Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23220C64FE2411EEBEEEB53D017001B1.roa
File: 23220C64FE2411EEBEEEB53D017001B1.roa (raw, json)
Hash identifier: C0UTgEcMULhUkdRY9QQ+ZV+P1RdqQKobYfREwHnLqDY=
Subject key identifier: A2:82:57:76:63:83:E7:D0:E2:24:9C:C0:15:31:90:B1:E3:B8:C7:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AE6A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23220C64FE2411EEBEEEB53D017001B1.roa
Signing time: Fri 19 Apr 2024 08:09:26 +0000
ROA not before: Fri 19 Apr 2024 08:09:22 +0000
ROA not after: Mon 29 Apr 2024 08:09:22 +0000
asID: 5065
IP address blocks: 154.85.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44650 (0xae6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 19 08:09:22 2024 GMT
Not After : Apr 29 08:09:22 2024 GMT
Subject: CN=662226b6-a4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d1:58:14:95:70:47:5a:11:78:a5:d5:73:5b:
10:f5:e1:41:6d:f1:91:68:32:23:0d:b3:21:93:48:
ad:07:0c:18:08:30:96:d7:6a:b1:00:13:18:82:f3:
3b:fe:5a:b1:42:f2:11:4b:93:94:b6:5e:55:62:2f:
3b:8f:f3:96:b0:28:56:58:02:99:6e:73:e4:f7:d7:
d2:58:d4:5c:51:31:0f:0f:a2:a1:78:a3:a8:ea:19:
f5:d9:00:22:48:59:3e:8a:d2:b1:3a:5c:f4:4b:bd:
e5:b5:29:e9:a1:46:16:9b:43:3d:1e:d6:7b:1c:4f:
1e:84:4e:bd:8e:b1:72:c1:1d:5c:13:40:da:ef:cf:
f8:11:91:33:d8:48:68:50:30:92:89:7a:d1:d5:0b:
e7:bf:fb:54:0c:94:12:71:b4:c4:bb:f4:cc:f3:e5:
0f:bf:a9:9d:74:4b:2c:c7:db:ac:d3:4f:f1:35:d9:
21:46:ce:db:48:bf:b6:e9:53:c3:84:9c:da:fe:8c:
81:38:cc:c7:a1:dd:08:62:1f:b2:3b:d2:38:1b:25:
30:4d:c2:b1:f4:a7:04:75:b7:75:d7:01:b4:f3:24:
2c:92:ef:45:b6:8d:19:47:22:d7:7f:4f:44:a6:20:
38:74:0a:2c:22:26:c0:7b:81:d8:7d:87:b6:b2:a3:
80:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:82:57:76:63:83:E7:D0:E2:24:9C:C0:15:31:90:B1:E3:B8:C7:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23220C64FE2411EEBEEEB53D017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.16.0/22
Signature Algorithm: sha256WithRSAEncryption
80:f9:f1:6e:63:12:05:fd:58:45:15:1a:2e:12:88:3b:3b:ae:
6c:92:8f:86:a6:fd:a4:72:51:d6:23:7a:18:59:2d:63:18:bd:
74:fa:10:17:fe:ef:8d:1a:85:b2:12:f2:b7:a5:05:91:ed:7f:
57:87:0a:53:6b:53:2d:47:35:ab:05:25:0c:ad:52:25:6e:5d:
83:91:3b:1e:a6:fb:9e:7a:62:cc:1b:bf:48:78:d7:b9:a7:5c:
ea:25:6b:9a:30:ac:b7:53:4f:a9:79:a6:89:bf:1e:e7:63:b0:
01:21:c7:61:ec:ce:93:a1:21:28:2d:56:93:23:d9:2a:46:d9:
4f:57:9f:d0:fc:41:92:79:a8:91:ea:7e:6d:41:aa:98:a2:1c:
f0:d3:f9:c4:8f:d1:80:20:7a:9c:4b:5d:8f:92:11:70:f6:6c:
75:a1:f9:ac:e7:c1:df:93:99:46:fe:1f:97:31:88:c4:50:8b:
58:6c:75:6e:fe:f9:46:aa:a5:a1:0c:04:70:31:8d:79:79:d4:
13:33:78:aa:79:fd:04:bd:b2:15:f2:49:aa:ae:a6:7d:0e:20:
3b:a7:44:ad:8a:c0:9c:bd:ce:c7:d0:a2:49:6f:88:df:9e:86:
cf:a6:60:90:85:bb:78:ad:39:2c:e3:78:5e:3e:5c:3e:6e:e0:
a6:10:ad:58
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK5qMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE5MDgwOTIyWhcNMjQwNDI5MDgwOTIyWjAYMRYw
FAYDVQQDEw02NjIyMjZiNi1hNGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzNFYFJVwR1oReKXVc1sQ9eFBbfGRaDIjDbMhk0itBwwYCDCW12qxABMY
gvM7/lqxQvIRS5OUtl5VYi87j/OWsChWWAKZbnPk99fSWNRcUTEPD6KheKOo6hn1
2QAiSFk+itKxOlz0S73ltSnpoUYWm0M9HtZ7HE8ehE69jrFywR1cE0Da78/4EZEz
2EhoUDCSiXrR1Qvnv/tUDJQScbTEu/TM8+UPv6mddEssx9us00/xNdkhRs7bSL+2
6VPDhJza/oyBOMzHod0IYh+yO9I4GyUwTcKx9KcEdbd11wG08yQsku9Fto0ZRyLX
f09EpiA4dAosIibAe4HYfYe2sqOAuwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKKC
V3Zjg+fQ4iScwBUxkLHjuMcAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMzIyMEM2NEZFMjQxMUVFQkVFRUI1M0QwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlUQMA0GCSqGSIb3DQEB
CwUAA4IBAQCA+fFuYxIF/VhFFRouEog7O65sko+Gpv2kclHWI3oYWS1jGL10+hAX
/u+NGoWyEvK3pQWR7X9XhwpTa1MtRzWrBSUMrVIlbl2DkTsepvueemLMG79IeNe5
p1zqJWuaMKy3U0+peaaJvx7nY7ABIcdh7M6ToSEoLVaTI9kqRtlPV5/Q/EGSeaiR
6n5tQaqYohzw0/nEj9GAIHqcS12PkhFw9mx1ofms58Hfk5lG/h+XMYjEUItYbHVu
/vlGqqWhDARwMY15edQTM3iqef0EvbIV8kmqrqZ9DiA7p0StisCcvc7H0KJJb4jf
nobPpmCQhbt4rTks43hePlw+buCmEK1Y
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:24 2024 by rpki-client on console-fra.rpki-client.org