Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C2F170A4E7FB11ECBF64A5D7F1222468.roa
File: C2F170A4E7FB11ECBF64A5D7F1222468.roa (raw, json)
Hash identifier: QDeu38olgwLF1ZPN55qxsGiYPVkChHG7qaLqN+PJV6E=
Subject key identifier: 3C:08:4A:31:83:42:72:30:48:6D:02:8B:72:19:35:B0:A7:60:6F:83
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0889
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C2F170A4E7FB11ECBF64A5D7F1222468.roa
Signing time: Thu 09 Jun 2022 13:55:04 +0000
ROA not before: Thu 09 Jun 2022 13:55:00 +0000
ROA not after: Sun 09 Jun 2024 13:55:00 +0000
asID: 40676
IP address blocks: 154.16.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2185 (0x889)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Jun 9 13:55:00 2022 GMT
Not After : Jun 9 13:55:00 2024 GMT
Subject: CN=62a1fbb7-57ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:32:59:93:b3:07:49:fa:ff:ba:1d:7a:f3:75:
b2:71:ac:99:c5:8f:b1:79:26:91:98:e6:5f:c7:a9:
a8:5a:47:24:fc:8f:89:24:54:6b:b1:ab:d8:38:02:
cb:e0:c3:bf:c2:a2:65:b9:bf:cf:86:6c:34:67:fa:
28:5c:cc:e8:bd:c8:e3:f9:bf:1d:73:f7:bc:2d:35:
d9:dd:17:ed:fe:c3:8c:36:cc:a6:79:5d:3c:ac:4f:
a7:64:ee:a0:48:f9:96:42:8a:d0:54:b3:33:8b:fd:
ed:ea:15:d4:6a:8e:1b:92:2b:af:7b:ce:5b:4a:6a:
43:7e:a0:b5:f9:00:69:f3:a4:f5:f4:70:84:c0:b0:
c1:98:1e:97:b1:a1:26:08:61:93:59:9d:1b:aa:c7:
d1:81:db:8d:36:d8:93:c3:86:9f:07:88:b9:a5:0a:
2f:d9:34:8e:9b:a9:ee:64:4c:97:22:20:55:f9:5e:
25:ef:83:7e:4a:4a:08:00:e3:8a:cc:fd:89:98:9c:
bb:1b:b8:f8:9d:18:49:ba:8e:ec:7d:ba:a6:47:9d:
aa:bb:82:bc:85:35:38:89:6d:73:8a:06:55:59:83:
06:6b:7c:ba:ba:fe:a6:a5:e4:af:f9:64:36:e8:ee:
9e:a6:c0:bf:6a:cc:c7:b9:08:fe:bf:74:b0:11:06:
06:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:08:4A:31:83:42:72:30:48:6D:02:8B:72:19:35:B0:A7:60:6F:83
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C2F170A4E7FB11ECBF64A5D7F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.195.0/24
Signature Algorithm: sha256WithRSAEncryption
21:45:37:7c:2b:e2:89:a3:42:92:20:d5:d9:b6:ee:fb:8a:2b:
02:8f:f0:4a:40:e7:65:e8:b6:23:32:f2:31:2f:52:85:e4:88:
d7:16:6a:46:bd:ed:2f:56:a8:cf:ba:40:fd:f2:a1:ce:27:ee:
bd:8e:df:64:f1:35:63:7e:17:93:78:b4:e7:05:fb:6a:70:00:
18:ab:46:e3:3a:9b:bd:28:d7:14:a4:c7:73:75:c8:bf:06:41:
92:af:4f:0d:1d:b4:2d:1c:6b:64:79:d3:45:5b:7d:eb:e6:e5:
33:36:da:87:7d:48:26:ee:90:ba:4c:f9:aa:bd:59:2b:1b:2f:
0a:cf:4f:af:b9:83:fa:21:7a:64:a6:05:88:77:13:df:e0:94:
59:4c:d7:5a:cd:aa:a6:88:8f:d9:7f:3b:94:f2:d3:e0:5c:f9:
a6:fa:11:7a:12:e4:1c:46:87:7d:ef:df:a7:1e:87:bb:53:eb:
d5:c5:69:7f:a8:f7:5b:2a:eb:00:70:39:c4:b4:8c:4c:24:2d:
7e:5d:64:62:73:03:f5:77:45:32:0d:27:6f:8b:1b:44:4f:a9:
fd:21:e1:fb:83:97:26:43:34:c0:f0:0a:d4:59:2d:19:6a:96:
5e:67:4a:84:55:94:db:70:b5:46:1a:66:44:96:5d:30:69:11:
d5:18:ab:ac
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCIkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMjA2MDkxMzU1MDBaFw0yNDA2MDkxMzU1MDBaMBgxFjAU
BgNVBAMMDTYyYTFmYmI3LTU3ZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCmMlmTswdJ+v+6HXrzdbJxrJnFj7F5JpGY5l/HqahaRyT8j4kkVGuxq9g4
Asvgw7/ComW5v8+GbDRn+ihczOi9yOP5vx1z97wtNdndF+3+w4w2zKZ5XTysT6dk
7qBI+ZZCitBUszOL/e3qFdRqjhuSK697zltKakN+oLX5AGnzpPX0cITAsMGYHpex
oSYIYZNZnRuqx9GB24022JPDhp8HiLmlCi/ZNI6bqe5kTJciIFX5XiXvg35KSggA
44rM/YmYnLsbuPidGEm6jux9uqZHnaq7gryFNTiJbXOKBlVZgwZrfLq6/qal5K/5
ZDbo7p6mwL9qzMe5CP6/dLARBgbNAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUPAhK
MYNCcjBIbQKLchk1sKdgb4MwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0MyRjE3MEE0RTdGQjExRUNCRjY0QTVEN0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMMwDQYJKoZIhvcNAQEL
BQADggEBACFFN3wr4omjQpIg1dm27vuKKwKP8EpA52XotiMy8jEvUoXkiNcWaka9
7S9WqM+6QP3yoc4n7r2O32TxNWN+F5N4tOcF+2pwABirRuM6m70o1xSkx3N1yL8G
QZKvTw0dtC0ca2R500Vbfevm5TM22od9SCbukLpM+aq9WSsbLwrPT6+5g/ohemSm
BYh3E9/glFlM11rNqqaIj9l/O5Ty0+Bc+ab6EXoS5BxGh33v36ceh7tT69XFaX+o
91sq6wBwOcS0jEwkLX5dZGJzA/V3RTINJ2+LG0RPqf0h4fuDlyZDNMDwCtRZLRlq
ll5nSoRVlNtwtUYaZkSWXTBpEdUYq6w=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:54:17 2025 by rpki-client