Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1007DFEEE47211EEBB68D26A775412E6.roa
File: 1007DFEEE47211EEBB68D26A775412E6.roa (raw, json)
Hash identifier: cqc3f3aganefUIcwMiHafu/vt198/4zvFRmaiGDByR4=
Subject key identifier: 4D:12:1A:F4:60:A4:DE:B2:8F:0F:42:F2:16:6D:03:6E:05:84:C7:5B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A22B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1007DFEEE47211EEBB68D26A775412E6.roa
Signing time: Sun 17 Mar 2024 15:21:44 +0000
ROA not before: Sun 17 Mar 2024 15:21:41 +0000
ROA not after: Tue 30 Apr 2024 15:21:41 +0000
asID: 63139
IP address blocks: 154.94.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41515 (0xa22b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 17 15:21:41 2024 GMT
Not After : Apr 30 15:21:41 2024 GMT
Subject: CN=65f70a88-3c08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c7:35:fc:2c:f0:d4:2e:96:1f:ab:a8:db:b8:
7d:5f:15:97:cf:49:48:da:95:e2:f4:7e:09:fe:40:
bb:58:d3:45:a4:90:6b:37:a6:c8:3a:81:aa:89:55:
de:6c:e0:98:93:98:84:1e:1f:bb:90:07:66:c7:6e:
72:e0:cf:53:2f:00:63:99:43:22:0e:b3:a9:45:72:
9c:70:c2:6a:00:f1:f6:75:3d:cb:f5:9f:1d:3e:0d:
6d:ec:f1:29:be:ca:5c:92:94:88:2d:92:4c:be:5c:
69:21:f3:62:4d:cb:14:81:03:f1:48:08:a5:6a:f3:
b2:6b:47:75:fb:90:d9:14:d6:6d:37:42:b1:f8:71:
a4:3b:eb:4d:22:a0:00:ed:47:b7:64:33:65:d5:08:
ed:68:9e:cc:3a:aa:a6:aa:cc:3c:a2:06:23:c7:8d:
87:71:eb:8f:0a:9a:fa:62:43:14:99:75:67:fe:f9:
43:dc:d1:a8:61:e0:42:ed:ab:9c:01:35:7f:b8:c9:
9e:55:3e:e3:f7:c9:ec:d0:01:34:a2:b8:ea:8e:e4:
5f:b3:ca:03:52:0d:f9:1f:02:40:33:38:e3:0a:01:
29:51:24:83:93:d2:33:7a:64:78:dd:42:44:74:6d:
f3:7b:8a:35:3c:39:78:14:c9:d3:e7:b1:50:10:b6:
5f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:12:1A:F4:60:A4:DE:B2:8F:0F:42:F2:16:6D:03:6E:05:84:C7:5B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1007DFEEE47211EEBB68D26A775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.75.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:a8:fe:a5:69:b2:54:19:13:b4:3e:e3:ef:31:44:b3:f1:dd:
a7:ea:81:fa:3e:1d:b0:4d:a4:1c:d1:a3:67:3e:bc:53:55:44:
6f:77:db:39:7f:f7:a8:cf:45:3c:81:3a:9e:0c:49:f6:3a:29:
06:93:72:02:29:91:29:81:a6:9f:a6:ca:16:ec:81:9e:99:1f:
db:9a:05:8c:6c:a8:92:8e:7a:ce:b9:60:c0:c0:7b:54:bf:de:
ce:2b:55:83:78:7a:41:b8:fc:05:16:bf:9e:03:d7:b4:ef:cb:
ac:08:eb:c3:4d:00:93:3f:cf:66:55:27:53:a6:ff:65:40:3c:
77:71:10:aa:ae:63:66:34:72:ff:98:24:43:e3:3d:f8:ce:cc:
6b:26:ae:bf:f1:83:47:63:e3:78:22:ac:67:86:32:5e:ce:d7:
97:c6:1f:8f:9e:20:65:67:75:a5:ed:62:da:0c:ca:01:b5:e8:
53:15:b0:f6:90:20:09:ed:14:df:6e:a5:ca:8a:64:23:1c:88:
81:cd:9c:cc:0c:d1:7e:61:57:02:83:1c:7f:ef:54:64:a5:f6:
2c:3f:d9:e3:38:e4:24:1b:5a:66:39:52:be:1f:22:c3:b0:e6:
03:ba:a6:a7:e2:35:d0:35:f9:54:1c:4f:b2:2b:5e:80:47:7e:
dd:1e:85:cf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKIrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzE3MTUyMTQxWhcNMjQwNDMwMTUyMTQxWjAYMRYw
FAYDVQQDEw02NWY3MGE4OC0zYzA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo8c1/Czw1C6WH6uo27h9XxWXz0lI2pXi9H4J/kC7WNNFpJBrN6bIOoGq
iVXebOCYk5iEHh+7kAdmx25y4M9TLwBjmUMiDrOpRXKccMJqAPH2dT3L9Z8dPg1t
7PEpvspckpSILZJMvlxpIfNiTcsUgQPxSAilavOya0d1+5DZFNZtN0Kx+HGkO+tN
IqAA7Ue3ZDNl1QjtaJ7MOqqmqsw8ogYjx42HceuPCpr6YkMUmXVn/vlD3NGoYeBC
7aucATV/uMmeVT7j98ns0AE0orjqjuRfs8oDUg35HwJAMzjjCgEpUSSDk9IzemR4
3UJEdG3ze4o1PDl4FMnT57FQELZfIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE0S
GvRgpN6yjw9C8hZtA24FhMdbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMDA3REZFRUU0NzIxMUVFQkI2OEQyNkE3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml5LMA0GCSqGSIb3DQEB
CwUAA4IBAQC7qP6labJUGRO0PuPvMUSz8d2n6oH6Ph2wTaQc0aNnPrxTVURvd9s5
f/eoz0U8gTqeDEn2OikGk3ICKZEpgaafpsoW7IGemR/bmgWMbKiSjnrOuWDAwHtU
v97OK1WDeHpBuPwFFr+eA9e078usCOvDTQCTP89mVSdTpv9lQDx3cRCqrmNmNHL/
mCRD4z34zsxrJq6/8YNHY+N4IqxnhjJezteXxh+PniBlZ3Wl7WLaDMoBtehTFbD2
kCAJ7RTfbqXKimQjHIiBzZzMDNF+YVcCgxx/71RkpfYsP9njOOQkG1pmOVK+HyLD
sOYDuqan4jXQNflUHE+yK16AR37dHoXP
-----END CERTIFICATE-----
Generated at Wed May 1 02:40:36 2024 by rpki-client on console-fra.rpki-client.org