Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0672654E14B111EEA31141344AD9E6FC.roa
File: 0672654E14B111EEA31141344AD9E6FC.roa (raw, json)
Hash identifier: QFRWes0DdZqbhQTGaS8zgZgw19IT5lchJNi+AH6FiLU=
Subject key identifier: 7A:EA:39:F9:A2:A0:67:16:98:3B:C7:CF:6B:52:71:E8:42:42:E0:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 2DBA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0672654E14B111EEA31141344AD9E6FC.roa
Signing time: Tue 27 Jun 2023 06:08:25 +0000
ROA not before: Tue 27 Jun 2023 06:08:21 +0000
ROA not after: Wed 01 May 2024 06:08:21 +0000
asID: 140227
IP address blocks: 154.86.16.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11706 (0x2dba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 27 06:08:21 2023 GMT
Not After : May 1 06:08:21 2024 GMT
Subject: CN=649a7cd8-c27d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9d:fd:54:62:d7:f2:e7:85:1f:90:c7:b2:0b:
bd:cd:bb:cb:cf:a2:9f:37:bb:f7:5b:ba:12:2c:d8:
1e:9b:1d:11:b7:b1:3d:fe:94:e7:99:40:5e:03:60:
5a:43:d4:9a:54:5f:d8:74:5a:be:49:28:ad:c2:7f:
fd:92:28:13:bc:45:42:f9:1e:f3:81:2a:3f:f4:64:
97:ed:b1:c7:3b:32:65:4e:42:92:58:a3:ac:04:61:
2c:dc:25:f5:f1:8a:84:2b:9a:b9:a9:32:58:54:6a:
83:e1:af:bd:0f:3c:55:f0:f9:f8:51:40:ef:34:78:
14:8e:5b:f4:1d:6d:66:df:51:fe:fa:f8:41:e8:63:
e1:ce:f8:31:70:e6:69:41:6e:67:fb:37:33:fb:bc:
ff:1d:6e:7c:5a:1f:d9:2b:87:d5:f0:29:08:f9:24:
eb:77:dd:05:2b:d3:8e:6d:6b:87:49:3b:e7:04:85:
14:ae:7c:4d:ac:d8:dc:4b:5c:41:3f:9d:7f:a6:41:
81:f0:7e:3d:b0:95:a5:25:c5:50:24:e7:d0:9b:df:
d4:f9:0b:34:84:9c:0c:3f:ae:65:a2:d8:1e:a3:7d:
d3:bd:68:e9:11:8a:04:63:27:82:76:23:19:5f:4d:
60:47:43:ad:52:11:eb:5a:13:a5:b5:53:90:16:97:
06:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:EA:39:F9:A2:A0:67:16:98:3B:C7:CF:6B:52:71:E8:42:42:E0:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0672654E14B111EEA31141344AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.16.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:e7:40:64:92:27:5c:4b:b2:69:88:8f:d6:46:ed:5a:ba:28:
f3:be:54:33:fb:0c:10:7d:be:80:c5:fd:6c:d2:26:5a:a6:c5:
15:ce:87:1a:f6:1b:91:36:6a:17:38:28:40:ae:df:1e:16:48:
cc:f4:6b:63:1e:7d:8b:33:6c:0f:d6:e0:fd:cf:41:0c:83:d1:
5d:bd:68:00:01:cc:e3:4c:56:fb:59:cb:77:8d:cd:4a:04:74:
ea:e4:20:f2:9e:e9:ae:77:bd:54:21:0f:d7:51:72:b5:ea:0b:
7e:c9:42:7b:d5:79:40:54:49:d9:e9:aa:5b:64:b6:92:c8:8d:
d8:c0:2d:2c:64:de:04:c3:96:e0:8a:42:8a:f1:e3:4b:71:24:
30:82:cf:f5:5b:cf:88:a4:4c:a9:a5:01:57:ed:49:7a:e6:95:
c5:81:e7:71:bd:4b:09:0e:9e:19:ec:a7:f6:46:3f:f4:0e:aa:
86:96:86:bb:2b:52:3a:dd:dc:3b:37:38:4b:8a:40:5e:1e:16:
17:4c:d7:fe:ec:50:63:3a:5a:a6:31:81:7c:9c:30:41:72:43:
f8:04:d7:34:d5:38:f3:91:95:9d:9b:91:e4:89:41:1c:3e:ee:
e6:1c:78:3c:cb:da:99:b5:87:dd:b9:ae:27:67:cc:ba:86:f8:
14:72:0f:5e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICLbowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA2MjcwNjA4MjFaFw0yNDA1MDEwNjA4MjFaMBgxFjAU
BgNVBAMTDTY0OWE3Y2Q4LWMyN2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6nf1UYtfy54UfkMeyC73Nu8vPop83u/dbuhIs2B6bHRG3sT3+lOeZQF4D
YFpD1JpUX9h0Wr5JKK3Cf/2SKBO8RUL5HvOBKj/0ZJftscc7MmVOQpJYo6wEYSzc
JfXxioQrmrmpMlhUaoPhr70PPFXw+fhRQO80eBSOW/QdbWbfUf76+EHoY+HO+DFw
5mlBbmf7NzP7vP8dbnxaH9krh9XwKQj5JOt33QUr045ta4dJO+cEhRSufE2s2NxL
XEE/nX+mQYHwfj2wlaUlxVAk59Cb39T5CzSEnAw/rmWi2B6jfdO9aOkRigRjJ4J2
IxlfTWBHQ61SEetaE6W1U5AWlwZjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUeuo5
+aKgZxaYO8fPa1Jx6EJC4PowHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzA2NzI2NTRFMTRCMTExRUVBMzExNDEzNDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaVhAwDQYJKoZIhvcNAQEL
BQADggEBACznQGSSJ1xLsmmIj9ZG7Vq6KPO+VDP7DBB9voDF/WzSJlqmxRXOhxr2
G5E2ahc4KECu3x4WSMz0a2MefYszbA/W4P3PQQyD0V29aAABzONMVvtZy3eNzUoE
dOrkIPKe6a53vVQhD9dRcrXqC37JQnvVeUBUSdnpqltktpLIjdjALSxk3gTDluCK
Qorx40txJDCCz/Vbz4ikTKmlAVftSXrmlcWB53G9SwkOnhnsp/ZGP/QOqoaWhrsr
Ujrd3Ds3OEuKQF4eFhdM1/7sUGM6WqYxgXycMEFyQ/gE1zTVOPORlZ2bkeSJQRw+
7uYceDzL2pm1h925ridnzLqG+BRyD14=
-----END CERTIFICATE-----
Generated at Wed May 1 15:29:50 2024 by rpki-client on console-fra.rpki-client.org