9a:89:17:
14:59:9a:65:5c:27:0e:e4:09:1f:56:2a:d1:2b:2b:
3f:71:75:ff:c3:d5:3e:1d:3b:52:c7:ef:25:dc:6b:
46:2e:b1:75:d3:89:5a:7d:ce:2e:1e:35:ec:a4:26:
13:61:55:26:c1:ad:b0:a7:03:88:d0:ff:a4:12:a9:
ca:b2:d6:c2:34:44:80:4c:8b:94:a8:99:a8:1b:8f:
20:a2:fa:5e:59:9a:8a:35:bb:3a:f2:2f:a7:fa:5d:
04:ec:29:1e:70:80:55:62:c8:67:54:12:be:0e:d6:
a8:73:4a:3f:63:1b:c0:78:04:a9:d8:d5:8c:2d:6c:
7f:c4:f1:bb:b6:5f:0d:7c:2a:89:1a:f4:bd:9e:fb:
46:aa:f0:82:c5:d1:52:77:f3:4d:1d:06:a9:49:45:
5a:9f:eb:9c:48:2d:71:8e:e9:61:af:b9:b8:15:d4:
7d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B2:92:2F:CA:3B:7D:60:CC:B1:C9:50:03:1D:57:CC:67:3E:D8:EE
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B56A473E91F911EBBBB67E6FF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.158.0/24
154.16.181.0/24
154.16.220.0/24
154.16.233.0/24
154.16.236.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:60:f2:7a:37:a7:7f:db:8d:7a:9d:71:4d:a3:63:d2:21:ce:
08:d9:00:65:01:26:09:8a:6c:af:1e:a4:d8:78:d8:22:39:be:
51:4b:42:d2:d7:db:5a:76:d3:91:41:70:56:0d:48:c4:9d:e2:
93:43:c4:70:d3:80:f0:54:76:e7:55:ef:6b:d3:2d:a8:4e:6a:
19:b7:af:8b:3f:79:96:dc:79:d5:14:e5:28:b8:97:f2:ce:9a:
ec:9d:51:cf:06:88:54:53:78:2a:b3:f7:ba:91:df:43:cd:71:
78:34:e2:da:7a:dd:f1:ad:2a:c6:7c:0b:e3:f0:cd:48:c8:c2:
da:7c:67:a2:e1:36:87:74:70:2f:4d:e0:9c:5f:3c:37:5c:64:
1f:bb:da:44:a5:d1:44:e0:fe:21:c9:2f:35:39:6e:e3:be:aa:
70:25:76:cd:a4:ef:51:fb:47:59:01:26:dc:0b:c3:bd:55:88:
87:1a:23:25:c7:7e:f8:8a:e8:1e:2f:30:f2:89:96:9c:57:b4:
1e:c5:18:06:d6:ab:5e:22:04:0f:2f:56:9f:84:64:ed:fa:b3:
3d:c8:9f:da:33:94:6a:a7:ff:af:44:51:f4:96:0d:63:96:7c:
92:2a:fe:df:5e:f1:37:80:ec:f4:be:30:18:db:6e:57:c5:9e:
89:2d:2b:69
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICBTowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMTAzMzEwODE4MzlaFw0yMjAzMzEwODE4MzlaMBgxFjAU
BgNVBAMTDTYwNjQzMDY0LTk1OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCx+7VUXV3IvTIq1qz0fJ3nJY4XVPbQZmnQnJuX/fLM51eBrrmjesDqnxC0
7/lwHCogt72RRV7ShB66WAfj1d4mrRbCBsJ1rh6k2Mk+UC61gInbSc68mJqJFxRZ
mmVcJw7kCR9WKtErKz9xdf/D1T4dO1LH7yXca0YusXXTiVp9zi4eNeykJhNhVSbB
rbCnA4jQ/6QSqcqy1sI0RIBMi5SomagbjyCi+l5Zmoo1uzryL6f6XQTsKR5wgFVi
yGdUEr4O1qhzSj9jG8B4BKnY1YwtbH/E8bu2Xw18Koka9L2e+0aq8ILF0VJ3800d
BqlJRVqf65xILXGO6WGvubgV1H35AgMBAAGjggK9MIICuTAdBgNVHQ4EFgQUkbKS
L8o7fWDMsclQAx1XzGc+2O4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0I1NkE0NzNFOTFGOTExRUJCQkI2N0U2RkY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACaEJ4DBACaELUDBACaENwD
BACaEOkDBACaEOwwDQYJKoZIhvcNAQELBQADggEBAF5g8no3p3/bjXqdcU2jY9Ih
zgjZAGUBJgmKbK8epNh42CI5vlFLQtLX21p205FBcFYNSMSd4pNDxHDTgPBUdudV
72vTLahOahm3r4s/eZbcedUU5Si4l/LOmuydUc8GiFRTeCqz97qR30PNcXg04tp6
3fGtKsZ8C+PwzUjIwtp8Z6LhNod0cC9N4JxfPDdcZB+72kSl0UTg/iHJLzU5buO+
qnAlds2k71H7R1kBJtwLw71ViIcaIyXHfviK6B4vMPKJlpxXtB7FGAbWq14iBA8v
Vp+EZO36sz3In9ozlGqn/69EUfSWDWOWfJIq/t9e8TeA7PS+MBjbblfFnoktK2k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:59 2023 by rpki-client on console-ams.rpki-client.org