Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6475A2D2E46D11EE83C4DB4D775412E6.roa
File: 6475A2D2E46D11EE83C4DB4D775412E6.roa (raw, json)
Hash identifier: 1lkk5/nWI3m3uSd1egM6qHb9w40J3HtdFGQuIextZTM=
Subject key identifier: 2B:62:98:DD:9D:67:49:DE:B1:CC:BD:F7:7B:49:59:4B:85:43:49:73
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A1FB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6475A2D2E46D11EE83C4DB4D775412E6.roa
Signing time: Sun 17 Mar 2024 14:48:18 +0000
ROA not before: Sun 17 Mar 2024 14:48:15 +0000
ROA not after: Tue 30 Apr 2024 14:48:15 +0000
asID: 63139
IP address blocks: 154.93.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41467 (0xa1fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 17 14:48:15 2024 GMT
Not After : Apr 30 14:48:15 2024 GMT
Subject: CN=65f702b2-7011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ad:48:34:e0:f6:82:9e:10:b3:2a:55:58:f7:
68:43:42:07:15:21:a9:cf:1c:00:47:cd:6d:75:5c:
9f:f8:a5:d1:de:84:cf:7b:85:55:f9:1f:4b:5a:d5:
d2:8f:62:91:c9:55:75:91:83:d0:81:77:56:08:a0:
4c:ef:83:55:d6:21:2f:29:6a:20:63:bf:fc:73:73:
cf:04:ee:53:b3:a8:a4:25:10:6e:69:09:e7:df:d4:
31:a5:fa:42:9f:d5:e3:f6:e3:4e:2a:5b:41:89:83:
18:b9:b2:f4:7b:df:d1:7e:52:a7:67:d4:6f:33:d4:
ca:8f:0e:9f:0c:78:dd:8c:3b:9e:4f:d4:18:27:4c:
3d:ad:61:aa:12:1f:50:f0:0d:62:44:36:ce:85:68:
6b:18:4d:f0:f3:8a:6a:ed:e5:05:56:32:0b:87:d5:
a5:fe:a1:92:2c:36:f2:af:55:31:8b:e6:a5:2a:a1:
1c:f1:8f:ef:4c:e2:8f:91:79:0b:e5:64:0f:b4:b3:
31:f7:82:3b:b0:48:49:2f:47:c8:d3:8b:a2:02:04:
df:65:6f:25:95:ea:b5:6f:d5:10:35:23:07:c7:9a:
df:cd:b4:eb:18:36:42:e9:96:73:b9:41:b7:cc:5d:
5b:b8:94:a1:5e:e4:e1:ec:b2:5c:4c:ea:3e:b8:f1:
f5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:62:98:DD:9D:67:49:DE:B1:CC:BD:F7:7B:49:59:4B:85:43:49:73
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6475A2D2E46D11EE83C4DB4D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.68.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:41:89:36:46:8c:bc:c4:13:31:d8:d6:17:1e:ab:c5:ea:47:
d7:a7:10:e6:f9:78:06:a4:d0:ae:66:51:01:94:fb:74:4d:60:
10:8c:95:74:99:49:18:ca:cc:38:f6:52:f4:5b:e8:cd:dc:19:
db:15:f5:42:66:a8:06:34:36:44:86:12:77:5a:46:de:6a:04:
25:e4:b8:87:59:79:1b:26:5a:8a:af:98:18:7d:3b:2a:63:e0:
e8:35:a3:aa:cb:fc:7c:56:52:cf:1c:4b:64:3d:07:39:da:68:
5f:6c:b4:3a:ab:e8:ae:29:ae:9a:c7:c0:22:85:f3:a8:aa:76:
35:84:bf:bc:ac:f2:9b:53:e5:7b:c8:1b:2c:51:72:7f:34:ae:
76:c3:27:d2:98:9c:b9:74:9b:34:78:d3:a7:e2:49:2b:16:bc:
4f:a6:c8:6a:21:7c:49:88:3a:0a:df:b0:b6:7d:2b:5b:4c:60:
2e:14:6a:a9:e6:4b:42:b3:cd:f6:07:1c:7b:b5:c2:e2:d5:47:
aa:d0:63:e8:72:e4:b5:50:21:7b:e5:e6:c3:79:72:ce:bd:be:
7e:d5:24:d5:4d:7b:bd:80:32:83:23:d0:3f:5d:b0:22:fa:8d:
93:ee:e4:e8:dd:36:ff:94:b3:1b:6f:ef:d5:b4:38:4c:18:aa:
2c:1d:d7:ee
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKH7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzE3MTQ0ODE1WhcNMjQwNDMwMTQ0ODE1WjAYMRYw
FAYDVQQDEw02NWY3MDJiMi03MDExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwa1INOD2gp4QsypVWPdoQ0IHFSGpzxwAR81tdVyf+KXR3oTPe4VV+R9L
WtXSj2KRyVV1kYPQgXdWCKBM74NV1iEvKWogY7/8c3PPBO5Ts6ikJRBuaQnn39Qx
pfpCn9Xj9uNOKltBiYMYubL0e9/RflKnZ9RvM9TKjw6fDHjdjDueT9QYJ0w9rWGq
Eh9Q8A1iRDbOhWhrGE3w84pq7eUFVjILh9Wl/qGSLDbyr1Uxi+alKqEc8Y/vTOKP
kXkL5WQPtLMx94I7sEhJL0fI04uiAgTfZW8lleq1b9UQNSMHx5rfzbTrGDZC6ZZz
uUG3zF1buJShXuTh7LJcTOo+uPH1fQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCti
mN2dZ0nescy993tJWUuFQ0lzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NDc1QTJEMkU0NkQxMUVFODNDNERCNEQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml1EMA0GCSqGSIb3DQEB
CwUAA4IBAQA9QYk2Roy8xBMx2NYXHqvF6kfXpxDm+XgGpNCuZlEBlPt0TWAQjJV0
mUkYysw49lL0W+jN3BnbFfVCZqgGNDZEhhJ3WkbeagQl5LiHWXkbJlqKr5gYfTsq
Y+DoNaOqy/x8VlLPHEtkPQc52mhfbLQ6q+iuKa6ax8AihfOoqnY1hL+8rPKbU+V7
yBssUXJ/NK52wyfSmJy5dJs0eNOn4kkrFrxPpshqIXxJiDoK37C2fStbTGAuFGqp
5ktCs832Bxx7tcLi1Ueq0GPocuS1UCF75ebDeXLOvb5+1STVTXu9gDKDI9A/XbAi
+o2T7uTo3Tb/lLMbb+/VtDhMGKosHdfu
-----END CERTIFICATE-----
Generated at Wed May 1 02:40:37 2024 by rpki-client on console-fra.rpki-client.org