Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FEF2747A36C111EEB82A928B4AD9E6FC.roa
File: FEF2747A36C111EEB82A928B4AD9E6FC.roa (raw, json)
Hash identifier: VsKHIVCDiGo7+fPWj0ynyvv3cKsPly0ibTeXDVGPOto=
Subject key identifier: 04:E8:B8:0E:1A:A6:1C:07:30:D4:36:BF:8F:B6:DB:23:28:39:C8:E9
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1125
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FEF2747A36C111EEB82A928B4AD9E6FC.roa
Signing time: Wed 09 Aug 2023 14:35:33 +0000
ROA not before: Wed 09 Aug 2023 14:35:30 +0000
ROA not after: Tue 13 Aug 2024 14:35:30 +0000
asID: 834
IP address blocks: 154.16.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4389 (0x1125)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Aug 9 14:35:30 2023 GMT
Not After : Aug 13 14:35:30 2024 GMT
Subject: CN=64d3a435-22ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:80:58:9b:c4:d2:b8:fb:cb:b1:c4:0e:1f:d3:
f3:a9:a5:af:76:96:b1:a4:5b:e9:fa:5d:f1:0f:66:
f2:a0:78:2b:4a:d1:38:ab:6c:56:00:ac:b6:62:73:
58:94:e4:f6:95:a5:1f:5a:9c:40:15:ac:79:4d:28:
b5:a5:21:36:49:39:cb:21:43:fc:6d:bc:5d:3f:4a:
ca:2a:67:f0:a4:cd:ba:39:c1:7b:e0:76:89:d5:60:
46:e3:af:e1:2f:ee:cd:63:a1:6f:58:e2:bf:77:cb:
73:d8:b3:a9:ba:6f:00:36:79:c0:9d:5a:54:5f:4f:
7a:11:ce:3d:4b:f1:3e:ec:87:0c:bf:2a:88:29:ba:
61:66:10:8d:96:c6:f2:08:57:5a:14:c0:35:51:a0:
69:b5:57:86:88:f2:6f:ca:bc:a1:2e:b4:16:4b:47:
65:0d:fa:6a:aa:7b:53:81:da:2d:5e:51:22:5a:24:
b9:0f:11:4f:77:1a:d4:b7:35:af:af:a8:1d:2b:76:
d8:f4:c8:de:1c:46:7b:a8:78:e6:ab:0c:e1:61:04:
12:8a:3b:fe:03:c1:b6:b3:2d:e3:ad:3f:9c:9e:b4:
8e:b5:fb:ff:23:79:8e:da:58:14:df:5b:1a:dc:03:
40:b9:ea:27:3c:0e:5d:3c:db:7d:42:a8:b2:2e:91:
c9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E8:B8:0E:1A:A6:1C:07:30:D4:36:BF:8F:B6:DB:23:28:39:C8:E9
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FEF2747A36C111EEB82A928B4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.240.0/24
Signature Algorithm: sha256WithRSAEncryption
08:08:28:dd:99:13:75:d9:d3:63:6c:44:29:eb:0e:e6:6a:38:
3d:17:38:cc:05:91:3a:d0:b9:ad:a6:f6:bf:61:41:02:88:b3:
27:02:38:95:cc:ee:13:5f:f1:31:31:21:c0:7f:01:84:13:70:
57:4f:87:5b:e6:a9:7e:c4:90:b6:3e:b2:22:3d:bd:9e:39:84:
52:f7:c4:85:34:f3:e1:6a:4d:b7:2e:90:47:3c:ae:8b:a0:f0:
ec:dc:53:51:f6:f9:97:26:63:29:71:97:bf:64:e5:bc:36:05:
7d:f4:47:31:e1:7b:a4:c0:20:00:28:06:75:35:ec:f9:3f:21:
6c:b6:03:46:18:9c:57:49:ac:cd:2a:95:c3:04:da:34:a1:87:
08:a4:f7:d0:4d:ce:cf:ee:f5:ee:81:bd:87:b2:26:7c:99:74:
db:80:1b:6d:1d:75:03:20:72:cc:b9:00:d3:ba:17:b5:4d:60:
a1:a0:1e:f1:4a:42:de:1c:10:fc:ac:b4:30:cd:90:8d:fc:fc:
fe:59:25:84:c8:f3:86:f4:f1:1f:08:66:3c:b0:8f:a3:d2:9c:
50:e2:ed:c5:be:b2:75:5e:38:b1:44:fd:9b:da:3f:c5:02:ad:
66:46:23:2e:58:34:1b:a7:e4:f8:19:b6:ec:6f:09:b0:74:06:
17:cf:34:1f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICESUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MDkxNDM1MzBaFw0yNDA4MTMxNDM1MzBaMBgxFjAU
BgNVBAMTDTY0ZDNhNDM1LTIyZmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9gFibxNK4+8uxxA4f0/Oppa92lrGkW+n6XfEPZvKgeCtK0TirbFYArLZi
c1iU5PaVpR9anEAVrHlNKLWlITZJOcshQ/xtvF0/SsoqZ/Ckzbo5wXvgdonVYEbj
r+Ev7s1joW9Y4r93y3PYs6m6bwA2ecCdWlRfT3oRzj1L8T7shwy/KogpumFmEI2W
xvIIV1oUwDVRoGm1V4aI8m/KvKEutBZLR2UN+mqqe1OB2i1eUSJaJLkPEU93GtS3
Na+vqB0rdtj0yN4cRnuoeOarDOFhBBKKO/4DwbazLeOtP5yetI61+/8jeY7aWBTf
WxrcA0C56ic8Dl08231CqLIukcnXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUBOi4
DhqmHAcw1Da/j7bbIyg5yOkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0ZFRjI3NDdBMzZDMTExRUVCODJBOTI4QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPAwDQYJKoZIhvcNAQEL
BQADggEBAAgIKN2ZE3XZ02NsRCnrDuZqOD0XOMwFkTrQua2m9r9hQQKIsycCOJXM
7hNf8TExIcB/AYQTcFdPh1vmqX7EkLY+siI9vZ45hFL3xIU08+FqTbcukEc8roug
8OzcU1H2+ZcmYylxl79k5bw2BX30RzHhe6TAIAAoBnU17Pk/IWy2A0YYnFdJrM0q
lcME2jShhwik99BNzs/u9e6BvYeyJnyZdNuAG20ddQMgcsy5ANO6F7VNYKGgHvFK
Qt4cEPystDDNkI38/P5ZJYTI84b08R8IZjywj6PSnFDi7cW+snVeOLFE/ZvaP8UC
rWZGIy5YNBun5PgZtuxvCbB0BhfPNB8=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:43:33 2025 by rpki-client