Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/527E3834155E11EEAE86164E4AD9E6FC.roa
File: 527E3834155E11EEAE86164E4AD9E6FC.roa (raw, json)
Hash identifier: O5zBcGmyClXZDLmYE1kJEFetZHK6x0v67rcRA/ttFaA=
Subject key identifier: 57:E5:AF:A1:4C:38:05:E0:3A:1F:A8:00:FE:B6:C7:DD:FB:37:08:32
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 2E5F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/527E3834155E11EEAE86164E4AD9E6FC.roa
Signing time: Wed 28 Jun 2023 02:48:55 +0000
ROA not before: Wed 28 Jun 2023 02:48:52 +0000
ROA not after: Wed 01 May 2024 02:48:52 +0000
asID: 140227
IP address blocks: 154.86.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11871 (0x2e5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 28 02:48:52 2023 GMT
Not After : May 1 02:48:52 2024 GMT
Subject: CN=649b9f97-ad75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ad:5d:15:97:e4:bd:1f:19:de:50:be:a8:a5:
18:3b:7c:cb:f6:4c:b2:67:36:eb:1e:ef:50:8a:73:
b1:85:2f:47:01:39:6d:fe:26:bd:b1:c3:2a:ce:73:
8c:3c:f5:2e:30:b8:26:45:e2:4d:50:2c:52:d8:57:
0b:28:7b:88:29:ab:d6:91:af:91:8e:38:f1:cb:23:
37:7d:35:9d:42:c7:aa:7f:07:a6:f2:b4:14:33:91:
90:8b:30:cf:6a:be:a6:79:8c:be:fa:00:6f:fe:9d:
24:24:67:55:ec:44:26:bd:94:16:77:7e:1b:9e:7e:
db:eb:e8:3e:47:9a:8f:44:fa:dc:d0:52:e0:b2:6b:
3d:86:35:40:93:43:39:c8:76:7d:0d:89:f7:d3:b5:
fd:ba:d7:e1:11:15:7e:91:cc:0b:f6:88:46:21:1f:
a0:a0:aa:a3:de:08:c0:de:2a:60:b0:da:ac:27:44:
0b:45:e7:ff:a1:19:ac:78:20:4f:39:ef:6a:e5:fd:
02:ab:b3:85:bf:bb:59:50:ff:1b:87:58:15:0f:3b:
2f:47:56:82:2c:67:3f:a9:8e:98:62:d6:94:6f:10:
66:37:9a:d5:f4:b9:04:6a:82:1f:cd:b0:01:a6:c4:
e9:55:88:07:83:30:61:92:7e:46:fc:c7:30:41:3b:
91:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:E5:AF:A1:4C:38:05:E0:3A:1F:A8:00:FE:B6:C7:DD:FB:37:08:32
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/527E3834155E11EEAE86164E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.23.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:4a:ce:76:91:f4:2b:c6:58:e4:d4:fc:7c:e1:f3:3f:cb:71:
e9:ef:ea:e4:71:d8:08:ab:46:b0:2c:a1:da:30:64:fb:03:78:
c9:ab:c8:09:f8:ad:66:15:ad:68:8e:30:0d:3c:47:13:d2:b0:
74:1e:57:f7:38:27:3b:fb:ba:56:63:19:e9:9a:b0:50:af:21:
04:ba:e1:30:f1:a1:28:8b:ca:e0:fc:3a:60:98:f1:b1:db:e6:
ba:6b:f1:50:43:83:04:f3:5b:6a:31:64:22:33:ad:79:34:aa:
01:e2:af:be:ad:01:5b:0a:3e:c6:08:34:06:2b:93:93:56:23:
bd:e4:cb:71:ca:0b:a9:69:4c:16:72:65:af:f4:19:69:71:1d:
3c:52:00:c8:40:56:29:f5:3e:13:cd:47:7a:2a:81:cd:d0:d3:
79:c5:c8:d8:e1:97:5f:ae:eb:31:37:df:9c:31:20:0f:d6:5f:
6c:93:2d:2f:25:8f:a3:87:be:c6:e2:1f:58:96:d0:d0:00:a1:
7e:f6:ad:1d:65:8a:14:37:eb:f7:66:00:16:ae:2f:c9:39:d1:
a5:3d:09:8d:2a:0c:62:04:45:b9:84:47:ff:58:61:48:17:60:
10:23:9e:77:b0:32:16:84:7f:85:27:9e:d9:cf:11:a8:33:f4:
0b:6f:31:10
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICLl8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA2MjgwMjQ4NTJaFw0yNDA1MDEwMjQ4NTJaMBgxFjAU
BgNVBAMTDTY0OWI5Zjk3LWFkNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCwrV0Vl+S9HxneUL6opRg7fMv2TLJnNuse71CKc7GFL0cBOW3+Jr2xwyrO
c4w89S4wuCZF4k1QLFLYVwsoe4gpq9aRr5GOOPHLIzd9NZ1Cx6p/B6bytBQzkZCL
MM9qvqZ5jL76AG/+nSQkZ1XsRCa9lBZ3fhueftvr6D5Hmo9E+tzQUuCyaz2GNUCT
QznIdn0NiffTtf261+ERFX6RzAv2iEYhH6CgqqPeCMDeKmCw2qwnRAtF5/+hGax4
IE8572rl/QKrs4W/u1lQ/xuHWBUPOy9HVoIsZz+pjphi1pRvEGY3mtX0uQRqgh/N
sAGmxOlViAeDMGGSfkb8xzBBO5FDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUV+Wv
oUw4BeA6H6gA/rbH3fs3CDIwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzUyN0UzODM0MTU1RTExRUVBRTg2MTY0RTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVhcwDQYJKoZIhvcNAQEL
BQADggEBAIxKznaR9CvGWOTU/Hzh8z/Lcenv6uRx2AirRrAsodowZPsDeMmryAn4
rWYVrWiOMA08RxPSsHQeV/c4Jzv7ulZjGemasFCvIQS64TDxoSiLyuD8OmCY8bHb
5rpr8VBDgwTzW2oxZCIzrXk0qgHir76tAVsKPsYINAYrk5NWI73ky3HKC6lpTBZy
Za/0GWlxHTxSAMhAVin1PhPNR3oqgc3Q03nFyNjhl1+u6zE335wxIA/WX2yTLS8l
j6OHvsbiH1iW0NAAoX72rR1lihQ36/dmABauL8k50aU9CY0qDGIERbmER/9YYUgX
YBAjnnewMhaEf4UnntnPEagz9AtvMRA=
-----END CERTIFICATE-----
Generated at Wed May 1 05:56:52 2024 by rpki-client on console-ams.rpki-client.org