Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/16CE8FB2BB7711EF8823988F762E951A.roa
File: 16CE8FB2BB7711EF8823988F762E951A.roa (raw, json)
Hash identifier: xmiP/6fnLndq8AvlSMtIvVFrAq4EE2hHedSGbomRCvk=
Subject key identifier: 9B:5D:88:22:C2:12:5E:13:32:66:76:C8:C6:C4:40:A4:06:C3:F1:97
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011B84
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/16CE8FB2BB7711EF8823988F762E951A.roa
Signing time: Mon 16 Dec 2024 06:29:23 +0000
ROA not before: Mon 16 Dec 2024 06:29:19 +0000
ROA not after: Thu 23 Jan 2025 06:29:19 +0000
asID: 174
IP address blocks: 154.214.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72580 (0x11b84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 16 06:29:19 2024 GMT
Not After : Jan 23 06:29:19 2025 GMT
Subject: CN=675fc8c3-1c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3b:dc:f8:65:b4:24:44:e3:fe:1a:6e:17:c7:
0e:c8:60:d2:e6:61:9b:1d:8c:50:36:2b:86:4c:8e:
37:09:80:a3:0c:74:05:5e:39:c8:91:50:f0:84:9c:
af:5c:b7:08:0d:53:9c:e1:88:bb:f4:fe:c4:52:8c:
cb:ef:9d:50:0a:83:9b:19:f9:bb:12:07:4f:39:a7:
52:94:9b:8d:33:40:92:21:14:27:70:e4:07:5f:e3:
81:c3:97:df:e0:a5:00:5a:f2:6f:93:8a:60:b6:84:
2f:78:6c:78:0c:94:ac:21:c5:fd:8e:5f:2c:17:b8:
d0:c8:9d:b6:9f:76:c3:af:bc:d4:c8:26:d6:10:2a:
b7:66:b5:29:f7:1e:8d:48:62:8b:61:0e:e3:c7:5b:
53:04:89:ec:35:b8:9c:43:1e:79:0e:d7:7e:57:66:
84:d8:c3:46:b4:8d:ca:50:d1:0a:9e:33:f6:9a:50:
50:4a:4e:13:a9:c0:1d:98:db:f1:f4:42:5f:3a:ea:
67:db:88:b5:4c:03:c2:ed:29:47:25:04:49:f4:0d:
b3:01:0a:f2:e3:1b:63:04:5d:39:06:cd:0b:27:82:
b9:a1:37:50:a1:8e:3f:da:78:b4:f6:3f:8b:1f:c3:
c1:69:97:61:28:e2:67:44:bc:38:4b:60:fc:d2:92:
da:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:5D:88:22:C2:12:5E:13:32:66:76:C8:C6:C4:40:A4:06:C3:F1:97
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/16CE8FB2BB7711EF8823988F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.0.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:cc:f5:2d:26:c7:0e:d7:2b:c7:fd:f4:1c:0a:fe:d0:7c:7f:
50:2d:85:4c:8c:7a:15:55:aa:5f:a9:15:87:86:86:9b:35:72:
fb:14:05:88:ba:ea:b1:f1:db:fc:73:60:20:a7:a4:c9:89:f0:
87:79:eb:a3:89:59:09:b1:08:c2:7c:95:d4:c1:65:32:c5:f3:
07:2c:3a:e4:73:29:0e:6b:ae:70:8c:91:1f:20:48:46:4f:bf:
3e:85:7f:9f:97:24:a4:33:53:ca:ea:b4:06:08:29:16:14:ac:
be:3a:c4:09:79:64:8b:bb:41:ee:61:ca:3f:6f:9f:40:e1:f1:
87:9c:c7:7e:f8:46:fe:c7:ec:61:06:17:4e:9e:02:8c:c7:53:
87:f2:06:64:2c:2a:98:bb:29:cb:6b:ba:14:6a:9c:b4:0a:8c:
3b:09:8f:36:52:84:d5:3d:f6:93:e6:e7:ac:bc:5b:5d:f5:8a:
91:07:c0:c3:4c:8a:ea:06:15:6c:66:fb:f6:b2:0d:9d:f5:5a:
51:96:d5:49:48:f9:a4:2a:e1:32:7e:a9:67:3d:5e:19:1c:ed:
13:a2:c1:51:08:a8:5e:52:4a:87:f3:59:9c:86:0c:d9:cf:d2:
f1:aa:9b:b3:aa:fa:6b:f4:94:5f:98:d7:42:3a:9c:4c:60:bf:
ee:4c:b8:2f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARuEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjE2MDYyOTE5WhcNMjUwMTIzMDYyOTE5WjAYMRYw
FAYDVQQDEw02NzVmYzhjMy0xYzc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAujvc+GW0JETj/hpuF8cOyGDS5mGbHYxQNiuGTI43CYCjDHQFXjnIkVDw
hJyvXLcIDVOc4Yi79P7EUozL751QCoObGfm7EgdPOadSlJuNM0CSIRQncOQHX+OB
w5ff4KUAWvJvk4pgtoQveGx4DJSsIcX9jl8sF7jQyJ22n3bDr7zUyCbWECq3ZrUp
9x6NSGKLYQ7jx1tTBInsNbicQx55Dtd+V2aE2MNGtI3KUNEKnjP2mlBQSk4TqcAd
mNvx9EJfOupn24i1TAPC7SlHJQRJ9A2zAQry4xtjBF05Bs0LJ4K5oTdQoY4/2ni0
9j+LH8PBaZdhKOJnRLw4S2D80pLajwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJtd
iCLCEl4TMmZ2yMbEQKQGw/GXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNkNFOEZCMkJCNzcxMUVGODgyMzk4OEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtYAMA0GCSqGSIb3DQEB
CwUAA4IBAQCPzPUtJscO1yvH/fQcCv7QfH9QLYVMjHoVVapfqRWHhoabNXL7FAWI
uuqx8dv8c2Agp6TJifCHeeujiVkJsQjCfJXUwWUyxfMHLDrkcykOa65wjJEfIEhG
T78+hX+flySkM1PK6rQGCCkWFKy+OsQJeWSLu0HuYco/b59A4fGHnMd++Eb+x+xh
BhdOngKMx1OH8gZkLCqYuynLa7oUapy0Cow7CY82UoTVPfaT5uesvFtd9YqRB8DD
TIrqBhVsZvv2sg2d9VpRltVJSPmkKuEyfqlnPV4ZHO0TosFRCKheUkqH81mchgzZ
z9Lxqpuzqvpr9JRfmNdCOpxMYL/uTLgv
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:43:35 2025 by rpki-client