Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DA33AA40B75111EDA56CACF9F1222468.roa
File: DA33AA40B75111EDA56CACF9F1222468.roa (raw, json)
Hash identifier: MFh222Hu8ICfA7KOHSphTpfXhaKprzzFr1QryYPjEtA=
Subject key identifier: 4A:DE:A5:9C:D7:A9:EC:63:C9:EB:C4:38:55:2F:82:04:D2:C8:F4:5E
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0C90
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DA33AA40B75111EDA56CACF9F1222468.roa
Signing time: Tue 28 Feb 2023 10:22:50 +0000
ROA not before: Tue 28 Feb 2023 10:22:45 +0000
ROA not after: Wed 28 Feb 2024 10:22:45 +0000
asID: 61317
IP address blocks: 154.16.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3216 (0xc90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 28 10:22:45 2023 GMT
Not After : Feb 28 10:22:45 2024 GMT
Subject: CN=63fdd5fa-bb80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:29:1d:be:0d:ec:e2:05:d3:c5:71:bf:c7:1e:
d1:a5:2c:eb:84:25:63:43:9f:be:32:05:a0:ee:14:
ba:1a:f5:2f:3a:dc:96:8a:90:15:93:25:32:14:a7:
ac:39:40:b0:22:e3:b5:8f:15:29:66:8c:3f:39:29:
a0:5a:36:25:e1:67:60:3e:65:0d:ef:bb:9f:0d:33:
8e:5d:b1:ed:fb:9c:8a:ef:48:e0:be:86:eb:ce:c2:
d8:e4:44:59:68:2a:8b:0b:c8:b5:03:f0:12:ce:9a:
6d:31:69:bc:9d:5a:38:a5:66:0b:36:e3:5e:53:a6:
f5:bc:38:31:71:9d:39:d6:38:91:bf:e8:b2:8e:6f:
ac:58:78:37:16:dc:ac:c4:9b:b0:bd:db:50:b8:f4:
bd:f1:1f:22:50:50:3b:06:ce:eb:74:a0:a2:0b:41:
ae:91:c8:55:0b:a1:a3:6d:c4:a9:c6:d8:19:e2:7e:
a8:72:1b:e0:76:99:e1:58:39:33:e8:76:89:81:72:
3f:f2:75:d8:55:46:dd:bf:61:26:79:4f:61:b6:bc:
ba:ba:ee:6e:5d:78:fa:22:1c:cd:98:1e:ad:bf:05:
ef:34:a8:33:6f:64:79:30:b1:29:4c:82:00:1b:81:
c5:26:b1:86:7e:1f:56:38:6e:e4:db:31:e0:e9:09:
81:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DE:A5:9C:D7:A9:EC:63:C9:EB:C4:38:55:2F:82:04:D2:C8:F4:5E
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DA33AA40B75111EDA56CACF9F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.54.0/24
Signature Algorithm: sha256WithRSAEncryption
15:9a:e5:c7:c4:71:77:fc:11:a3:e3:f8:f4:34:db:d5:ef:e6:
50:1c:9f:24:5e:f0:af:3e:61:8e:e2:d4:93:fe:71:1a:0d:57:
d8:8c:bb:b0:76:11:62:a1:b7:57:dd:5c:84:4b:50:9d:b2:8f:
4a:2b:73:78:56:55:dd:29:af:79:4e:1b:82:d6:45:55:0c:95:
cb:0a:db:cb:fd:b9:6a:84:61:8b:33:b2:0f:f4:5c:c3:28:e9:
ab:5a:df:48:b1:a6:04:79:f8:6f:c0:87:1b:4a:56:46:50:2a:
49:d7:35:13:67:03:c9:32:16:07:40:3c:55:37:8e:63:b0:78:
4b:b0:c4:f2:4e:c4:7c:fd:87:64:b9:d2:b4:3a:91:47:de:5d:
27:80:54:6d:d5:f9:e2:71:0e:c4:03:0a:a5:23:5d:e6:87:0e:
96:9c:50:cd:c5:9a:73:50:5c:d1:a5:9e:9e:df:64:bd:ea:a3:
4d:df:e3:a3:21:0d:83:59:0f:c3:f5:33:0f:cc:49:df:17:14:
f3:e6:20:fc:87:47:61:6d:bf:55:cc:3f:5d:0b:e9:04:b8:60:
71:26:65:ad:59:d8:a2:1d:a5:8f:92:3f:a9:ef:42:66:e3:c0:
65:2d:13:c6:c1:26:6e:4c:84:84:de:e2:8d:09:b9:4d:bd:eb:
fc:1b:31:2c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDJAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjgxMDIyNDVaFw0yNDAyMjgxMDIyNDVaMBgxFjAU
BgNVBAMMDTYzZmRkNWZhLWJiODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDRKR2+DeziBdPFcb/HHtGlLOuEJWNDn74yBaDuFLoa9S863JaKkBWTJTIU
p6w5QLAi47WPFSlmjD85KaBaNiXhZ2A+ZQ3vu58NM45dse37nIrvSOC+huvOwtjk
RFloKosLyLUD8BLOmm0xabydWjilZgs2415TpvW8ODFxnTnWOJG/6LKOb6xYeDcW
3KzEm7C921C49L3xHyJQUDsGzut0oKILQa6RyFULoaNtxKnG2BnifqhyG+B2meFY
OTPodomBcj/yddhVRt2/YSZ5T2G2vLq67m5dePoiHM2YHq2/Be80qDNvZHkwsSlM
ggAbgcUmsYZ+H1Y4buTbMeDpCYG/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUSt6l
nNep7GPJ68Q4VS+CBNLI9F4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RBMzNBQTQwQjc1MTExRURBNTZDQUNGOUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDYwDQYJKoZIhvcNAQEL
BQADggEBABWa5cfEcXf8EaPj+PQ029Xv5lAcnyRe8K8+YY7i1JP+cRoNV9iMu7B2
EWKht1fdXIRLUJ2yj0orc3hWVd0pr3lOG4LWRVUMlcsK28v9uWqEYYszsg/0XMMo
6ata30ixpgR5+G/AhxtKVkZQKknXNRNnA8kyFgdAPFU3jmOweEuwxPJOxHz9h2S5
0rQ6kUfeXSeAVG3V+eJxDsQDCqUjXeaHDpacUM3FmnNQXNGlnp7fZL3qo03f46Mh
DYNZD8P1Mw/MSd8XFPPmIPyHR2Ftv1XMP10L6QS4YHEmZa1Z2KIdpY+SP6nvQmbj
wGUtE8bBJm5MhITe4o0JuU296/wbMSw=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:42:07 2025 by rpki-client