Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/237350DAFAE411EEBD9B873F017001B1.roa
File: 237350DAFAE411EEBD9B873F017001B1.roa (raw, json)
Hash identifier: QxUz5dreGBjz4wak6LT8g41pT4huaIrhtFYy4eRWkXU=
Subject key identifier: 00:CD:79:4C:4A:BE:CE:B2:59:AB:1C:FC:3F:01:03:4C:C2:FB:7E:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AC5E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/237350DAFAE411EEBD9B873F017001B1.roa
Signing time: Mon 15 Apr 2024 04:53:45 +0000
ROA not before: Mon 15 Apr 2024 04:53:42 +0000
ROA not after: Thu 25 Apr 2024 04:53:42 +0000
asID: 5065
IP address blocks: 154.94.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44126 (0xac5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 04:53:42 2024 GMT
Not After : Apr 25 04:53:42 2024 GMT
Subject: CN=661cb2d9-f53c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d4:72:f9:76:03:5d:39:3d:e6:70:9b:7d:36:
9a:9d:bd:63:44:00:93:46:c4:b8:8e:27:8f:05:20:
7f:fb:61:22:33:d5:e5:c1:84:64:b2:c1:c6:35:19:
0e:21:50:93:1b:ae:40:a2:5f:6e:e8:33:16:ec:02:
32:93:85:f0:31:1c:dd:6e:f2:e6:fb:fc:76:0d:bd:
e8:70:0e:9b:04:07:90:bd:b1:49:87:6f:9e:cd:4e:
5f:2f:94:6f:d0:cf:01:0a:2a:e6:ed:22:14:0a:7d:
a2:b6:d2:28:b9:cb:14:bd:7c:3c:56:7f:0e:29:88:
a7:3e:09:92:e8:ee:b2:cb:43:aa:c0:bc:82:fd:a0:
06:b0:47:d9:b4:84:9a:df:21:f3:50:3e:ee:9f:44:
98:43:63:7b:0c:31:e5:a4:ec:23:dd:2d:24:e1:c9:
50:f0:17:2f:e8:67:94:24:4a:27:c0:cc:41:4f:c0:
05:71:6c:cf:cd:12:a7:96:ae:ca:e2:f3:5b:cc:5a:
f4:53:34:ee:3d:08:d5:54:66:cb:45:fd:42:bd:e1:
1e:a5:c7:e3:7a:12:77:64:59:f2:53:14:58:a7:ac:
9b:02:eb:15:7e:b0:e9:43:dd:40:3c:fa:7a:01:20:
f4:36:e7:b9:94:c7:d7:48:2a:2d:08:f3:7e:19:ef:
1a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CD:79:4C:4A:BE:CE:B2:59:AB:1C:FC:3F:01:03:4C:C2:FB:7E:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/237350DAFAE411EEBD9B873F017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.43.0/24
Signature Algorithm: sha256WithRSAEncryption
08:5b:58:1b:c3:ed:6b:6b:e8:a5:04:4e:b2:24:5d:29:4f:11:
df:cb:70:eb:8d:ad:e4:9f:84:74:63:7a:7f:74:ec:4c:f1:53:
c8:f2:64:4e:70:cb:40:13:59:ab:36:72:00:66:06:26:31:78:
c8:33:fb:03:69:f6:97:ed:f6:1a:0d:44:76:ea:be:38:6f:fb:
a1:2e:1f:1b:f8:69:46:52:20:ce:e4:a6:92:85:47:90:d5:de:
1f:82:c1:41:c7:6f:66:e4:9e:60:8b:a5:9a:24:96:c7:7b:7e:
a4:3b:c8:11:69:43:20:8c:b1:ee:0b:ed:12:a8:43:d9:04:ff:
c6:9b:39:05:fe:83:0c:58:9a:89:e2:b7:1b:c2:69:44:db:86:
80:c1:ed:a2:66:6d:d5:6e:84:9c:f2:a6:29:cd:62:5e:fb:bd:
9e:5b:1b:c7:71:13:81:c3:75:bf:21:91:70:ed:f8:f3:e3:99:
3c:57:5b:58:6e:30:80:8b:23:54:76:f7:0e:4d:87:62:c8:03:
37:af:f5:1b:80:98:65:29:9c:7c:4f:81:58:15:8b:8d:00:de:
fc:3a:11:ae:a6:31:e6:5b:b8:1e:c3:26:f1:6d:04:dc:e6:4f:
66:3f:bc:de:d5:38:1b:7b:eb:ab:22:59:f1:5b:30:bb:5e:ea:
94:ae:4b:9a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKxeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDQ1MzQyWhcNMjQwNDI1MDQ1MzQyWjAYMRYw
FAYDVQQDEw02NjFjYjJkOS1mNTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3tRy+XYDXTk95nCbfTaanb1jRACTRsS4jiePBSB/+2EiM9XlwYRkssHG
NRkOIVCTG65Aol9u6DMW7AIyk4XwMRzdbvLm+/x2Db3ocA6bBAeQvbFJh2+ezU5f
L5Rv0M8BCirm7SIUCn2ittIoucsUvXw8Vn8OKYinPgmS6O6yy0OqwLyC/aAGsEfZ
tISa3yHzUD7un0SYQ2N7DDHlpOwj3S0k4clQ8Bcv6GeUJEonwMxBT8AFcWzPzRKn
lq7K4vNbzFr0UzTuPQjVVGbLRf1CveEepcfjehJ3ZFnyUxRYp6ybAusVfrDpQ91A
PPp6ASD0Nue5lMfXSCotCPN+Ge8aPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFADN
eUxKvs6yWasc/D8BA0zC+37gMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMzczNTBEQUZBRTQxMUVFQkQ5Qjg3M0YwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4rMA0GCSqGSIb3DQEB
CwUAA4IBAQAIW1gbw+1ra+ilBE6yJF0pTxHfy3Drja3kn4R0Y3p/dOxM8VPI8mRO
cMtAE1mrNnIAZgYmMXjIM/sDafaX7fYaDUR26r44b/uhLh8b+GlGUiDO5KaShUeQ
1d4fgsFBx29m5J5gi6WaJJbHe36kO8gRaUMgjLHuC+0SqEPZBP/GmzkF/oMMWJqJ
4rcbwmlE24aAwe2iZm3VboSc8qYpzWJe+72eWxvHcROBw3W/IZFw7fjz45k8V1tY
bjCAiyNUdvcOTYdiyAM3r/UbgJhlKZx8T4FYFYuNAN78OhGupjHmW7gewybxbQTc
5k9mP7ze1Tgbe+urIlnxWzC7XuqUrkua
-----END CERTIFICATE-----
Generated at Thu Apr 25 10:41:10 2024 by rpki-client on console-ams.rpki-client.org