Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E4533449B5E11EFB188884F762E951A.roa
File: 4E4533449B5E11EFB188884F762E951A.roa (raw, json)
Hash identifier: dLkOtR7KdixOO0WRL1NJLP1Or9qd8U8nV9Wc1Msf/Eg=
Subject key identifier: 38:D2:60:97:13:50:85:E6:01:B3:66:D8:F3:9C:02:96:22:E2:2C:36
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010795
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E4533449B5E11EFB188884F762E951A.roa
Signing time: Tue 05 Nov 2024 10:11:21 +0000
ROA not before: Tue 05 Nov 2024 10:11:18 +0000
ROA not after: Mon 13 Jan 2025 10:11:18 +0000
asID: 22773
IP address blocks: 154.84.172.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67477 (0x10795)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 5 10:11:18 2024 GMT
Not After : Jan 13 10:11:18 2025 GMT
Subject: CN=6729ef49-1192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ef:c3:ec:f7:b1:4f:10:7e:a0:23:0c:a3:4f:
77:a9:ca:b0:c2:e6:76:65:40:4b:84:9e:42:f2:a3:
0c:0d:ae:e2:15:c2:15:38:02:5c:94:40:2b:8f:82:
d8:bf:0b:07:d5:77:ba:be:39:93:74:f4:54:78:85:
82:3f:42:12:1e:6c:15:e8:f1:8b:f6:f2:d2:62:52:
c4:e9:09:4f:7a:69:88:90:75:61:98:f6:f8:6c:47:
42:0d:78:47:8b:ac:31:c6:0c:d7:ae:1f:3d:a9:ae:
fa:d3:73:1a:90:1b:8b:ad:a8:bc:a7:d8:5a:0f:25:
b6:72:49:81:f3:6e:11:e7:78:06:ce:6b:3b:d0:6c:
b2:d0:9b:2a:34:51:eb:04:83:5b:a1:db:fa:04:0b:
c4:12:bd:29:90:ce:47:ee:29:f7:55:32:23:38:50:
b4:10:60:0a:24:a1:e8:fe:97:96:61:bd:bf:52:71:
97:8f:4b:d4:83:74:d3:88:c1:3d:5e:a3:e2:fe:6c:
f4:3d:d0:3d:15:ca:ba:53:bd:8a:2d:e2:48:aa:d8:
e8:be:4a:b6:ca:36:f0:81:84:b6:26:4f:c6:7e:12:
23:e3:38:a5:94:b5:f8:78:68:0c:fe:28:e3:53:fc:
ee:45:88:67:1b:88:8d:aa:94:93:db:c3:1a:d7:8e:
88:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D2:60:97:13:50:85:E6:01:B3:66:D8:F3:9C:02:96:22:E2:2C:36
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4E4533449B5E11EFB188884F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.172.0/23
Signature Algorithm: sha256WithRSAEncryption
78:a2:c7:ab:d4:71:e5:36:eb:63:b5:1d:4e:7c:1b:d6:a7:51:
79:03:69:6a:e8:54:2a:59:54:4c:f9:ec:dd:ac:90:61:58:9d:
bf:2c:43:04:11:a2:64:58:46:f1:80:25:cd:7b:9e:16:23:a8:
40:b2:9d:45:ce:a9:6a:a6:82:ba:a9:63:5b:82:39:dd:9e:97:
f8:db:d5:33:d4:29:2d:98:08:02:0a:f6:78:79:bd:96:f3:fa:
e1:8d:03:a8:9e:67:e9:6e:14:ce:f5:2f:bd:4d:96:3b:ab:e4:
64:86:41:fb:7b:6e:c8:80:64:30:c0:b4:6b:fa:56:0b:2c:f6:
1e:e0:77:41:5d:18:82:92:2e:54:f3:7b:76:65:00:66:be:78:
7a:ca:25:8e:71:a7:91:f9:9e:e7:ff:2a:64:ad:6e:81:49:61:
f7:bd:e1:c1:ad:74:03:2d:10:88:36:00:75:72:a8:ff:e7:bc:
90:5a:83:a4:9b:55:a8:25:03:ab:44:6b:e3:e0:27:80:5d:e1:
db:9d:5f:70:e0:60:fe:9d:51:dd:ca:24:79:5a:12:e5:49:d0:
ac:20:75:ea:7d:20:84:2b:0e:21:f2:c7:41:84:99:6d:0f:fc:
38:5a:a3:10:f4:63:8d:31:6a:a6:51:49:78:6f:73:5c:27:31:
16:78:72:14
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQeVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTAxMTE4WhcNMjUwMTEzMTAxMTE4WjAYMRYw
FAYDVQQDEw02NzI5ZWY0OS0xMTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu+/D7PexTxB+oCMMo093qcqwwuZ2ZUBLhJ5C8qMMDa7iFcIVOAJclEAr
j4LYvwsH1Xe6vjmTdPRUeIWCP0ISHmwV6PGL9vLSYlLE6QlPemmIkHVhmPb4bEdC
DXhHi6wxxgzXrh89qa7603MakBuLrai8p9haDyW2ckmB824R53gGzms70Gyy0Jsq
NFHrBINbodv6BAvEEr0pkM5H7in3VTIjOFC0EGAKJKHo/peWYb2/UnGXj0vUg3TT
iME9XqPi/mz0PdA9Fcq6U72KLeJIqtjovkq2yjbwgYS2Jk/GfhIj4zillLX4eGgM
/ijjU/zuRYhnG4iNqpST28Ma146IcwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDjS
YJcTUIXmAbNm2POcApYi4iw2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RTQ1MzM0NDlCNUUxMUVGQjE4ODg4NEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlSsMA0GCSqGSIb3DQEB
CwUAA4IBAQB4oser1HHlNutjtR1OfBvWp1F5A2lq6FQqWVRM+ezdrJBhWJ2/LEME
EaJkWEbxgCXNe54WI6hAsp1FzqlqpoK6qWNbgjndnpf429Uz1CktmAgCCvZ4eb2W
8/rhjQOonmfpbhTO9S+9TZY7q+RkhkH7e27IgGQwwLRr+lYLLPYe4HdBXRiCki5U
83t2ZQBmvnh6yiWOcaeR+Z7n/ypkrW6BSWH3veHBrXQDLRCINgB1cqj/57yQWoOk
m1WoJQOrRGvj4CeAXeHbnV9w4GD+nVHdyiR5WhLlSdCsIHXqfSCEKw4h8sdBhJlt
D/w4WqMQ9GONMWqmUUl4b3NcJzEWeHIU
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:34 2025 by rpki-client