Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28B5019C90AB11ECBAF1C8BA5A40D577.roa
File: 28B5019C90AB11ECBAF1C8BA5A40D577.roa (raw, json)
Hash identifier: aomFbkEYXPg2xCXcETM735v2qw8QfX3j3A5De3yLId4=
Subject key identifier: 30:C6:BA:F5:3D:A3:27:72:8E:CB:AD:D7:B3:6E:FA:6F:2D:BD:55:17
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 14E0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28B5019C90AB11ECBAF1C8BA5A40D577.roa
Signing time: Fri 18 Feb 2022 11:08:54 +0000
ROA not before: Fri 18 Feb 2022 11:08:50 +0000
ROA not after: Fri 30 Dec 2022 11:08:50 +0000
asID: 137951
IP address blocks: 154.209.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5344 (0x14e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 18 11:08:50 2022 GMT
Not After : Dec 30 11:08:50 2022 GMT
Subject: CN=620f7e46-509e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:be:3d:4c:39:cd:76:2a:e9:ab:35:20:13:38:
a5:18:fc:e5:65:19:75:82:ed:d8:de:13:47:3b:9c:
c9:bc:75:42:b0:9b:90:87:05:ee:ac:44:57:ce:ff:
2c:1b:28:7e:2b:5c:94:db:14:ab:54:c0:26:0d:9b:
02:2f:12:e8:db:ff:b4:2d:cb:fe:d8:dd:d9:c9:f1:
ac:43:a2:c7:77:aa:cd:d8:94:8e:e9:fe:74:28:40:
b6:c2:31:67:65:52:00:f0:8a:e4:f3:5f:d1:56:9e:
98:08:bb:9b:ad:e1:a9:7d:60:ce:90:5b:e6:91:f9:
9a:7b:64:04:dd:93:f5:ad:4b:cc:05:75:28:90:f4:
4f:b5:59:bc:df:44:fd:b0:76:81:52:26:03:af:65:
dd:89:e2:77:50:e4:a8:3b:6a:e5:67:bf:cf:70:4b:
e5:27:77:fc:0a:10:a5:32:63:49:d8:4d:d3:77:81:
2c:9c:a9:f5:4f:c8:49:98:4c:c8:0b:c2:7d:5f:ed:
6b:22:37:94:fd:65:49:53:c1:65:c7:ee:a3:68:90:
d4:1f:c2:9b:39:66:8a:61:5f:b7:36:93:73:81:9f:
b8:61:aa:ac:4a:2d:19:d7:1d:a9:97:4d:c4:98:51:
87:bc:1c:37:95:a1:1d:63:1c:af:80:24:3d:da:0a:
28:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C6:BA:F5:3D:A3:27:72:8E:CB:AD:D7:B3:6E:FA:6F:2D:BD:55:17
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28B5019C90AB11ECBAF1C8BA5A40D577.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.128.0/24
Signature Algorithm: sha256WithRSAEncryption
be:41:5f:36:55:e5:0c:cb:54:69:d0:75:1f:3e:d6:d0:17:89:
30:06:a3:ce:c4:ac:81:9b:f6:7e:7d:5a:1a:11:5e:b1:b8:b5:
7e:f9:aa:37:a3:aa:4f:fe:93:6d:1f:4b:36:e2:ce:c6:a4:d3:
0f:b0:ba:79:ff:f4:21:36:ee:b7:e8:90:ae:8e:e1:9f:13:09:
f3:f0:5b:4e:65:50:3d:c3:4e:fc:a4:55:80:58:61:5f:f1:9a:
41:a8:ef:e4:33:af:e7:d7:8e:bf:9c:e4:85:13:16:6f:9a:1a:
1c:ea:0a:7f:bb:47:c6:18:ff:66:7f:87:ec:c1:2a:9c:af:5e:
89:15:5b:25:29:c2:9c:0d:5b:ce:fd:28:35:3e:b2:a0:2e:ce:
50:87:b3:8c:b4:68:c5:b4:ee:17:ab:e2:ac:24:d4:f9:ac:23:
1b:d7:01:7c:72:22:09:5d:17:33:f1:18:7f:23:d8:06:9b:de:
ed:4d:bf:06:69:d7:82:78:17:1e:c2:24:26:f0:b1:69:ae:68:
8b:c4:23:66:21:04:e0:4a:39:a6:5a:0a:4e:92:91:4b:74:0b:
ef:ac:f8:38:56:34:4a:a9:a4:ec:3a:6f:55:77:5e:44:22:c1:
be:d1:f9:90:b6:4e:13:0c:13:93:2a:a3:ee:09:69:8d:72:15:
ab:9d:63:a9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFOAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMjAyMTgxMTA4NTBaFw0yMjEyMzAxMTA4NTBaMBgxFjAU
BgNVBAMMDTYyMGY3ZTQ2LTUwOWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCxvj1MOc12KumrNSATOKUY/OVlGXWC7djeE0c7nMm8dUKwm5CHBe6sRFfO
/ywbKH4rXJTbFKtUwCYNmwIvEujb/7Qty/7Y3dnJ8axDosd3qs3YlI7p/nQoQLbC
MWdlUgDwiuTzX9FWnpgIu5ut4al9YM6QW+aR+Zp7ZATdk/WtS8wFdSiQ9E+1Wbzf
RP2wdoFSJgOvZd2J4ndQ5Kg7auVnv89wS+Und/wKEKUyY0nYTdN3gSycqfVPyEmY
TMgLwn1f7WsiN5T9ZUlTwWXH7qNokNQfwps5ZophX7c2k3OBn7hhqqxKLRnXHamX
TcSYUYe8HDeVoR1jHK+AJD3aCigfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUMMa6
9T2jJ3KOy63Xs276by29VRcwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzI4QjUwMTlDOTBBQjExRUNCQUYxQzhCQTVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa0YAwDQYJKoZIhvcNAQEL
BQADggEBAL5BXzZV5QzLVGnQdR8+1tAXiTAGo87ErIGb9n59WhoRXrG4tX75qjej
qk/+k20fSzbizsak0w+wunn/9CE27rfokK6O4Z8TCfPwW05lUD3DTvykVYBYYV/x
mkGo7+Qzr+fXjr+c5IUTFm+aGhzqCn+7R8YY/2Z/h+zBKpyvXokVWyUpwpwNW879
KDU+sqAuzlCHs4y0aMW07her4qwk1PmsIxvXAXxyIgldFzPxGH8j2Aab3u1NvwZp
14J4Fx7CJCbwsWmuaIvEI2YhBOBKOaZaCk6SkUt0C++s+DhWNEqppOw6b1V3XkQi
wb7R+ZC2ThMME5Mqo+4JaY1yFaudY6k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:08 2023 by rpki-client on console-fra.rpki-client.org