Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D0953F4C36BF11EE90D467864AD9E6FC.roa
File: D0953F4C36BF11EE90D467864AD9E6FC.roa (raw, json)
Hash identifier: /gojQhofGEZLIAsia+3zaKwOecPK1MYRk5Fa7XR/R0E=
Subject key identifier: AB:F8:7A:87:8C:0C:1C:38:FD:18:39:B4:E5:91:3F:06:81:94:3F:4E
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1122
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D0953F4C36BF11EE90D467864AD9E6FC.roa
Signing time: Wed 09 Aug 2023 14:19:56 +0000
ROA not before: Wed 09 Aug 2023 14:19:52 +0000
ROA not after: Wed 07 Aug 2024 14:19:52 +0000
asID: 834
IP address blocks: 154.16.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4386 (0x1122)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Aug 9 14:19:52 2023 GMT
Not After : Aug 7 14:19:52 2024 GMT
Subject: CN=64d3a08c-f3d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5d:fc:c6:61:28:95:de:74:c7:d5:c0:49:f4:
2f:27:94:af:71:7c:dd:55:03:f4:a9:2f:ec:76:f2:
8b:8d:4e:c3:d5:95:e6:de:6b:ae:1b:db:ff:a2:91:
82:24:9e:a9:3e:6c:43:9d:eb:34:52:4e:e1:2c:bf:
ce:d4:99:70:1d:da:3e:76:9c:e9:f8:f3:09:7d:b4:
cd:62:59:33:51:94:28:12:5a:5a:cb:43:f0:a4:a0:
1b:86:db:13:d9:65:e5:cc:70:14:c3:a8:ad:65:ac:
0d:75:20:6c:78:a5:1a:a4:53:1b:4c:c0:e5:21:95:
60:92:5d:f8:b3:74:4b:6b:64:1f:8f:f2:06:0d:b8:
d3:b2:c0:43:dd:f6:8e:c4:c7:72:ce:19:96:dc:a8:
c5:25:fc:9c:9e:10:22:cf:4a:75:61:df:48:65:1c:
de:03:49:17:e8:96:a4:68:85:27:d2:c6:07:84:95:
e4:94:1a:e3:03:ed:a6:1c:ea:10:ab:b0:42:a8:28:
aa:95:01:eb:6a:b2:5d:d9:15:5a:58:c6:7b:1b:9f:
50:56:05:ed:18:6f:8b:92:3a:37:da:5e:7f:70:f2:
8a:ad:2b:ad:f7:3b:18:a0:fe:22:73:e5:81:91:11:
9e:ba:01:5d:17:6b:ad:9e:1e:66:22:29:7b:01:6c:
10:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F8:7A:87:8C:0C:1C:38:FD:18:39:B4:E5:91:3F:06:81:94:3F:4E
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D0953F4C36BF11EE90D467864AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.50.0/24
Signature Algorithm: sha256WithRSAEncryption
29:0d:04:c9:fd:08:4b:ab:08:16:c9:7b:7b:1a:1b:0c:52:0a:
42:6f:c8:b2:02:6e:ca:3a:f7:bc:b7:1f:25:9e:c7:61:1c:06:
c7:3a:af:ed:fe:5c:c6:a1:81:01:73:c5:66:e7:0f:36:17:c8:
bc:45:6c:22:4f:76:a2:6a:cd:73:ad:a6:9c:d5:33:bf:66:0f:
fd:4a:aa:0f:0a:60:90:98:c7:89:d7:c0:98:5e:40:46:12:93:
f0:d8:05:a0:0e:bd:53:39:c7:95:e4:d0:8d:7d:d1:c2:c7:2a:
05:0a:16:36:d3:4e:1b:12:e2:35:72:77:e5:82:9c:a1:d7:90:
81:5c:57:91:6e:cb:cb:4e:34:c2:77:1a:e5:df:66:42:23:88:
33:2a:e1:0c:26:6a:c3:ac:11:73:22:c7:f4:16:2c:a2:0f:57:
66:c2:35:13:39:e0:3f:cf:44:bc:20:3a:f8:1a:b2:d6:99:7e:
bc:3b:93:97:50:b1:2a:5e:3e:78:cb:f9:2f:ca:72:2f:4b:db:
82:b0:50:35:b4:9a:e7:11:62:fb:a6:62:07:b9:7b:66:5c:43:
1d:2f:3c:2c:23:cc:7e:a3:8f:ca:2c:2c:98:e5:e9:03:b7:5b:
fa:6d:24:dd:a0:63:21:bd:0c:b8:e2:f8:e1:3a:d0:10:d7:16:
0c:e1:80:90
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICESIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MDkxNDE5NTJaFw0yNDA4MDcxNDE5NTJaMBgxFjAU
BgNVBAMTDTY0ZDNhMDhjLWYzZDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpXfzGYSiV3nTH1cBJ9C8nlK9xfN1VA/SpL+x28ouNTsPVlebea64b2/+i
kYIknqk+bEOd6zRSTuEsv87UmXAd2j52nOn48wl9tM1iWTNRlCgSWlrLQ/CkoBuG
2xPZZeXMcBTDqK1lrA11IGx4pRqkUxtMwOUhlWCSXfizdEtrZB+P8gYNuNOywEPd
9o7Ex3LOGZbcqMUl/JyeECLPSnVh30hlHN4DSRfolqRohSfSxgeEleSUGuMD7aYc
6hCrsEKoKKqVAetqsl3ZFVpYxnsbn1BWBe0Yb4uSOjfaXn9w8oqtK633Oxig/iJz
5YGREZ66AV0Xa62eHmYiKXsBbBCtAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUq/h6
h4wMHDj9GDm05ZE/BoGUP04wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0QwOTUzRjRDMzZCRjExRUU5MEQ0Njc4NjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDIwDQYJKoZIhvcNAQEL
BQADggEBACkNBMn9CEurCBbJe3saGwxSCkJvyLICbso697y3HyWex2EcBsc6r+3+
XMahgQFzxWbnDzYXyLxFbCJPdqJqzXOtppzVM79mD/1Kqg8KYJCYx4nXwJheQEYS
k/DYBaAOvVM5x5Xk0I190cLHKgUKFjbTThsS4jVyd+WCnKHXkIFcV5Fuy8tONMJ3
GuXfZkIjiDMq4QwmasOsEXMix/QWLKIPV2bCNRM54D/PRLwgOvgastaZfrw7k5dQ
sSpePnjL+S/Kci9L24KwUDW0mucRYvumYge5e2ZcQx0vPCwjzH6jj8osLJjl6QO3
W/ptJN2gYyG9DLji+OE60BDXFgzhgJA=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:48:11 2025 by rpki-client