Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18C02EEEE7EB11EE8A4266C3775412E6.roa
File: 18C02EEEE7EB11EE8A4266C3775412E6.roa (raw, json)
Hash identifier: hPiyrDrVNppSVxNtpsAsTu/SNQLLQBTD4B2ph8QLm20=
Subject key identifier: 4F:9A:A5:0E:17:2C:AB:BA:12:6C:F0:92:9F:8E:3B:D8:F4:37:12:6A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A5F0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18C02EEEE7EB11EE8A4266C3775412E6.roa
Signing time: Fri 22 Mar 2024 01:25:41 +0000
ROA not before: Fri 22 Mar 2024 01:25:38 +0000
ROA not after: Wed 24 Apr 2024 01:25:38 +0000
asID: 18779
IP address blocks: 154.203.60.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42480 (0xa5f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 22 01:25:38 2024 GMT
Not After : Apr 24 01:25:38 2024 GMT
Subject: CN=65fcde15-8652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3b:91:33:68:12:f2:7d:1f:c0:82:81:8b:66:
6f:12:e7:6e:7e:84:b9:43:cd:b2:06:79:37:2e:40:
ad:63:db:4b:2b:19:3a:03:3f:18:18:b3:1a:aa:dd:
6b:82:c2:13:5e:b0:06:97:bb:78:44:b2:bf:e9:c5:
f7:f0:9d:63:a1:21:87:ba:b9:15:b4:91:a5:91:64:
5b:79:37:55:72:8b:a4:2e:69:bd:04:1d:68:2d:2e:
13:7d:72:be:a7:47:85:30:de:70:87:5e:f5:a4:89:
4a:82:3d:2a:3f:89:b2:41:5f:93:bf:5c:b2:4c:e0:
50:c1:17:28:dd:3b:f2:9a:b7:36:98:c9:5d:2b:d9:
fa:91:14:b4:2d:bf:35:43:13:fb:19:f7:92:d3:ce:
05:53:8f:6a:ef:a7:fb:59:ba:0a:e7:e0:c8:91:fb:
ab:bf:0a:39:e7:77:1b:25:26:e3:34:59:7c:9f:3c:
a5:34:76:fa:96:6c:57:b0:54:25:f2:7f:bf:40:97:
55:90:9a:52:e2:a1:35:a0:dc:a0:13:87:24:9b:30:
60:11:5a:4c:a8:d7:c8:99:9a:68:20:74:3c:81:85:
e1:c1:d8:45:73:be:4a:f0:70:9f:6d:96:65:e9:26:
cb:57:c0:95:38:1c:5d:d4:0d:28:67:21:dd:9e:e3:
54:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:9A:A5:0E:17:2C:AB:BA:12:6C:F0:92:9F:8E:3B:D8:F4:37:12:6A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18C02EEEE7EB11EE8A4266C3775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.60.0/23
Signature Algorithm: sha256WithRSAEncryption
33:05:34:7a:44:e0:ee:1e:b1:93:82:7f:5a:86:9a:7b:80:7c:
ec:a9:8c:77:96:a9:1e:8b:14:b5:e7:6b:b3:e9:0d:cb:a0:69:
c6:db:17:8c:af:fc:a4:03:f8:14:cc:71:72:1e:9b:f6:7d:2f:
25:d7:b1:a0:be:ec:c3:e5:52:54:8f:4d:ce:5e:c6:af:63:27:
1c:80:6b:e9:a2:c0:23:0a:5a:e1:bb:ef:d0:ab:48:c6:ae:9f:
24:a7:98:4a:97:4e:b2:f6:11:1a:ca:a1:34:4b:9f:88:da:3b:
7f:07:fb:c3:0d:37:76:43:d8:03:5e:72:6b:72:fe:4b:b4:c5:
a5:30:78:86:12:34:0e:87:ab:10:9a:72:d5:a6:af:17:4c:9f:
18:54:fa:a0:56:d7:71:f6:6d:74:a9:dc:d5:23:46:51:9e:11:
22:0a:59:70:76:dd:cb:8b:2b:74:e2:88:8d:d2:9c:47:a9:18:
0d:cb:79:3f:d8:29:13:d4:85:1c:88:ef:3c:07:44:32:cc:3e:
06:62:a8:be:ee:4b:f3:c2:ce:92:9d:76:c4:82:1e:99:2a:54:
29:59:36:d0:0d:90:86:0e:2f:7f:3c:3e:01:83:dd:1e:55:2c:
5b:9f:9e:4c:0a:b0:86:9d:d1:8a:3b:9d:55:2c:3b:d0:ba:85:
c1:b6:b5:e3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKXwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzIyMDEyNTM4WhcNMjQwNDI0MDEyNTM4WjAYMRYw
FAYDVQQDEw02NWZjZGUxNS04NjUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvjuRM2gS8n0fwIKBi2ZvEudufoS5Q82yBnk3LkCtY9tLKxk6Az8YGLMa
qt1rgsITXrAGl7t4RLK/6cX38J1joSGHurkVtJGlkWRbeTdVcoukLmm9BB1oLS4T
fXK+p0eFMN5wh171pIlKgj0qP4myQV+Tv1yyTOBQwRco3Tvymrc2mMldK9n6kRS0
Lb81QxP7GfeS084FU49q76f7WboK5+DIkfurvwo553cbJSbjNFl8nzylNHb6lmxX
sFQl8n+/QJdVkJpS4qE1oNygE4ckmzBgEVpMqNfImZpoIHQ8gYXhwdhFc75K8HCf
bZZl6SbLV8CVOBxd1A0oZyHdnuNUJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE+a
pQ4XLKu6Emzwkp+OO9j0NxJqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xOEMwMkVFRUU3RUIxMUVFOEE0MjY2QzM3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmss8MA0GCSqGSIb3DQEB
CwUAA4IBAQAzBTR6RODuHrGTgn9ahpp7gHzsqYx3lqkeixS152uz6Q3LoGnG2xeM
r/ykA/gUzHFyHpv2fS8l17GgvuzD5VJUj03OXsavYyccgGvposAjClrhu+/Qq0jG
rp8kp5hKl06y9hEayqE0S5+I2jt/B/vDDTd2Q9gDXnJrcv5LtMWlMHiGEjQOh6sQ
mnLVpq8XTJ8YVPqgVtdx9m10qdzVI0ZRnhEiCllwdt3Liyt04oiN0pxHqRgNy3k/
2CkT1IUciO88B0QyzD4GYqi+7kvzws6SnXbEgh6ZKlQpWTbQDZCGDi9/PD4Bg90e
VSxbn55MCrCGndGKO51VLDvQuoXBtrXj
-----END CERTIFICATE-----
Generated at Wed Apr 24 04:12:03 2024 by rpki-client on console-fra.rpki-client.org