Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5903488AEDB111EE89D9607D775412E6.roa
File: 5903488AEDB111EE89D9607D775412E6.roa (raw, json)
Hash identifier: NEsTjCXPpEk8T1ioIcsDCfWak6nEnLsc6qrx4AUK07k=
Subject key identifier: 0B:C2:E4:AF:12:B5:D9:19:1C:96:E0:8D:AC:F2:FD:E1:55:7D:CC:66
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A6F9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5903488AEDB111EE89D9607D775412E6.roa
Signing time: Fri 29 Mar 2024 09:47:25 +0000
ROA not before: Fri 29 Mar 2024 09:47:22 +0000
ROA not after: Fri 26 Apr 2024 09:47:22 +0000
asID: 62240
IP address blocks: 154.195.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42745 (0xa6f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 29 09:47:22 2024 GMT
Not After : Apr 26 09:47:22 2024 GMT
Subject: CN=66068e2d-43dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c8:bd:22:40:7a:d1:ba:55:b4:93:ea:ee:fd:
27:8a:14:78:68:e0:fd:84:be:9c:54:18:f8:00:49:
96:91:50:0a:e5:46:97:d5:6d:92:3d:9d:c4:7e:fd:
7c:6d:bb:b7:24:e5:c6:d5:f3:4d:53:e5:54:81:ac:
16:a2:b5:98:69:94:bd:7b:a3:44:80:42:69:e8:50:
e0:59:02:a9:68:c1:56:99:e5:bf:a8:b4:99:e9:ff:
a7:a3:8c:3f:76:58:70:93:f8:70:74:d0:d9:f9:61:
2a:81:e1:c2:ca:21:7e:4b:0d:f9:5a:7f:78:27:78:
d6:24:54:ee:03:b2:a2:dc:42:e5:0c:57:8f:2d:60:
5d:ef:7c:5a:24:82:df:45:6f:5a:d8:7f:8f:9e:13:
4d:06:7c:40:1a:24:93:42:4c:1a:50:47:95:46:a7:
bd:73:6e:60:f0:91:ed:6c:b5:a1:03:04:14:cd:43:
a2:a1:52:bd:e5:98:74:7a:91:8d:dd:52:83:8c:d4:
2a:70:99:48:01:aa:49:48:cc:dc:df:5a:ef:89:43:
76:37:e5:27:f9:d0:96:19:ca:5e:14:84:92:7c:69:
cc:b2:1e:ad:31:80:0d:a3:65:a1:a7:ae:8d:30:9c:
1e:45:32:0e:1d:ab:8b:34:68:e3:74:09:2d:33:27:
45:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:C2:E4:AF:12:B5:D9:19:1C:96:E0:8D:AC:F2:FD:E1:55:7D:CC:66
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5903488AEDB111EE89D9607D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.0.0/22
Signature Algorithm: sha256WithRSAEncryption
68:6a:6e:35:53:6d:49:24:8f:0f:44:57:3e:4b:15:6e:1e:9c:
9f:76:0a:47:ce:79:2a:63:17:a9:6d:e2:ff:b0:00:7e:1c:90:
31:97:3c:33:dd:da:88:48:ef:65:8c:b2:3c:0d:fd:cd:c8:fa:
f2:89:a8:99:00:07:4f:ec:de:d1:8e:02:5c:76:1c:b9:c1:33:
5b:26:a7:08:3f:32:f8:a3:c3:32:99:c4:0f:67:f1:2c:c8:bf:
02:6b:86:24:18:79:b9:9a:1a:1a:66:5b:fb:c9:ac:75:2d:aa:
60:80:ff:b1:f2:8e:8d:69:6e:52:24:85:3a:2c:ca:40:e1:ad:
45:e5:e0:b8:44:18:39:f4:a4:c0:77:d4:c5:51:cf:0c:4c:8a:
28:b2:e1:38:05:ca:b1:9e:5c:15:ef:c6:cd:21:b8:d9:32:eb:
54:3c:e6:f2:be:fc:36:53:e6:fe:f0:fc:09:41:0a:50:7f:12:
f9:79:a7:96:51:fd:26:11:74:9f:ba:e7:6f:fc:dc:80:7f:26:
08:ba:96:c1:28:c5:c1:bb:eb:bd:2a:4e:b6:36:a8:9c:5a:c0:
15:20:f9:a7:63:a4:17:f6:3e:78:44:f7:04:28:e4:4e:88:85:
07:86:70:95:7c:d1:53:86:21:10:4f:db:5f:73:70:e1:58:e1:
c2:89:10:b3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKb5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzI5MDk0NzIyWhcNMjQwNDI2MDk0NzIyWjAYMRYw
FAYDVQQDEw02NjA2OGUyZC00M2RjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1Mi9IkB60bpVtJPq7v0nihR4aOD9hL6cVBj4AEmWkVAK5UaX1W2SPZ3E
fv18bbu3JOXG1fNNU+VUgawWorWYaZS9e6NEgEJp6FDgWQKpaMFWmeW/qLSZ6f+n
o4w/dlhwk/hwdNDZ+WEqgeHCyiF+Sw35Wn94J3jWJFTuA7Ki3ELlDFePLWBd73xa
JILfRW9a2H+PnhNNBnxAGiSTQkwaUEeVRqe9c25g8JHtbLWhAwQUzUOioVK95Zh0
epGN3VKDjNQqcJlIAapJSMzc31rviUN2N+Un+dCWGcpeFISSfGnMsh6tMYANo2Wh
p66NMJweRTIOHauLNGjjdAktMydFPQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAvC
5K8StdkZHJbgjazy/eFVfcxmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81OTAzNDg4QUVEQjExMUVFODlEOTYwN0Q3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsMAMA0GCSqGSIb3DQEB
CwUAA4IBAQBoam41U21JJI8PRFc+SxVuHpyfdgpHznkqYxepbeL/sAB+HJAxlzwz
3dqISO9ljLI8Df3NyPryiaiZAAdP7N7RjgJcdhy5wTNbJqcIPzL4o8MymcQPZ/Es
yL8Ca4YkGHm5mhoaZlv7yax1LapggP+x8o6NaW5SJIU6LMpA4a1F5eC4RBg59KTA
d9TFUc8MTIoosuE4BcqxnlwV78bNIbjZMutUPObyvvw2U+b+8PwJQQpQfxL5eaeW
Uf0mEXSfuudv/NyAfyYIupbBKMXBu+u9Kk62NqicWsAVIPmnY6QX9j54RPcEKORO
iIUHhnCVfNFThiEQT9tfc3DhWOHCiRCz
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:01:37 2024 by rpki-client on console-ams.rpki-client.org