Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0585097CFAE611EEBB3C4E4C017001B1.roa
File: 0585097CFAE611EEBB3C4E4C017001B1.roa (raw, json)
Hash identifier: niHJv1Nyy0SGSKOK5PWzV1/GfSXeoDSWFEu5V+eWY50=
Subject key identifier: D2:87:FB:F1:56:0E:63:40:D5:0B:97:8A:24:DB:10:FC:DC:C6:81:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AC74
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0585097CFAE611EEBB3C4E4C017001B1.roa
Signing time: Mon 15 Apr 2024 05:07:14 +0000
ROA not before: Mon 15 Apr 2024 05:07:10 +0000
ROA not after: Thu 25 Apr 2024 05:07:10 +0000
asID: 39600
IP address blocks: 154.94.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44148 (0xac74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 05:07:10 2024 GMT
Not After : Apr 25 05:07:10 2024 GMT
Subject: CN=661cb602-a1e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a3:4c:24:a9:82:bf:93:b2:fc:69:6e:ef:8a:
da:9c:3a:8c:52:f8:67:2e:04:1f:f7:09:2f:f5:00:
a6:12:05:b5:a6:a5:8d:cb:13:9d:cd:cf:39:70:c6:
8e:40:7d:b6:04:cd:02:a8:ed:9c:9c:c1:f6:ac:12:
2f:b0:7a:1d:d6:ac:4c:8c:53:08:32:f7:74:f1:6d:
9f:ce:00:d0:7f:09:4c:0e:61:d5:7d:f8:17:1f:9f:
01:ef:da:d0:c1:70:37:f5:76:01:b4:e9:c3:cd:8b:
aa:a0:4f:41:af:01:ef:3c:05:d4:17:21:87:35:65:
67:91:d9:35:68:cb:b0:bf:29:14:dd:64:a4:8b:3a:
53:25:43:91:8c:c8:a9:d4:6d:31:fd:c0:0e:f7:a7:
61:33:78:a8:c2:96:e5:d9:1a:c7:82:ad:74:cb:34:
dd:98:d9:be:8d:89:8a:d6:0f:8b:33:5f:17:f1:82:
a6:70:e3:39:6b:bb:fd:09:5b:5a:0a:a5:12:dc:9f:
c4:1e:ea:96:16:f2:53:d3:2b:9d:ac:89:74:ed:20:
49:72:90:4d:3f:65:fc:b7:8b:ab:ed:21:ea:c5:70:
1e:d7:39:a5:06:51:06:75:de:56:18:df:46:84:ad:
72:01:cf:2f:55:0f:d0:67:45:ec:3e:4b:f9:b7:df:
6d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:87:FB:F1:56:0E:63:40:D5:0B:97:8A:24:DB:10:FC:DC:C6:81:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0585097CFAE611EEBB3C4E4C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.61.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:94:93:af:f2:5a:56:ae:c0:91:6d:c6:16:10:47:f0:62:9c:
ba:97:40:2d:c8:73:23:a4:e4:11:26:4e:8e:4b:7e:1e:cc:8d:
bc:30:2b:95:58:9c:f0:19:5d:29:0e:6a:34:4f:cd:f0:ea:97:
86:d1:f5:5b:d1:1a:d1:eb:32:94:75:7c:d4:b8:b0:f1:8e:23:
ee:4b:ff:86:0a:0f:af:fa:1d:b6:57:ef:c1:34:78:a7:46:02:
43:4f:88:49:b5:a3:0c:50:8c:75:7a:26:36:55:ca:d3:b8:4a:
51:7c:e5:69:65:f7:2f:33:e9:23:91:8c:d9:c0:73:00:9a:92:
68:49:d4:03:01:28:9b:81:7b:95:d8:60:2b:0d:57:a1:1b:35:
51:d8:ef:dc:2c:7b:d8:6f:69:1b:40:8a:b8:94:12:e0:3e:24:
48:85:78:4f:cb:60:f3:45:93:e7:ef:55:f3:b1:28:55:fc:6e:
7e:4d:26:d3:00:10:b4:d2:11:4e:f6:c3:d8:60:88:61:30:4a:
62:0b:f9:ce:ff:49:57:6d:72:60:c4:a6:67:a9:64:85:c5:39:
35:50:e6:ca:9e:4d:7a:1f:00:c4:ce:34:37:86:b4:12:ad:ca:
a8:9b:ab:39:c3:e9:64:a5:70:29:44:97:5d:6d:8a:38:0b:9d:
e9:72:dc:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKx0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDUwNzEwWhcNMjQwNDI1MDUwNzEwWjAYMRYw
FAYDVQQDEw02NjFjYjYwMi1hMWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv6NMJKmCv5Oy/Glu74ranDqMUvhnLgQf9wkv9QCmEgW1pqWNyxOdzc85
cMaOQH22BM0CqO2cnMH2rBIvsHod1qxMjFMIMvd08W2fzgDQfwlMDmHVffgXH58B
79rQwXA39XYBtOnDzYuqoE9BrwHvPAXUFyGHNWVnkdk1aMuwvykU3WSkizpTJUOR
jMip1G0x/cAO96dhM3iowpbl2RrHgq10yzTdmNm+jYmK1g+LM18X8YKmcOM5a7v9
CVtaCqUS3J/EHuqWFvJT0yudrIl07SBJcpBNP2X8t4ur7SHqxXAe1zmlBlEGdd5W
GN9GhK1yAc8vVQ/QZ0XsPkv5t99tcwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNKH
+/FWDmNA1QuXiiTbEPzcxoH+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNTg1MDk3Q0ZBRTYxMUVFQkIzQzRFNEMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml49MA0GCSqGSIb3DQEB
CwUAA4IBAQC5lJOv8lpWrsCRbcYWEEfwYpy6l0AtyHMjpOQRJk6OS34ezI28MCuV
WJzwGV0pDmo0T83w6peG0fVb0RrR6zKUdXzUuLDxjiPuS/+GCg+v+h22V+/BNHin
RgJDT4hJtaMMUIx1eiY2VcrTuEpRfOVpZfcvM+kjkYzZwHMAmpJoSdQDASibgXuV
2GArDVehGzVR2O/cLHvYb2kbQIq4lBLgPiRIhXhPy2DzRZPn71XzsShV/G5+TSbT
ABC00hFO9sPYYIhhMEpiC/nO/0lXbXJgxKZnqWSFxTk1UObKnk16HwDEzjQ3hrQS
rcqom6s5w+lkpXApRJddbYo4C53pctyE
-----END CERTIFICATE-----
Generated at Thu Apr 25 09:50:18 2024 by rpki-client on console-fra.rpki-client.org