Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68C953A2155A11EEA0B588424AD9E6FC.roa
File: 68C953A2155A11EEA0B588424AD9E6FC.roa (raw, json)
Hash identifier: UA9hkH6w3u2AScb1ucqvd0D9lANEsj+SFGr+9fbSY1w=
Subject key identifier: 43:35:75:7C:AA:92:AF:B0:82:CA:27:39:65:91:AD:7D:8A:3F:11:8D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 2E4B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68C953A2155A11EEA0B588424AD9E6FC.roa
Signing time: Wed 28 Jun 2023 02:20:54 +0000
ROA not before: Wed 28 Jun 2023 02:20:51 +0000
ROA not after: Wed 24 Apr 2024 02:20:51 +0000
asID: 63888
IP address blocks: 154.209.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11851 (0x2e4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 28 02:20:51 2023 GMT
Not After : Apr 24 02:20:51 2024 GMT
Subject: CN=649b9906-4444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ac:57:c6:55:af:65:21:39:8c:b5:47:66:fc:
2e:8a:4f:5c:e0:e4:a9:01:e3:5b:08:14:70:71:ac:
55:f6:f3:fc:a5:b2:5a:44:bf:96:8c:7d:b0:a7:dd:
8c:31:5b:c3:73:f9:8c:a8:30:64:c5:28:1f:16:f7:
a2:f0:6d:20:9f:0b:af:bc:de:16:2e:76:44:5c:ec:
41:58:85:e8:cb:14:76:8b:19:40:ce:db:c2:c3:df:
d3:ad:a6:ea:ce:4f:cb:d6:41:15:4c:75:90:03:01:
28:61:b5:82:49:a1:a4:0b:be:6d:a5:b3:74:f4:7d:
1e:95:6a:ba:e2:ef:ba:6e:c0:27:08:00:d5:e0:b7:
e7:e7:0e:b6:22:fe:1d:7c:08:4f:57:4f:b9:c1:0e:
94:59:a2:ac:90:8e:10:48:f7:89:22:87:13:a9:37:
a5:26:d8:d1:9f:fe:95:1a:2d:f9:7d:da:b4:bc:24:
9e:e0:9a:de:ae:b3:d9:8f:ec:2f:55:f6:f7:ef:4d:
d5:ab:61:a1:c6:f9:90:69:36:d9:50:bf:28:fc:18:
43:2b:d5:31:53:3a:59:9a:6e:9a:e0:0f:fa:13:1b:
fe:c8:8e:0c:51:ce:f2:24:2b:40:95:fc:53:ca:8e:
70:cb:a2:6c:a7:fd:02:56:be:f1:26:b9:d6:38:e8:
bd:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:35:75:7C:AA:92:AF:B0:82:CA:27:39:65:91:AD:7D:8A:3F:11:8D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68C953A2155A11EEA0B588424AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.68.0/24
Signature Algorithm: sha256WithRSAEncryption
34:42:2e:06:25:42:cd:fd:72:c3:fb:94:f9:70:74:87:a5:17:
d2:cc:8f:ed:5a:da:8d:d3:01:6f:30:7b:e2:58:bf:c5:a5:a5:
2c:a1:9b:95:e5:af:d9:bc:cc:03:a2:9c:3d:50:3f:02:cc:9e:
db:30:bf:65:72:c4:bc:3f:90:d9:eb:dd:cc:c7:2f:5f:25:b9:
db:51:d3:cc:f3:f8:2f:af:23:77:10:49:d4:79:cf:13:92:a6:
42:81:3f:6d:db:e7:3e:03:b3:5f:cd:5c:ef:7d:61:71:ea:87:
97:0a:f0:74:db:ec:6d:dd:00:77:ae:de:cc:bb:c4:14:bc:c8:
1e:d1:19:94:b1:82:64:ff:1a:db:7d:9e:ed:7e:ab:41:cb:ce:
43:82:4a:df:d0:f7:b0:91:63:d3:ad:cd:ba:20:1c:2f:73:a1:
c9:3c:d7:40:be:78:29:07:3d:bc:28:ad:2c:b8:c8:2d:c6:46:
3e:be:da:63:2b:94:ef:93:49:48:d7:e4:44:a8:6c:d3:64:3c:
66:82:40:0a:af:1b:90:d2:8b:57:a3:4d:c2:c0:d0:2c:49:51:
e7:8b:58:9c:01:d3:de:f1:2e:c1:45:2e:b3:98:23:04:25:ce:
72:0b:1c:55:9b:c8:18:e3:28:07:01:a9:b0:88:d4:89:8b:bd:
f5:75:f7:83
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICLkswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA2MjgwMjIwNTFaFw0yNDA0MjQwMjIwNTFaMBgxFjAU
BgNVBAMTDTY0OWI5OTA2LTQ0NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCxrFfGVa9lITmMtUdm/C6KT1zg5KkB41sIFHBxrFX28/ylslpEv5aMfbCn
3YwxW8Nz+YyoMGTFKB8W96LwbSCfC6+83hYudkRc7EFYhejLFHaLGUDO28LD39Ot
purOT8vWQRVMdZADAShhtYJJoaQLvm2ls3T0fR6Varri77puwCcIANXgt+fnDrYi
/h18CE9XT7nBDpRZoqyQjhBI94kihxOpN6Um2NGf/pUaLfl92rS8JJ7gmt6us9mP
7C9V9vfvTdWrYaHG+ZBpNtlQvyj8GEMr1TFTOlmabprgD/oTG/7IjgxRzvIkK0CV
/FPKjnDLomyn/QJWvvEmudY46L1/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQzV1
fKqSr7CCyic5ZZGtfYo/EY0wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzY4Qzk1M0EyMTU1QTExRUVBMEI1ODg0MjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa0UQwDQYJKoZIhvcNAQEL
BQADggEBADRCLgYlQs39csP7lPlwdIelF9LMj+1a2o3TAW8we+JYv8WlpSyhm5Xl
r9m8zAOinD1QPwLMntswv2VyxLw/kNnr3czHL18ludtR08zz+C+vI3cQSdR5zxOS
pkKBP23b5z4Ds1/NXO99YXHqh5cK8HTb7G3dAHeu3sy7xBS8yB7RGZSxgmT/Gtt9
nu1+q0HLzkOCSt/Q97CRY9OtzbogHC9zock810C+eCkHPbworSy4yC3GRj6+2mMr
lO+TSUjX5ESobNNkPGaCQAqvG5DSi1ejTcLA0CxJUeeLWJwB097xLsFFLrOYIwQl
znILHFWbyBjjKAcBqbCI1ImLvfV194M=
-----END CERTIFICATE-----
Generated at Wed Apr 24 09:55:38 2024 by rpki-client on console-fra.rpki-client.org