Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DFE7C06A5C1611EEAD14B1624AD9E6FC.roa
File: DFE7C06A5C1611EEAD14B1624AD9E6FC.roa (raw, json)
Hash identifier: 2GFPk8ciuOocDWKjJR9mV139ByfnLrV2U0s/7ltqWlM=
Subject key identifier: B4:34:FB:B0:90:CA:23:EE:0F:0F:07:0D:7D:CD:30:49:CC:8C:4B:45
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 127C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DFE7C06A5C1611EEAD14B1624AD9E6FC.roa
Signing time: Tue 26 Sep 2023 02:46:21 +0000
ROA not before: Tue 26 Sep 2023 02:46:18 +0000
ROA not after: Wed 25 Sep 2024 02:46:18 +0000
asID: 834
IP address blocks: 154.16.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4732 (0x127c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Sep 26 02:46:18 2023 GMT
Not After : Sep 25 02:46:18 2024 GMT
Subject: CN=651245fd-9955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b6:0b:74:c2:63:22:f1:62:56:ed:29:cd:6e:
b5:3f:8a:d1:a7:51:70:06:4e:01:3b:e8:d2:7e:38:
e1:c5:44:1c:c0:27:de:e8:0f:d4:93:46:ac:b6:ad:
dd:00:79:67:f9:9f:40:e1:04:bb:1d:05:24:09:90:
17:6b:b5:85:40:e7:80:72:d9:a3:9e:e6:bc:c0:e2:
c2:ed:06:3a:0a:ae:ac:99:4b:97:f9:a0:9b:76:f3:
9c:0c:1f:21:ed:17:02:d2:ef:49:6c:e6:96:f2:31:
1d:ab:3f:a4:60:21:9b:7d:e5:48:38:25:de:08:30:
a7:80:e9:b9:d6:84:79:b5:85:0c:c8:65:53:cf:bb:
79:07:37:dc:6d:2e:7c:41:26:85:b0:d1:a6:b5:6f:
72:53:16:60:71:48:99:d5:79:66:3f:e4:5b:68:11:
09:69:99:f1:6f:e0:d5:eb:08:8c:0f:06:d3:11:65:
5f:6a:03:23:85:91:fd:e7:ea:6e:d4:94:f6:ab:51:
27:79:f3:48:a2:a3:bb:c5:dd:03:50:23:de:bb:ca:
67:f2:35:88:32:c6:0c:27:4a:c9:4f:ea:86:9c:6f:
c1:3c:7d:2e:71:49:4f:dc:cc:02:56:22:bf:6f:57:
71:83:16:f1:5a:df:bb:9c:dd:c9:3e:b2:ed:5f:3c:
d4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:34:FB:B0:90:CA:23:EE:0F:0F:07:0D:7D:CD:30:49:CC:8C:4B:45
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DFE7C06A5C1611EEAD14B1624AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.167.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:7e:aa:5d:5b:56:80:51:b0:51:35:09:1a:4a:b0:86:07:bd:
cd:47:cd:35:f6:83:85:ed:21:aa:f7:ed:63:b4:c1:db:d8:81:
78:4d:8a:44:12:2c:87:90:ec:f0:32:9f:63:e6:67:c6:f3:fe:
8d:7f:77:6b:44:c7:de:db:6b:d8:b6:39:fc:5c:39:62:3f:03:
06:ed:2f:ba:15:e2:36:ae:9a:13:db:3b:6f:dd:7d:ad:ea:5b:
ea:ef:5b:a0:0b:1c:b5:98:43:ef:2a:d8:30:1f:98:33:9a:63:
6d:46:77:03:2e:d0:95:4d:16:79:17:19:5a:13:97:6a:6e:10:
0d:2e:c2:91:99:71:76:d3:91:38:d4:60:75:81:69:b1:0f:f3:
92:df:aa:31:30:33:5d:54:b0:e2:85:99:89:32:07:8a:f6:70:
25:6b:99:97:26:0f:81:50:7a:3c:fe:53:d3:fb:eb:49:cc:80:
15:21:4e:4e:c4:d4:a9:cf:45:e2:ea:a2:90:b3:b6:6f:43:cb:
5c:79:f8:74:e6:ef:cf:2b:c8:ae:34:f6:8b:f0:56:45:ff:dc:
b9:70:c9:89:00:cb:af:85:c3:e3:34:c4:c9:3c:29:5e:77:39:
e8:53:71:18:05:85:c5:ab:b0:da:9c:c2:57:48:22:97:9e:ae:
48:25:2a:aa
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEnwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA5MjYwMjQ2MThaFw0yNDA5MjUwMjQ2MThaMBgxFjAU
BgNVBAMTDTY1MTI0NWZkLTk5NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCjtgt0wmMi8WJW7SnNbrU/itGnUXAGTgE76NJ+OOHFRBzAJ97oD9STRqy2
rd0AeWf5n0DhBLsdBSQJkBdrtYVA54By2aOe5rzA4sLtBjoKrqyZS5f5oJt285wM
HyHtFwLS70ls5pbyMR2rP6RgIZt95Ug4Jd4IMKeA6bnWhHm1hQzIZVPPu3kHN9xt
LnxBJoWw0aa1b3JTFmBxSJnVeWY/5FtoEQlpmfFv4NXrCIwPBtMRZV9qAyOFkf3n
6m7UlParUSd580iio7vF3QNQI967ymfyNYgyxgwnSslP6oacb8E8fS5xSU/czAJW
Ir9vV3GDFvFa37uc3ck+su1fPNQLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUtDT7
sJDKI+4PDwcNfc0wScyMS0UwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RGRTdDMDZBNUMxNjExRUVBRDE0QjE2MjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEKcwDQYJKoZIhvcNAQEL
BQADggEBABt+ql1bVoBRsFE1CRpKsIYHvc1HzTX2g4XtIar37WO0wdvYgXhNikQS
LIeQ7PAyn2PmZ8bz/o1/d2tEx97ba9i2OfxcOWI/AwbtL7oV4jaumhPbO2/dfa3q
W+rvW6ALHLWYQ+8q2DAfmDOaY21GdwMu0JVNFnkXGVoTl2puEA0uwpGZcXbTkTjU
YHWBabEP85LfqjEwM11UsOKFmYkyB4r2cCVrmZcmD4FQejz+U9P760nMgBUhTk7E
1KnPReLqopCztm9Dy1x5+HTm788ryK409ovwVkX/3LlwyYkAy6+Fw+M0xMk8KV53
OehTcRgFhcWrsNqcwldIIpeerkglKqo=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:46:02 2025 by rpki-client