Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5523AD40FAC711EEB21F8845017001B1.roa
File: 5523AD40FAC711EEB21F8845017001B1.roa (raw, json)
Hash identifier: gBW+ixujnz98QMZI6eHgARECd2HBfC1NOtaFsKCnGMk=
Subject key identifier: 1A:D5:23:4F:35:F6:1A:89:43:B4:57:3D:CC:B9:B9:3C:1A:DB:77:44
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: ABDB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5523AD40FAC711EEB21F8845017001B1.roa
Signing time: Mon 15 Apr 2024 01:27:33 +0000
ROA not before: Mon 15 Apr 2024 01:27:29 +0000
ROA not after: Wed 24 Apr 2024 01:27:29 +0000
asID: 136950
IP address blocks: 154.213.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43995 (0xabdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 01:27:29 2024 GMT
Not After : Apr 24 01:27:29 2024 GMT
Subject: CN=661c8285-19de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:75:26:bd:37:c4:d8:18:70:a3:d1:26:9e:c2:
18:32:80:b1:a5:79:3e:c5:97:d8:f5:25:4c:68:e6:
e8:ed:cb:49:dc:bf:b8:07:a3:42:f2:e9:8a:01:fb:
78:84:cb:59:46:c2:52:a7:fc:d5:06:c2:cc:b0:86:
85:b2:b9:dc:0e:96:7a:7d:9e:92:64:a9:e8:d8:74:
93:0e:28:b9:09:4c:eb:ed:65:9c:63:f3:59:3f:46:
2f:2f:2b:29:e3:32:dc:3e:64:ab:06:16:e0:c0:e2:
7b:e6:48:52:f2:ee:83:cf:70:fe:7f:93:8c:0e:25:
83:ac:c9:11:5a:48:b0:f5:3d:0f:3c:50:82:d1:da:
9b:bd:7e:41:31:25:8f:7f:3e:f2:4d:d1:04:56:d1:
70:f7:e3:c2:9f:51:13:8b:f1:79:6c:8e:a4:24:97:
06:a8:97:e7:92:a7:7d:b5:0e:dc:ab:11:7e:86:a3:
70:ed:0e:3f:46:bc:44:74:8e:92:40:03:df:80:6f:
cf:00:fb:02:08:c9:80:03:cd:0a:43:f2:dd:54:cf:
e0:ec:27:4a:1e:ff:f3:8c:6b:2a:8b:2f:5c:01:b9:
17:7e:fb:f0:fe:1f:8a:6c:4e:ed:a8:92:1a:25:3d:
e2:3e:2d:76:eb:e2:eb:a5:a6:7d:05:f3:7f:b5:ad:
c5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D5:23:4F:35:F6:1A:89:43:B4:57:3D:CC:B9:B9:3C:1A:DB:77:44
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5523AD40FAC711EEB21F8845017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.29.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:52:d0:59:2d:30:aa:e3:e1:1c:f2:98:4b:e3:33:12:07:2f:
5b:ef:b7:2b:f7:f7:c8:5d:60:84:c8:bc:b4:2b:e8:c4:36:4f:
6a:5a:df:1e:b3:fd:27:a1:10:5f:e1:6f:48:94:3f:08:9f:a4:
9b:a5:46:62:61:d8:6d:45:c7:b6:55:c0:3f:e6:9b:7c:1b:c8:
c9:3e:5d:98:f1:46:48:55:0b:3c:8b:75:dc:02:73:64:26:52:
70:59:ee:0f:af:38:8a:0f:44:24:d8:29:0d:32:0f:56:b3:ee:
3f:e4:36:02:48:c7:6e:58:61:b4:5b:50:d5:a8:7b:49:35:13:
02:d9:ba:78:58:6c:1f:f4:e6:4d:bf:fa:90:65:f5:c0:d0:4c:
66:ff:a1:08:e4:3c:05:4a:3a:cc:b0:24:f4:dd:a5:4c:3b:98:
2c:6a:7f:bd:e4:9d:44:8d:14:af:37:93:dc:10:c2:14:57:a5:
2e:d5:da:ea:3c:f4:b3:bf:81:55:5b:2d:2f:1d:63:30:f8:b4:
76:e5:0b:fc:f8:fc:01:20:a4:5e:f0:da:67:6c:8b:b8:00:23:
a9:9c:29:92:ff:26:87:95:89:67:0c:d6:f0:e4:da:16:98:fa:
86:91:12:bf:3f:81:f3:d8:d3:da:f9:70:22:65:3d:9d:a5:40:
6f:0a:4d:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKvbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDEyNzI5WhcNMjQwNDI0MDEyNzI5WjAYMRYw
FAYDVQQDEw02NjFjODI4NS0xOWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0HUmvTfE2Bhwo9EmnsIYMoCxpXk+xZfY9SVMaObo7ctJ3L+4B6NC8umK
Aft4hMtZRsJSp/zVBsLMsIaFsrncDpZ6fZ6SZKno2HSTDii5CUzr7WWcY/NZP0Yv
Lysp4zLcPmSrBhbgwOJ75khS8u6Dz3D+f5OMDiWDrMkRWkiw9T0PPFCC0dqbvX5B
MSWPfz7yTdEEVtFw9+PCn1ETi/F5bI6kJJcGqJfnkqd9tQ7cqxF+hqNw7Q4/RrxE
dI6SQAPfgG/PAPsCCMmAA80KQ/LdVM/g7CdKHv/zjGsqiy9cAbkXfvvw/h+KbE7t
qJIaJT3iPi126+LrpaZ9BfN/ta3FNQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBrV
I0819hqJQ7RXPcy5uTwa23dEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NTIzQUQ0MEZBQzcxMUVFQjIxRjg4NDUwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtUdMA0GCSqGSIb3DQEB
CwUAA4IBAQCiUtBZLTCq4+Ec8phL4zMSBy9b77cr9/fIXWCEyLy0K+jENk9qWt8e
s/0noRBf4W9IlD8In6SbpUZiYdhtRce2VcA/5pt8G8jJPl2Y8UZIVQs8i3XcAnNk
JlJwWe4PrziKD0Qk2CkNMg9Ws+4/5DYCSMduWGG0W1DVqHtJNRMC2bp4WGwf9OZN
v/qQZfXA0Exm/6EI5DwFSjrMsCT03aVMO5gsan+95J1EjRSvN5PcEMIUV6Uu1drq
PPSzv4FVWy0vHWMw+LR25Qv8+PwBIKRe8NpnbIu4ACOpnCmS/yaHlYlnDNbw5NoW
mPqGkRK/P4Hz2NPa+XAiZT2dpUBvCk0I
-----END CERTIFICATE-----
Generated at Wed Apr 24 04:12:03 2024 by rpki-client on console-fra.rpki-client.org