Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13B495C6F70311EE8EA0A877775412E6.roa
File: 13B495C6F70311EE8EA0A877775412E6.roa (raw, json)
Hash identifier: /7VfuKbWgljl0cb59eGWgySBnotbUHa+IoNk7VbzJ2Q=
Subject key identifier: C2:46:79:02:06:20:9F:96:94:87:9A:90:9F:5F:53:4B:0C:FE:D6:54
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AAB8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13B495C6F70311EE8EA0A877775412E6.roa
Signing time: Wed 10 Apr 2024 06:25:08 +0000
ROA not before: Wed 10 Apr 2024 06:25:05 +0000
ROA not after: Wed 01 May 2024 06:25:05 +0000
asID: 44559
IP address blocks: 154.203.248.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43704 (0xaab8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 10 06:25:05 2024 GMT
Not After : May 1 06:25:05 2024 GMT
Subject: CN=661630c4-d319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fa:35:cc:2a:3d:d6:ae:da:4c:37:4b:d2:1a:
7a:98:4c:5e:29:95:b4:4f:ea:4b:0f:29:ac:6b:36:
fc:32:8c:ec:de:8f:26:cc:2d:88:10:d6:62:50:d1:
bd:16:59:df:eb:66:32:89:85:96:f3:4d:ec:63:e7:
d0:1b:07:7a:0e:0b:94:76:59:4d:a2:62:54:b6:c1:
74:cd:fa:58:ec:d5:6a:63:4d:6f:8c:86:56:62:88:
ff:fd:41:d6:0e:92:17:09:9b:60:fb:ce:b5:65:d9:
ba:eb:eb:4c:de:08:06:ef:5a:04:93:ca:cb:4d:3b:
4c:d8:7e:6a:76:17:c1:72:a6:6a:6b:11:ef:ce:00:
1a:e4:34:14:cf:84:70:42:82:4c:7c:94:42:b2:6e:
7a:06:96:cd:1d:58:12:ab:d9:38:be:04:d4:0a:5e:
55:1a:3c:97:cf:9e:de:7d:12:73:6a:e1:5d:a1:19:
b1:3c:f1:7b:d7:03:01:14:7a:a2:32:aa:b1:79:df:
15:ea:0e:25:7f:3d:42:d0:71:5e:b6:0f:f8:b8:21:
43:57:94:d2:e6:36:6c:57:d9:48:aa:5d:1a:7c:5e:
15:88:92:87:be:8f:fb:bb:4b:02:9b:6d:13:eb:3a:
1e:11:45:1c:34:27:41:4c:36:82:a7:05:42:15:1f:
dc:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:46:79:02:06:20:9F:96:94:87:9A:90:9F:5F:53:4B:0C:FE:D6:54
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13B495C6F70311EE8EA0A877775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.248.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:04:9d:67:6e:40:70:1e:08:4e:02:d7:bf:b4:0b:6c:b4:26:
9e:97:08:90:54:84:68:23:17:ea:1e:da:9e:1d:8a:5f:a9:fb:
76:74:5e:62:65:48:37:c0:08:d0:a9:f2:0a:70:a9:b8:11:81:
5d:0d:fa:cf:02:18:b4:e7:b0:a2:6e:43:4a:d7:fc:48:51:0c:
10:2d:fd:63:d6:1e:1f:75:1f:0e:9c:de:74:93:f2:1d:9f:2c:
89:94:bb:b1:1b:2c:03:d2:a4:74:ce:6e:60:92:78:96:16:0b:
0d:3c:f3:89:2b:cf:2a:a7:7f:a7:5b:15:23:3c:29:f6:08:a6:
da:f7:fa:b2:4d:30:51:fd:93:f8:2c:f0:a1:7b:f4:10:6c:82:
93:84:e2:fd:9f:a5:a4:c9:e4:b7:5a:f8:69:a9:97:0a:2a:a5:
4b:d3:62:06:0d:8d:9e:97:05:7d:f7:07:62:e3:32:5a:e7:4d:
48:c7:0a:7f:bc:74:c5:9b:13:32:91:a0:7a:47:d1:3a:5e:14:
36:5b:f6:71:05:4c:5e:b3:74:dc:4a:a1:13:97:74:a3:36:7e:
92:7b:9e:5c:d6:d6:6d:ca:62:ff:c1:5b:7c:94:dc:55:e6:64:
68:35:84:0d:5e:ea:bc:46:47:58:0d:ec:f9:d0:c6:87:3a:14:
1c:a7:b6:a6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKq4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDEwMDYyNTA1WhcNMjQwNTAxMDYyNTA1WjAYMRYw
FAYDVQQDEw02NjE2MzBjNC1kMzE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw/o1zCo91q7aTDdL0hp6mExeKZW0T+pLDymsazb8Mozs3o8mzC2IENZi
UNG9Flnf62YyiYWW803sY+fQGwd6DguUdllNomJUtsF0zfpY7NVqY01vjIZWYoj/
/UHWDpIXCZtg+861Zdm66+tM3ggG71oEk8rLTTtM2H5qdhfBcqZqaxHvzgAa5DQU
z4RwQoJMfJRCsm56BpbNHVgSq9k4vgTUCl5VGjyXz57efRJzauFdoRmxPPF71wMB
FHqiMqqxed8V6g4lfz1C0HFetg/4uCFDV5TS5jZsV9lIql0afF4ViJKHvo/7u0sC
m20T6zoeEUUcNCdBTDaCpwVCFR/cKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMJG
eQIGIJ+WlIeakJ9fU0sM/tZUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xM0I0OTVDNkY3MDMxMUVFOEVBMEE4Nzc3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsv4MA0GCSqGSIb3DQEB
CwUAA4IBAQArBJ1nbkBwHghOAte/tAtstCaelwiQVIRoIxfqHtqeHYpfqft2dF5i
ZUg3wAjQqfIKcKm4EYFdDfrPAhi057CibkNK1/xIUQwQLf1j1h4fdR8OnN50k/Id
nyyJlLuxGywD0qR0zm5gkniWFgsNPPOJK88qp3+nWxUjPCn2CKba9/qyTTBR/ZP4
LPChe/QQbIKThOL9n6WkyeS3WvhpqZcKKqVL02IGDY2elwV99wdi4zJa501Ixwp/
vHTFmxMykaB6R9E6XhQ2W/ZxBUxes3TcSqETl3SjNn6Se55c1tZtymL/wVt8lNxV
5mRoNYQNXuq8RkdYDez50MaHOhQcp7am
-----END CERTIFICATE-----
Generated at Wed May 1 12:38:37 2024 by rpki-client on console-ams.rpki-client.org