Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6C54B4E4EDB311EE9E675E8D775412E6.roa
File: 6C54B4E4EDB311EE9E675E8D775412E6.roa (raw, json)
Hash identifier: 7tRKn3TxmRtZO7STLODYEEAYvt91C1DWTvFiFX8g12I=
Subject key identifier: 02:6E:65:94:79:CA:0C:67:5F:0E:90:75:90:DA:96:7F:95:66:21:12
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A70D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6C54B4E4EDB311EE9E675E8D775412E6.roa
Signing time: Fri 29 Mar 2024 10:02:17 +0000
ROA not before: Fri 29 Mar 2024 10:02:13 +0000
ROA not after: Thu 02 May 2024 10:02:13 +0000
asID: 45753
IP address blocks: 154.212.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42765 (0xa70d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 29 10:02:13 2024 GMT
Not After : May 2 10:02:13 2024 GMT
Subject: CN=660691a9-e1c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:18:d9:33:63:09:14:a6:29:b8:5d:06:80:8c:
57:52:f9:42:7b:54:75:08:0d:af:af:88:92:13:db:
ba:c1:61:ed:b6:5e:fe:a3:f7:bf:fb:29:58:5d:f7:
c0:1f:15:a8:ee:db:df:52:4a:8d:9c:1c:b9:b7:c8:
ee:f8:df:fb:ab:41:b8:15:de:d9:21:2a:29:c6:a0:
49:15:8b:80:30:7f:1b:2e:1c:e8:e6:1a:c4:61:35:
20:1d:4d:3f:66:a5:c3:8b:e3:a1:dc:25:ba:60:ee:
9e:63:e8:e6:f5:60:c2:98:8a:9f:a8:40:81:19:a7:
d4:1c:25:76:bf:6f:c8:65:0a:59:a1:19:5a:f5:d5:
e6:7c:f7:03:75:32:ae:6d:fe:f9:9c:3b:13:a7:3e:
c7:9a:7d:4f:d5:4f:ee:34:47:58:54:bd:ca:cd:33:
9b:9c:d9:90:6c:3e:62:e0:1f:b3:dc:c6:8a:ae:01:
05:ad:d8:3f:14:90:31:fa:cd:0b:bc:f9:52:2a:aa:
2d:cc:47:07:3d:33:7e:5c:c3:76:f5:de:9d:7e:ea:
a9:1d:4e:ae:b6:6f:22:45:dc:77:3e:9f:22:e4:c7:
5a:12:fb:87:1b:66:28:a9:8b:1c:bf:9d:50:16:4d:
49:d6:15:2b:aa:4a:72:ab:08:2c:2b:b9:ab:45:b4:
1c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:6E:65:94:79:CA:0C:67:5F:0E:90:75:90:DA:96:7F:95:66:21:12
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6C54B4E4EDB311EE9E675E8D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.161.0/24
Signature Algorithm: sha256WithRSAEncryption
10:a6:b5:7f:a2:1f:2c:2f:cb:ac:89:89:4b:28:16:1b:5b:dc:
2f:05:93:54:10:18:a3:27:39:e3:e6:32:96:c9:30:67:65:ce:
fc:ae:2e:f3:b9:4e:ec:dd:6e:1d:62:4c:e7:1a:49:e6:0d:88:
f9:8a:33:4a:0c:c4:73:7d:1b:76:6a:25:1a:0b:80:4b:20:db:
1a:38:5a:8d:19:ba:71:3d:45:9f:5a:a4:21:1b:c8:78:72:49:
e2:ab:71:11:cd:1d:96:6d:d8:9d:58:91:49:9a:e9:cf:00:75:
28:eb:63:d4:8f:d6:c8:03:10:29:66:e5:02:08:b5:2d:6e:4c:
1a:6e:6a:0a:8c:71:43:89:14:79:78:dd:2b:1d:1c:04:20:24:
cc:4f:77:8b:9c:38:49:a3:6d:72:b5:c0:45:83:2e:8b:03:21:
82:63:4d:22:05:e3:a9:b0:95:ee:29:01:b7:90:a0:df:32:d0:
e2:12:7e:d4:4f:26:2d:6e:f2:c6:c9:3a:19:72:21:c1:30:5d:
e5:2f:47:dd:b9:0a:69:12:cb:1c:d5:58:25:5e:87:b9:3c:1e:
8d:de:06:0d:fd:9b:21:ec:3c:35:c2:8d:01:7e:26:4b:51:15:
30:d2:2c:6e:5e:4c:f0:e6:71:b9:4a:a2:a2:59:3f:bf:ca:10:
7d:3f:95:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKcNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzI5MTAwMjEzWhcNMjQwNTAyMTAwMjEzWjAYMRYw
FAYDVQQDEw02NjA2OTFhOS1lMWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0BjZM2MJFKYpuF0GgIxXUvlCe1R1CA2vr4iSE9u6wWHttl7+o/e/+ylY
XffAHxWo7tvfUkqNnBy5t8ju+N/7q0G4Fd7ZISopxqBJFYuAMH8bLhzo5hrEYTUg
HU0/ZqXDi+Oh3CW6YO6eY+jm9WDCmIqfqECBGafUHCV2v2/IZQpZoRla9dXmfPcD
dTKubf75nDsTpz7Hmn1P1U/uNEdYVL3KzTObnNmQbD5i4B+z3MaKrgEFrdg/FJAx
+s0LvPlSKqotzEcHPTN+XMN29d6dfuqpHU6utm8iRdx3Pp8i5MdaEvuHG2YoqYsc
v51QFk1J1hUrqkpyqwgsK7mrRbQcMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAJu
ZZR5ygxnXw6QdZDaln+VZiESMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82QzU0QjRFNEVEQjMxMUVFOUU2NzVFOEQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtShMA0GCSqGSIb3DQEB
CwUAA4IBAQAQprV/oh8sL8usiYlLKBYbW9wvBZNUEBijJznj5jKWyTBnZc78ri7z
uU7s3W4dYkznGknmDYj5ijNKDMRzfRt2aiUaC4BLINsaOFqNGbpxPUWfWqQhG8h4
ckniq3ERzR2WbdidWJFJmunPAHUo62PUj9bIAxApZuUCCLUtbkwabmoKjHFDiRR5
eN0rHRwEICTMT3eLnDhJo21ytcBFgy6LAyGCY00iBeOpsJXuKQG3kKDfMtDiEn7U
TyYtbvLGyToZciHBMF3lL0fduQppEssc1VglXoe5PB6N3gYN/Zsh7Dw1wo0BfiZL
URUw0ixuXkzw5nG5SqKiWT+/yhB9P5X1
-----END CERTIFICATE-----
Generated at Thu May 2 16:21:02 2024 by rpki-client on console-ams.rpki-client.org