Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D0C4BFE2A70B11EB9476C424F8AEA228.roa
File: D0C4BFE2A70B11EB9476C424F8AEA228.roa (raw, json)
Hash identifier: LxhFqnMqSaSRizysMDeKCliifPUvBxwnGtOVIFvtHC4=
Subject key identifier: 13:9A:32:D8:ED:86:10:2F:60:CF:A8:3B:C7:E3:50:04:7C:BD:E0:9A
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0569
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D0C4BFE2A70B11EB9476C424F8AEA228.roa
Signing time: Tue 27 Apr 2021 03:51:16 +0000
ROA not before: Tue 27 Apr 2021 03:51:11 +0000
ROA not after: Wed 27 Apr 2022 03:51:11 +0000
asID: 396982
IP address blocks: 154.16.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1385 (0x569)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Apr 27 03:51:11 2021 GMT
Not After : Apr 27 03:51:11 2022 GMT
Subject: CN=60878a33-0cc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8e:c0:73:00:c5:ee:2c:b0:90:ea:4b:d4:34:
2a:dc:c7:d3:52:1b:d5:3a:03:b1:6b:35:f7:56:a4:
05:07:4b:ca:c3:67:88:5b:30:e3:5c:97:1c:12:97:
b3:ed:93:a2:55:64:d8:13:6e:6a:4b:63:b3:f8:56:
39:bf:21:19:da:d6:45:62:65:55:49:67:4f:e1:3c:
9c:b3:fb:61:4f:8d:35:21:f3:6f:3e:32:ed:f2:82:
9f:7a:f5:b7:c2:4d:4f:76:8c:47:2d:38:2d:f7:0a:
59:b9:fb:19:59:68:99:71:ed:0f:b2:40:2e:e9:96:
8f:ee:da:db:b5:a7:0a:df:d4:84:c7:7a:f9:39:9c:
d2:d4:6a:9c:33:58:c1:65:7c:5c:66:79:b7:3d:82:
f7:f4:95:a2:cd:0b:59:b7:b8:2c:ff:ef:b1:27:6f:
c0:43:eb:13:0c:32:1c:76:d4:59:4f:e2:c5:94:e4:
70:a6:8b:93:2b:1c:1d:35:70:18:d9:44:37:ef:8d:
d9:dd:dc:23:49:53:c0:10:69:17:21:f1:25:5d:74:
6c:d7:b8:a3:4f:bd:3f:0e:ea:d6:08:64:10:1b:ca:
39:b7:90:2e:ec:41:36:59:b6:96:71:27:65:61:a0:
6d:7b:6a:1f:dd:4e:b5:68:83:94:ed:57:20:dc:f2:
7c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:9A:32:D8:ED:86:10:2F:60:CF:A8:3B:C7:E3:50:04:7C:BD:E0:9A
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D0C4BFE2A70B11EB9476C424F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.136.0/24
Signature Algorithm: sha256WithRSAEncryption
46:9f:e5:75:4f:7d:3a:2b:db:9a:8c:89:3c:cc:f2:4c:da:ce:
16:93:db:4b:f6:e3:ac:17:f8:4e:f2:9e:37:05:9b:f0:d6:cb:
c9:b4:95:83:42:2d:3e:20:a5:2b:e3:7b:1b:c8:4d:d6:89:00:
b6:bd:ec:39:c2:89:a3:a2:a7:89:74:42:33:d7:4b:c6:42:88:
24:e8:4a:96:d6:4c:c0:5b:2a:08:e2:17:92:95:8b:fc:35:fc:
2d:ab:3f:a4:46:51:d9:80:41:15:d3:96:9e:62:ed:ed:c7:e6:
ea:69:9a:af:b3:3a:e6:7b:5d:ac:86:9c:df:d9:92:63:fe:84:
73:6d:37:94:df:59:62:ac:b1:af:f9:92:90:ac:5d:bd:53:16:
e6:e1:b5:7d:3c:d9:67:c0:e8:9c:4d:ff:03:04:2a:17:f7:df:
5a:d1:eb:9a:08:c7:ce:b9:04:0f:36:51:69:fe:87:ce:20:f9:
cf:80:e3:82:34:ca:3f:48:c4:08:78:7b:c3:b9:35:e2:cc:65:
bd:3c:02:35:66:c3:4a:ba:b8:3f:f4:75:30:ae:c7:b3:9b:71:
f9:aa:53:f3:70:68:b2:f4:18:36:db:69:47:3a:c3:1a:6b:62:
c4:0b:3f:05:e2:37:04:c1:af:09:21:24:3f:64:8e:21:fd:1c:
9e:3d:7f:63
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBWkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMTA0MjcwMzUxMTFaFw0yMjA0MjcwMzUxMTFaMBgxFjAU
BgNVBAMTDTYwODc4YTMzLTBjYzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDjjsBzAMXuLLCQ6kvUNCrcx9NSG9U6A7FrNfdWpAUHS8rDZ4hbMONclxwS
l7Ptk6JVZNgTbmpLY7P4Vjm/IRna1kViZVVJZ0/hPJyz+2FPjTUh828+Mu3ygp96
9bfCTU92jEctOC33Clm5+xlZaJlx7Q+yQC7plo/u2tu1pwrf1ITHevk5nNLUapwz
WMFlfFxmebc9gvf0laLNC1m3uCz/77Enb8BD6xMMMhx21FlP4sWU5HCmi5MrHB01
cBjZRDfvjdnd3CNJU8AQaRch8SVddGzXuKNPvT8O6tYIZBAbyjm3kC7sQTZZtpZx
J2VhoG17ah/dTrVog5TtVyDc8nw5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUE5oy
2O2GEC9gz6g7x+NQBHy94JowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0QwQzRCRkUyQTcwQjExRUI5NDc2QzQyNEY4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEIgwDQYJKoZIhvcNAQEL
BQADggEBAEaf5XVPfTor25qMiTzM8kzazhaT20v246wX+E7ynjcFm/DWy8m0lYNC
LT4gpSvjexvITdaJALa97DnCiaOip4l0QjPXS8ZCiCToSpbWTMBbKgjiF5KVi/w1
/C2rP6RGUdmAQRXTlp5i7e3H5uppmq+zOuZ7XayGnN/ZkmP+hHNtN5TfWWKssa/5
kpCsXb1TFubhtX082WfA6JxN/wMEKhf331rR65oIx865BA82UWn+h84g+c+A44I0
yj9IxAh4e8O5NeLMZb08AjVmw0q6uD/0dTCux7ObcfmqU/NwaLL0GDbbaUc6wxpr
YsQLPwXiNwTBrwkhJD9kjiH9HJ49f2M=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:53:23 2025 by rpki-client