Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/485EEF4C9B7211EFA0D1C74A762E951A.roa
File: 485EEF4C9B7211EFA0D1C74A762E951A.roa (raw, json)
Hash identifier: IA5KTmaPQ3YoYFjECIKY0H28QWfabvYMUhG/yUFtIBI=
Subject key identifier: 08:5A:8B:B4:FF:A0:AD:12:3A:00:C4:34:FC:97:46:18:F3:F2:5D:7C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0107C7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/485EEF4C9B7211EFA0D1C74A762E951A.roa
Signing time: Tue 05 Nov 2024 12:34:21 +0000
ROA not before: Tue 05 Nov 2024 12:34:18 +0000
ROA not after: Mon 13 Jan 2025 12:34:18 +0000
asID: 7018
IP address blocks: 154.201.2.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67527 (0x107c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 5 12:34:18 2024 GMT
Not After : Jan 13 12:34:18 2025 GMT
Subject: CN=672a10cd-249c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:43:24:2f:57:c3:fa:4e:45:82:36:b0:7c:b8:
f2:d9:6d:2a:a5:43:20:47:15:8e:43:01:f6:15:05:
6d:d1:7e:6e:41:4b:d1:d1:57:be:1e:44:d5:14:b6:
2b:3c:ab:c8:d6:03:b4:11:ab:b1:ba:68:dd:1b:64:
df:e8:25:c8:52:09:f3:49:f1:49:8b:0e:cd:88:a3:
6f:70:31:b3:e0:ce:a0:d6:84:b3:55:d9:8c:e0:57:
59:7f:e9:2b:7e:6b:28:00:91:35:61:e1:e8:7b:a6:
5f:1d:38:b2:f5:94:f6:f4:41:14:2f:5e:87:f2:66:
a1:f9:66:30:9e:fe:18:b4:a3:de:a5:6f:84:f4:ae:
b8:1f:b0:b5:0d:cc:34:7d:4e:95:ca:26:9a:49:1b:
68:b8:7a:30:62:57:fd:11:01:52:3c:70:92:10:8d:
cf:e9:36:c4:e3:12:80:cb:41:1d:7a:f0:b8:58:37:
cb:ea:7d:d0:d5:29:5c:60:82:48:a6:e4:e4:32:00:
f1:e1:93:20:37:dd:3d:96:57:68:5a:1c:06:d9:8a:
d0:59:81:da:f9:65:68:7e:b5:9a:00:21:2d:65:1a:
b7:b3:88:8d:d2:82:1c:77:bc:6f:8a:32:17:c0:3e:
85:8f:d0:9f:9e:1c:52:18:57:00:d6:1a:1c:ec:ef:
1c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:5A:8B:B4:FF:A0:AD:12:3A:00:C4:34:FC:97:46:18:F3:F2:5D:7C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/485EEF4C9B7211EFA0D1C74A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.2.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:e1:28:c5:4c:05:7d:18:fb:ee:83:75:5c:4b:2c:72:53:69:
f9:ba:50:18:42:16:bc:bf:cc:1e:80:1d:81:87:ed:5b:79:ad:
59:23:22:53:1b:0c:92:c6:38:b0:c8:40:71:db:03:27:bf:8a:
6e:eb:71:1b:2e:34:3b:5f:03:8b:89:4c:f3:92:3f:6f:0d:ca:
07:01:3a:3f:a0:18:f9:eb:a1:aa:ab:dd:83:d4:a9:9d:4b:05:
f0:77:a6:3f:9a:69:34:5b:3c:1d:cd:28:b8:69:96:4d:63:82:
a6:90:9a:f8:fa:29:40:2f:22:6c:4a:fd:73:66:0e:22:52:60:
56:f2:76:54:36:19:6a:5b:57:57:af:63:68:43:21:22:3a:16:
04:71:15:63:88:c9:9c:c5:16:35:6c:44:10:93:de:74:59:1a:
dc:95:81:a3:bb:d5:b6:66:89:09:94:c4:9f:d7:64:63:8e:ee:
ee:39:d1:c0:40:97:7b:bc:30:09:f9:23:27:9b:b1:67:99:4d:
d6:74:48:ef:4d:4d:44:75:0a:3e:9b:b7:c3:4d:56:57:12:be:
b5:22:da:43:e5:c8:45:fa:50:c6:ec:d6:c6:83:e7:e9:9f:91:
94:de:1f:17:ef:f4:32:6a:d8:2a:d3:77:13:ae:19:c2:1e:b1:
a0:c3:c0:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQfHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTIzNDE4WhcNMjUwMTEzMTIzNDE4WjAYMRYw
FAYDVQQDEw02NzJhMTBjZC0yNDljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA20MkL1fD+k5FgjawfLjy2W0qpUMgRxWOQwH2FQVt0X5uQUvR0Ve+HkTV
FLYrPKvI1gO0EauxumjdG2Tf6CXIUgnzSfFJiw7NiKNvcDGz4M6g1oSzVdmM4FdZ
f+krfmsoAJE1YeHoe6ZfHTiy9ZT29EEUL16H8mah+WYwnv4YtKPepW+E9K64H7C1
Dcw0fU6VyiaaSRtouHowYlf9EQFSPHCSEI3P6TbE4xKAy0EdevC4WDfL6n3Q1Slc
YIJIpuTkMgDx4ZMgN909lldoWhwG2YrQWYHa+WVofrWaACEtZRq3s4iN0oIcd7xv
ijIXwD6Fj9CfnhxSGFcA1hoc7O8cHwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAha
i7T/oK0SOgDENPyXRhjz8l18MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80ODVFRUY0QzlCNzIxMUVGQTBEMUM3NEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmskCMA0GCSqGSIb3DQEB
CwUAA4IBAQCN4SjFTAV9GPvug3VcSyxyU2n5ulAYQha8v8wegB2Bh+1bea1ZIyJT
GwySxjiwyEBx2wMnv4pu63EbLjQ7XwOLiUzzkj9vDcoHATo/oBj566Gqq92D1Kmd
SwXwd6Y/mmk0WzwdzSi4aZZNY4KmkJr4+ilALyJsSv1zZg4iUmBW8nZUNhlqW1dX
r2NoQyEiOhYEcRVjiMmcxRY1bEQQk950WRrclYGju9W2ZokJlMSf12Rjju7uOdHA
QJd7vDAJ+SMnm7FnmU3WdEjvTU1EdQo+m7fDTVZXEr61ItpD5chF+lDG7NbGg+fp
n5GU3h8X7/Qyatgq03cTrhnCHrGgw8Bu
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:12:26 2025 by rpki-client