Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/296D16B8D0FE11ECA524A1E1F1222468.roa
File: 296D16B8D0FE11ECA524A1E1F1222468.roa (raw, json)
Hash identifier: IH/fggvnmpKkkllMxjaodcbh101suzHZ1cbVYGLkZ2E=
Subject key identifier: 89:9B:62:C7:F7:D6:64:E8:2C:65:7A:F9:D4:BA:90:DA:5A:46:34:E1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 162B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/296D16B8D0FE11ECA524A1E1F1222468.roa
Signing time: Wed 11 May 2022 07:44:18 +0000
ROA not before: Wed 11 May 2022 07:44:14 +0000
ROA not after: Fri 30 Jun 2023 07:44:14 +0000
asID: 136907
IP address blocks: 154.86.32.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5675 (0x162b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 11 07:44:14 2022 GMT
Not After : Jun 30 07:44:14 2023 GMT
Subject: CN=627b6952-9107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:91:31:03:24:60:4e:2e:75:f7:b4:5b:a1:a9:
52:7f:3c:a8:d6:97:3e:74:20:92:f7:59:3b:f4:27:
60:b1:7e:62:42:87:69:78:d9:2b:f9:13:9f:cd:a7:
96:dd:8b:4c:7c:f2:b8:0e:86:88:90:b2:5c:b2:e3:
b7:9c:2b:52:c7:b4:5e:dc:d0:62:43:a3:bd:76:99:
22:d5:f0:4f:92:0e:f8:5e:14:2a:c6:2e:4f:fe:58:
52:4c:ac:56:6b:71:3e:24:4c:bb:79:3b:ec:65:51:
f2:c0:9d:09:3a:3d:b3:2f:d7:f1:a7:d2:bd:1f:bf:
f2:1a:ae:b7:5c:0a:60:70:8a:52:7b:ba:a1:48:85:
48:f3:b6:17:7e:f3:91:c4:8d:44:61:5f:69:b0:f0:
00:76:0f:e2:cd:09:55:cc:ae:43:b3:11:5c:7d:34:
fd:9d:32:c4:5f:a8:83:a9:d2:0f:d4:ce:8f:bc:4a:
bc:44:94:82:91:49:62:fb:17:c8:4f:6d:f8:c7:74:
22:a9:b1:8e:c1:13:72:97:c3:3b:bf:b1:26:e4:c7:
74:7c:a0:97:a9:f4:ac:40:86:7f:2d:fe:0d:22:00:
41:fe:0b:c1:83:24:bb:e8:67:c8:9f:b4:57:ff:fc:
cb:20:43:16:31:ed:b0:9e:3e:71:8f:ba:18:ff:fa:
cf:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9B:62:C7:F7:D6:64:E8:2C:65:7A:F9:D4:BA:90:DA:5A:46:34:E1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/296D16B8D0FE11ECA524A1E1F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.32.0/20
Signature Algorithm: sha256WithRSAEncryption
d1:d0:52:78:38:e2:89:d8:28:0c:79:41:ed:80:cf:9a:c3:ba:
f8:3f:a6:07:6b:2e:41:a8:0c:2e:19:fc:97:58:cc:52:d1:29:
55:9a:59:1f:02:57:58:f8:9e:45:78:74:ed:4f:3e:bb:61:d8:
11:c4:4c:db:07:7f:19:7f:36:d3:ee:e1:e4:2b:5c:2e:db:2a:
19:2c:3a:aa:66:d9:d5:ef:4d:1a:70:14:21:84:ac:3d:c1:3c:
12:58:0c:80:b9:1f:5d:30:d7:e8:59:70:a0:5a:06:f0:10:75:
21:9f:93:63:ff:e4:78:8e:9b:44:06:31:06:6c:53:d8:17:ad:
f7:79:80:c2:db:53:98:12:5d:6f:09:cf:48:c9:4b:5f:41:f8:
02:12:1a:0e:56:9d:d6:ba:3e:6b:54:65:b5:37:c1:cd:e3:bf:
d7:5e:14:c9:38:4a:03:12:74:0a:94:f3:c7:8f:cc:76:a8:57:
4b:55:b8:b1:87:e0:25:57:7f:55:b7:34:b0:04:3d:64:b4:4b:
cc:78:ca:62:80:ec:7a:d3:7a:2b:79:7c:e1:1a:09:52:bf:f3:
5b:ea:9f:20:53:6f:25:26:83:e8:d2:6b:58:33:75:b1:4e:79:
ee:c7:c5:a2:2d:f3:16:3d:6c:61:6e:64:6e:6f:ba:34:d8:9a:
86:23:c0:74
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFiswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMjA1MTEwNzQ0MTRaFw0yMzA2MzAwNzQ0MTRaMBgxFjAU
BgNVBAMMDTYyN2I2OTUyLTkxMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpkTEDJGBOLnX3tFuhqVJ/PKjWlz50IJL3WTv0J2CxfmJCh2l42Sv5E5/N
p5bdi0x88rgOhoiQslyy47ecK1LHtF7c0GJDo712mSLV8E+SDvheFCrGLk/+WFJM
rFZrcT4kTLt5O+xlUfLAnQk6PbMv1/Gn0r0fv/IarrdcCmBwilJ7uqFIhUjzthd+
85HEjURhX2mw8AB2D+LNCVXMrkOzEVx9NP2dMsRfqIOp0g/Uzo+8SrxElIKRSWL7
F8hPbfjHdCKpsY7BE3KXwzu/sSbkx3R8oJep9KxAhn8t/g0iAEH+C8GDJLvoZ8if
tFf//MsgQxYx7bCePnGPuhj/+s+pAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUiZti
x/fWZOgsZXr51LqQ2lpGNOEwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzI5NkQxNkI4RDBGRTExRUNBNTI0QTFFMUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBASaViAwDQYJKoZIhvcNAQEL
BQADggEBANHQUng44onYKAx5Qe2Az5rDuvg/pgdrLkGoDC4Z/JdYzFLRKVWaWR8C
V1j4nkV4dO1PPrth2BHETNsHfxl/NtPu4eQrXC7bKhksOqpm2dXvTRpwFCGErD3B
PBJYDIC5H10w1+hZcKBaBvAQdSGfk2P/5HiOm0QGMQZsU9gXrfd5gMLbU5gSXW8J
z0jJS19B+AISGg5Wnda6PmtUZbU3wc3jv9deFMk4SgMSdAqU88ePzHaoV0tVuLGH
4CVXf1W3NLAEPWS0S8x4ymKA7HrTeit5fOEaCVK/81vqnyBTbyUmg+jSa1gzdbFO
ee7HxaIt8xY9bGFuZG5vujTYmoYjwHQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:08 2023 by rpki-client on console-fra.rpki-client.org