Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32B81FD2F0C411EE8BE56A8C775412E6.roa
File: 32B81FD2F0C411EE8BE56A8C775412E6.roa (raw, json)
Hash identifier: Oa30tMZS0oKZSMExt3PHpHEHFsatX6UdHmF4ruR7roQ=
Subject key identifier: 31:28:8D:C1:77:13:72:A8:30:79:BE:58:4A:F2:EE:DC:C0:01:4F:28
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A8C9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32B81FD2F0C411EE8BE56A8C775412E6.roa
Signing time: Tue 02 Apr 2024 07:39:55 +0000
ROA not before: Tue 02 Apr 2024 07:39:52 +0000
ROA not after: Mon 29 Apr 2024 07:39:52 +0000
asID: 139646
IP address blocks: 154.208.12.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43209 (0xa8c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 07:39:52 2024 GMT
Not After : Apr 29 07:39:52 2024 GMT
Subject: CN=660bb64b-cb7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d3:12:54:47:01:7c:41:2b:73:38:7e:26:1f:
0d:68:da:9e:c0:85:43:74:64:d8:e1:69:2a:76:cf:
27:36:37:72:91:b0:b0:76:77:d1:81:8a:3d:68:d7:
84:92:d3:43:7a:9c:c9:33:29:de:be:53:9b:9c:ab:
19:18:6a:f4:27:91:e7:24:9b:cd:ba:31:6d:4e:12:
de:3a:07:db:c2:d8:0a:b8:d9:79:69:60:26:34:fa:
1d:7d:36:17:1b:79:30:28:37:11:0b:dc:50:43:52:
5d:c8:68:b6:2d:ff:3d:24:a9:cf:df:ea:32:5d:89:
19:e6:42:2e:b0:b3:70:b1:b6:49:64:5d:9e:47:0f:
ea:b1:9c:87:50:b7:25:50:8e:33:ea:24:15:e5:d6:
90:80:7e:73:80:be:55:ce:cf:a8:81:a8:4e:7f:0f:
ee:7c:ec:e2:b5:f9:f4:0c:62:27:34:fd:3c:88:d6:
a5:46:97:c3:27:71:a4:28:28:ca:35:39:2e:a4:44:
9d:74:07:66:14:8b:1b:90:74:53:64:67:eb:ad:3c:
74:90:6b:39:d5:f2:18:6a:68:77:4d:90:17:c4:df:
1a:e6:72:b9:5c:10:11:cd:09:8d:52:fd:eb:21:7d:
8d:35:f3:1a:40:23:a8:59:5e:e6:be:e1:fb:f1:4a:
84:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:28:8D:C1:77:13:72:A8:30:79:BE:58:4A:F2:EE:DC:C0:01:4F:28
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32B81FD2F0C411EE8BE56A8C775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.12.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:3d:62:5f:19:e5:cf:b8:fc:78:90:0c:c2:7c:8e:bd:77:05:
54:01:82:51:b6:96:a7:99:1e:20:40:2b:0e:1f:03:cf:78:52:
5a:e0:48:e7:0d:fd:92:44:ad:f5:ec:0f:2e:eb:61:40:33:a5:
06:77:e1:6e:19:85:43:a0:0d:4f:29:c0:94:7c:d3:c4:c0:eb:
cf:32:47:c2:04:71:19:04:82:ec:ad:0a:ff:47:68:19:8d:3d:
fb:dd:e8:cd:2f:35:de:8b:f5:4e:54:5b:a5:a7:f0:37:ca:39:
34:2c:70:cb:aa:1f:41:37:f5:58:38:29:6a:0b:df:bc:9d:c4:
4f:24:93:74:59:c4:bb:9f:c4:e9:e5:3e:31:40:ad:73:1e:9c:
a2:b6:fa:02:47:5f:a5:8f:e8:df:04:c8:cc:e7:44:63:90:9c:
91:1e:45:d0:8f:81:f9:54:f0:13:22:5b:27:db:37:62:84:ac:
3e:ad:6e:1c:84:4b:56:00:c5:1e:fa:93:67:26:b6:2b:4c:de:
2f:1c:f4:0f:51:cd:90:a1:19:4c:39:db:3e:af:b2:6e:b6:d3:
7b:16:4b:18:87:ae:d4:be:d4:19:1a:b2:14:c5:62:b4:13:83:
f7:84:a7:c1:92:af:3e:fb:1e:48:3f:20:ef:6d:d3:cf:c3:f6:
cb:32:ef:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKjJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAyMDczOTUyWhcNMjQwNDI5MDczOTUyWjAYMRYw
FAYDVQQDEw02NjBiYjY0Yi1jYjdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyNMSVEcBfEErczh+Jh8NaNqewIVDdGTY4Wkqds8nNjdykbCwdnfRgYo9
aNeEktNDepzJMynevlObnKsZGGr0J5HnJJvNujFtThLeOgfbwtgKuNl5aWAmNPod
fTYXG3kwKDcRC9xQQ1JdyGi2Lf89JKnP3+oyXYkZ5kIusLNwsbZJZF2eRw/qsZyH
ULclUI4z6iQV5daQgH5zgL5Vzs+ogahOfw/ufOzitfn0DGInNP08iNalRpfDJ3Gk
KCjKNTkupESddAdmFIsbkHRTZGfrrTx0kGs51fIYamh3TZAXxN8a5nK5XBARzQmN
Uv3rIX2NNfMaQCOoWV7mvuH78UqE4wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDEo
jcF3E3KoMHm+WEry7tzAAU8oMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMkI4MUZEMkYwQzQxMUVFOEJFNTZBOEM3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtAMMA0GCSqGSIb3DQEB
CwUAA4IBAQCrPWJfGeXPuPx4kAzCfI69dwVUAYJRtpanmR4gQCsOHwPPeFJa4Ejn
Df2SRK317A8u62FAM6UGd+FuGYVDoA1PKcCUfNPEwOvPMkfCBHEZBILsrQr/R2gZ
jT373ejNLzXei/VOVFulp/A3yjk0LHDLqh9BN/VYOClqC9+8ncRPJJN0WcS7n8Tp
5T4xQK1zHpyitvoCR1+lj+jfBMjM50RjkJyRHkXQj4H5VPATIlsn2zdihKw+rW4c
hEtWAMUe+pNnJrYrTN4vHPQPUc2QoRlMOds+r7JuttN7FksYh67UvtQZGrIUxWK0
E4P3hKfBkq8++x5IPyDvbdPPw/bLMu/W
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:24 2024 by rpki-client on console-fra.rpki-client.org