Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28C41D5CFAC711EE90B8F344017001B1.roa
File: 28C41D5CFAC711EE90B8F344017001B1.roa (raw, json)
Hash identifier: ZjWV8+0rgk3fLYlDLnQKuOe4+399Q9zoEz49tuLG1+A=
Subject key identifier: 60:A1:AE:1F:EB:91:72:CF:D5:FA:CD:25:C4:25:AC:F4:0D:23:D8:FF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: ABD9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28C41D5CFAC711EE90B8F344017001B1.roa
Signing time: Mon 15 Apr 2024 01:26:19 +0000
ROA not before: Mon 15 Apr 2024 01:26:15 +0000
ROA not after: Wed 24 Apr 2024 01:26:15 +0000
asID: 136933
IP address blocks: 154.213.16.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43993 (0xabd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 01:26:15 2024 GMT
Not After : Apr 24 01:26:15 2024 GMT
Subject: CN=661c823a-dd4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f4:f2:f9:fa:9c:77:be:77:80:45:f6:f5:e1:
15:42:76:5c:f3:76:8e:8b:6e:20:8c:21:8b:51:40:
3b:34:75:f0:b0:82:53:a0:84:cb:1a:d9:fe:aa:28:
30:08:c4:be:d4:c8:af:04:2d:87:70:42:c7:04:44:
84:b9:e1:aa:c3:a5:50:09:06:6b:4a:1d:79:30:65:
ff:76:54:2e:1b:91:b4:67:13:6f:41:48:1a:37:af:
45:fc:f6:44:88:7c:fa:6a:7f:ed:56:85:2e:06:e6:
d5:c1:cf:4c:f1:0e:9e:23:d1:69:63:fa:c2:e7:fa:
34:c0:b1:de:b1:25:31:9b:eb:90:2c:e5:a3:94:3c:
2d:ab:ad:98:1d:5f:06:80:43:71:6d:3a:10:09:d5:
f6:77:56:07:21:a8:19:da:a9:e5:05:3a:d5:3d:2f:
8e:74:23:74:5d:12:ec:f1:07:d8:12:6d:c6:49:7b:
93:55:ad:d1:54:24:d1:11:e5:7d:f8:cf:00:cf:a7:
a4:50:13:3e:f2:fc:44:9d:02:5e:10:26:78:53:d3:
ef:bb:df:5c:4c:8b:5a:34:e3:d6:43:92:17:d9:71:
39:df:6c:5b:f4:c9:45:00:bd:91:93:54:d1:b0:2b:
42:a3:b8:be:4f:0c:60:22:0b:50:b5:dd:d4:e0:20:
20:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A1:AE:1F:EB:91:72:CF:D5:FA:CD:25:C4:25:AC:F4:0D:23:D8:FF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/28C41D5CFAC711EE90B8F344017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.16.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:d2:b8:d9:81:7c:c7:ed:9b:38:95:79:59:4e:49:d5:6e:60:
2c:c4:5a:c7:94:8c:ec:95:79:05:cd:fa:8b:b2:ef:aa:76:f6:
7b:87:cf:9a:5e:80:0a:96:48:82:da:87:d0:86:ac:8e:f9:71:
fc:a6:b8:58:bc:87:c7:0e:51:70:fa:89:66:a2:54:f4:fb:3e:
62:af:7d:a0:49:d0:8a:82:ba:e8:c7:fe:ec:49:12:70:0f:fa:
6a:15:27:5f:de:02:ac:93:72:d4:1f:29:32:b1:e3:7d:b2:80:
e9:64:35:dc:3b:cc:d9:4c:db:24:75:7f:08:6e:c9:d1:35:a9:
f0:d4:b3:eb:e3:70:71:23:52:7c:3b:a6:05:61:17:7a:79:6f:
33:ab:18:22:30:1a:6d:ae:dd:7c:84:04:9b:78:dd:92:db:5f:
e2:15:a1:9e:3b:1d:d2:39:93:46:83:ff:a2:fe:cf:d2:ff:76:
51:e7:8c:0a:3e:ef:d9:9f:1d:20:3f:a2:7c:fa:fa:6f:99:21:
42:5d:cb:57:70:48:c9:27:2b:41:79:10:8c:15:c2:9c:00:55:
9e:2a:9b:71:f1:20:1a:e5:8b:64:b2:80:6a:23:af:81:82:93:
17:50:f2:49:9a:d8:c2:31:04:4a:ce:5e:5b:ff:05:58:c2:7b:
88:f3:c9:bf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKvZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDEyNjE1WhcNMjQwNDI0MDEyNjE1WjAYMRYw
FAYDVQQDEw02NjFjODIzYS1kZDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuvTy+fqcd753gEX29eEVQnZc83aOi24gjCGLUUA7NHXwsIJToITLGtn+
qigwCMS+1MivBC2HcELHBESEueGqw6VQCQZrSh15MGX/dlQuG5G0ZxNvQUgaN69F
/PZEiHz6an/tVoUuBubVwc9M8Q6eI9FpY/rC5/o0wLHesSUxm+uQLOWjlDwtq62Y
HV8GgENxbToQCdX2d1YHIagZ2qnlBTrVPS+OdCN0XRLs8QfYEm3GSXuTVa3RVCTR
EeV9+M8Az6ekUBM+8vxEnQJeECZ4U9Pvu99cTItaNOPWQ5IX2XE532xb9MlFAL2R
k1TRsCtCo7i+TwxgIgtQtd3U4CAgOwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGCh
rh/rkXLP1frNJcQlrPQNI9j/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOEM0MUQ1Q0ZBQzcxMUVFOTBCOEYzNDQwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtUQMA0GCSqGSIb3DQEB
CwUAA4IBAQAe0rjZgXzH7Zs4lXlZTknVbmAsxFrHlIzslXkFzfqLsu+qdvZ7h8+a
XoAKlkiC2ofQhqyO+XH8prhYvIfHDlFw+olmolT0+z5ir32gSdCKgrrox/7sSRJw
D/pqFSdf3gKsk3LUHykyseN9soDpZDXcO8zZTNskdX8IbsnRNanw1LPr43BxI1J8
O6YFYRd6eW8zqxgiMBptrt18hASbeN2S21/iFaGeOx3SOZNGg/+i/s/S/3ZR54wK
Pu/Znx0gP6J8+vpvmSFCXctXcEjJJytBeRCMFcKcAFWeKptx8SAa5YtksoBqI6+B
gpMXUPJJmtjCMQRKzl5b/wVYwnuI88m/
-----END CERTIFICATE-----
Generated at Wed Apr 24 04:43:07 2024 by rpki-client on console-ams.rpki-client.org