Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C565CF2E82811EEB9651DAD775412E6.roa
File: 2C565CF2E82811EEB9651DAD775412E6.roa (raw, json)
Hash identifier: FiL+2U381G3wJDInVgdFTIZ3auFyHgx+5/PrdDJQJhM=
Subject key identifier: A9:67:3F:2E:0D:8F:6A:CF:03:B2:11:00:3A:A1:B8:2D:2A:44:FD:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A636
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C565CF2E82811EEB9651DAD775412E6.roa
Signing time: Fri 22 Mar 2024 08:42:54 +0000
ROA not before: Fri 22 Mar 2024 08:42:50 +0000
ROA not after: Thu 25 Apr 2024 08:42:50 +0000
asID: 44559
IP address blocks: 154.94.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42550 (0xa636)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 22 08:42:50 2024 GMT
Not After : Apr 25 08:42:50 2024 GMT
Subject: CN=65fd448d-9bf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:aa:e6:fc:a6:b5:ea:b9:e6:1d:9c:ce:a0:57:
36:75:1a:d6:e4:c5:62:ce:47:8e:ee:87:4b:fe:25:
1e:f9:7c:c5:84:80:52:80:69:d4:61:b7:5c:56:8c:
2d:85:c2:c8:50:e8:1f:23:c1:b9:dc:89:15:61:e7:
09:42:05:50:f0:fb:d9:52:76:49:82:a5:eb:80:93:
97:c5:af:e5:df:64:6c:2f:e6:10:10:2b:88:f3:6e:
a2:e2:7c:c3:9f:80:9a:51:a4:62:ef:12:f5:b0:77:
c7:50:c9:ca:5f:f5:9e:96:d8:39:3a:46:f1:91:e7:
c2:c9:83:eb:bf:e6:df:c4:23:53:82:1e:1a:cc:a4:
18:89:18:de:a0:45:7d:43:50:06:0e:07:9c:ab:39:
bd:92:89:e0:f5:16:2c:13:d1:3d:5d:d1:52:99:98:
68:59:6c:b1:b6:c0:40:14:92:c9:10:aa:77:e9:97:
81:19:93:ea:68:38:aa:b6:42:e3:71:04:31:66:50:
02:d3:c0:07:5a:a7:d6:c0:c1:3c:be:5e:49:0d:33:
af:8b:df:c4:c1:08:42:57:b7:0a:bc:83:a0:5b:21:
73:75:b4:85:af:68:72:a7:42:84:c9:fb:a9:75:cb:
38:4f:7e:06:06:b6:a6:22:01:a1:d7:e1:89:2b:4c:
a9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:67:3F:2E:0D:8F:6A:CF:03:B2:11:00:3A:A1:B8:2D:2A:44:FD:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C565CF2E82811EEB9651DAD775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.128.0/17
Signature Algorithm: sha256WithRSAEncryption
be:f4:7c:31:1e:1c:41:9f:d8:d3:5c:c9:a5:cd:da:8b:81:fb:
83:f5:41:57:43:2d:4a:95:5a:5a:b2:7d:9d:ca:fb:90:9b:33:
85:eb:04:f6:1c:86:25:52:14:c6:d4:8d:f6:63:9d:3d:ba:a0:
ef:71:76:19:4d:7a:16:ef:f6:c0:cc:95:cf:d9:cc:f3:f8:8b:
10:33:c3:aa:53:8f:4a:af:2f:3e:95:a0:a2:87:6f:40:48:98:
c3:c4:32:71:61:e1:d9:de:a2:c2:2d:53:ee:05:21:22:dc:7f:
de:b1:40:49:b4:e4:0e:96:83:60:e5:23:5c:92:a8:3d:96:78:
07:99:76:31:de:2d:a3:6f:72:18:31:d2:c4:ba:4f:c3:6c:49:
14:b7:1c:29:7f:ad:bf:6b:2d:09:7f:ce:63:a4:14:fb:90:8e:
21:b3:d8:b3:f5:db:bc:65:e8:bd:25:10:cc:0a:af:56:7b:30:
1c:ad:71:0a:02:83:0e:ea:0f:d9:4f:24:25:3c:9c:4b:48:4e:
8d:ff:fe:b5:a4:10:a2:a5:3f:fe:7e:70:cf:29:a3:bc:3a:77:
ac:53:4e:b0:95:42:83:91:29:da:4b:9c:6c:33:69:af:5b:09:
cc:74:d5:c2:a3:b0:1b:e2:07:3a:89:55:6c:d0:78:aa:66:8b:
1e:29:a5:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKY2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzIyMDg0MjUwWhcNMjQwNDI1MDg0MjUwWjAYMRYw
FAYDVQQDEw02NWZkNDQ4ZC05YmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA26rm/Ka16rnmHZzOoFc2dRrW5MVizkeO7odL/iUe+XzFhIBSgGnUYbdc
VowthcLIUOgfI8G53IkVYecJQgVQ8PvZUnZJgqXrgJOXxa/l32RsL+YQECuI826i
4nzDn4CaUaRi7xL1sHfHUMnKX/Weltg5OkbxkefCyYPrv+bfxCNTgh4azKQYiRje
oEV9Q1AGDgecqzm9kong9RYsE9E9XdFSmZhoWWyxtsBAFJLJEKp36ZeBGZPqaDiq
tkLjcQQxZlAC08AHWqfWwME8vl5JDTOvi9/EwQhCV7cKvIOgWyFzdbSFr2hyp0KE
yfupdcs4T34GBramIgGh1+GJK0ypkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKln
Py4Nj2rPA7IRADqhuC0qRP3RMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQzU2NUNGMkU4MjgxMUVFQjk2NTFEQUQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHml6AMA0GCSqGSIb3DQEB
CwUAA4IBAQC+9HwxHhxBn9jTXMmlzdqLgfuD9UFXQy1KlVpasn2dyvuQmzOF6wT2
HIYlUhTG1I32Y509uqDvcXYZTXoW7/bAzJXP2czz+IsQM8OqU49Kry8+laCih29A
SJjDxDJxYeHZ3qLCLVPuBSEi3H/esUBJtOQOloNg5SNckqg9lngHmXYx3i2jb3IY
MdLEuk/DbEkUtxwpf62/ay0Jf85jpBT7kI4hs9iz9du8Zei9JRDMCq9WezAcrXEK
AoMO6g/ZTyQlPJxLSE6N//61pBCipT/+fnDPKaO8OnesU06wlUKDkSnaS5xsM2mv
WwnMdNXCo7Ab4gc6iVVs0HiqZoseKaXC
-----END CERTIFICATE-----
Generated at Thu Apr 25 13:10:08 2024 by rpki-client on console-ams.rpki-client.org