Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29B3B570F0C611EEAA36E29B775412E6.roa
File: 29B3B570F0C611EEAA36E29B775412E6.roa (raw, json)
Hash identifier: sKhNqR/0RiuaknMoM/E6cTW4LiRTHbJN8RGzN0Q9IOA=
Subject key identifier: 21:4A:30:90:AC:D2:F8:BD:E4:60:46:E7:0C:86:E4:3C:2A:65:24:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A8CB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29B3B570F0C611EEAA36E29B775412E6.roa
Signing time: Tue 02 Apr 2024 07:53:59 +0000
ROA not before: Tue 02 Apr 2024 07:53:56 +0000
ROA not after: Mon 29 Apr 2024 07:53:56 +0000
asID: 141883
IP address blocks: 154.86.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43211 (0xa8cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 07:53:56 2024 GMT
Not After : Apr 29 07:53:56 2024 GMT
Subject: CN=660bb997-5d8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:de:0b:1f:bd:31:8c:36:e2:ff:98:2b:1d:38:
1c:f2:e4:be:f9:a9:d6:38:3e:c3:ad:58:b5:e1:ff:
c0:9e:0c:85:41:b7:54:78:53:89:7f:6c:7c:30:02:
7b:b9:69:b8:0a:9d:58:41:31:62:29:79:16:a2:21:
24:69:80:4e:79:dd:d0:e1:32:d7:03:5a:1d:bc:1a:
bc:3e:e3:08:58:f7:2a:ad:af:50:69:34:07:ab:f4:
41:de:be:2c:5f:48:3d:79:d0:d0:5b:20:60:91:b6:
25:70:47:18:c5:59:31:b9:28:00:ee:44:bc:3f:7a:
2e:08:fa:80:42:de:15:c6:fb:b5:5e:57:d6:8b:9e:
4b:8e:86:8f:63:1c:2e:1c:bd:da:97:a1:44:64:93:
f0:b3:83:8a:62:70:63:6f:ec:f3:2d:24:8b:da:89:
65:97:f4:d2:61:ff:b0:57:25:d1:b7:89:5a:a7:6f:
48:b4:f1:52:50:99:e1:d6:dc:44:fa:46:42:11:6f:
fc:d3:e4:a3:62:2e:60:79:f8:8c:b7:f7:97:83:a1:
30:91:81:1b:03:92:3d:f2:5d:15:a2:27:92:ad:34:
21:4c:9b:23:f0:eb:b3:2a:cd:53:4c:3c:5d:ec:54:
80:0a:7c:5f:c8:96:20:fc:52:43:40:5c:8b:31:43:
ba:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4A:30:90:AC:D2:F8:BD:E4:60:46:E7:0C:86:E4:3C:2A:65:24:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29B3B570F0C611EEAA36E29B775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.0.0/24
Signature Algorithm: sha256WithRSAEncryption
32:1d:e7:d3:56:0a:1d:1a:af:19:a2:54:0c:a3:2f:7a:10:6a:
05:46:2f:7c:ed:48:ff:c7:60:f1:d8:d0:c2:ab:61:f5:d4:a6:
74:a4:37:91:d3:bc:27:e4:ce:3c:ba:a2:79:07:2f:5f:4d:4a:
90:c5:8f:aa:41:79:72:b0:b0:ba:ef:a8:1f:80:01:ce:74:78:
93:73:b0:04:9c:1e:61:5b:31:a3:88:1a:42:25:7c:6b:c4:a2:
9e:36:22:38:08:f2:92:c5:aa:f1:cf:f2:8e:c9:cb:e5:b8:1c:
4e:e5:6d:2d:60:3d:d2:e1:0c:13:64:be:70:0d:a3:ca:5d:45:
d9:3e:af:b0:be:25:72:48:95:8f:76:6d:aa:26:34:c8:2f:cb:
52:12:ae:09:ec:fc:f4:56:b6:eb:d6:86:86:2b:7c:63:54:cd:
9d:8c:38:f4:3c:e6:a5:74:e9:1b:58:02:d3:ef:f2:55:50:28:
e8:76:a8:93:54:a4:25:2c:ab:58:93:79:09:72:35:fd:29:bb:
cb:5b:a0:ec:59:a6:b0:b0:6f:88:91:5d:b0:57:80:69:f9:f7:
73:5a:6d:a2:5c:69:b3:a4:83:9f:97:14:91:87:b0:2e:e9:1c:
87:ad:ad:e3:bc:0d:56:2b:12:81:d7:dc:3e:7b:29:ee:42:45:
af:9d:88:8e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKjLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAyMDc1MzU2WhcNMjQwNDI5MDc1MzU2WjAYMRYw
FAYDVQQDEw02NjBiYjk5Ny01ZDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAut4LH70xjDbi/5grHTgc8uS++anWOD7DrVi14f/AngyFQbdUeFOJf2x8
MAJ7uWm4Cp1YQTFiKXkWoiEkaYBOed3Q4TLXA1odvBq8PuMIWPcqra9QaTQHq/RB
3r4sX0g9edDQWyBgkbYlcEcYxVkxuSgA7kS8P3ouCPqAQt4Vxvu1XlfWi55LjoaP
YxwuHL3al6FEZJPws4OKYnBjb+zzLSSL2olll/TSYf+wVyXRt4lap29ItPFSUJnh
1txE+kZCEW/80+SjYi5gefiMt/eXg6EwkYEbA5I98l0VoieSrTQhTJsj8OuzKs1T
TDxd7FSACnxfyJYg/FJDQFyLMUO6BwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCFK
MJCs0vi95GBG5wyG5DwqZSRPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOUIzQjU3MEYwQzYxMUVFQUEzNkUyOUI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlYAMA0GCSqGSIb3DQEB
CwUAA4IBAQAyHefTVgodGq8ZolQMoy96EGoFRi987Uj/x2Dx2NDCq2H11KZ0pDeR
07wn5M48uqJ5By9fTUqQxY+qQXlysLC676gfgAHOdHiTc7AEnB5hWzGjiBpCJXxr
xKKeNiI4CPKSxarxz/KOycvluBxO5W0tYD3S4QwTZL5wDaPKXUXZPq+wviVySJWP
dm2qJjTIL8tSEq4J7Pz0Vrbr1oaGK3xjVM2djDj0POaldOkbWALT7/JVUCjodqiT
VKQlLKtYk3kJcjX9KbvLW6DsWaawsG+IkV2wV4Bp+fdzWm2iXGmzpIOflxSRh7Au
6RyHra3jvA1WKxKB19w+eynuQkWvnYiO
-----END CERTIFICATE-----
Generated at Mon Apr 29 07:55:56 2024 by rpki-client on console-ams.rpki-client.org