Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/73A23DB2155E11EE9BDDA84E4AD9E6FC.roa
File: 73A23DB2155E11EE9BDDA84E4AD9E6FC.roa (raw, json)
Hash identifier: r9s4CoSV4yfbP5ACE6+Blr29O+8raZjea1VUPD6rMCU=
Subject key identifier: CF:3D:6F:09:B1:8A:88:45:EB:78:77:E4:C4:66:EC:E2:B9:BA:66:74
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 2E61
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/73A23DB2155E11EE9BDDA84E4AD9E6FC.roa
Signing time: Wed 28 Jun 2023 02:49:51 +0000
ROA not before: Wed 28 Jun 2023 02:49:47 +0000
ROA not after: Wed 01 May 2024 02:49:47 +0000
asID: 140227
IP address blocks: 154.86.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11873 (0x2e61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 28 02:49:47 2023 GMT
Not After : May 1 02:49:47 2024 GMT
Subject: CN=649b9fcf-a0a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:92:c3:45:e1:2d:e0:4e:1e:b6:b4:15:be:11:
ce:37:25:ee:67:17:ac:1c:eb:b3:db:1b:7a:3d:87:
28:5d:fe:85:a9:f0:98:5d:9c:33:d4:4f:70:1e:2e:
3f:2e:d7:37:a8:f4:9a:d4:a0:22:cc:e1:8c:84:68:
af:07:92:f2:38:fe:8e:d6:18:2f:43:88:98:26:af:
86:4d:d1:ae:e6:08:64:44:e9:e0:49:4f:db:45:af:
ae:e8:36:36:fe:5e:b2:18:58:91:d6:75:8a:66:97:
0b:c6:13:1f:36:d6:7b:94:9e:ea:b1:2f:98:79:eb:
f2:73:71:9c:ed:76:bf:05:01:6b:05:97:77:a3:40:
1a:d2:7b:b0:67:c2:49:90:28:48:cc:09:47:c3:33:
c1:29:2d:6f:23:e7:32:76:29:ce:84:b9:9d:18:41:
01:bc:df:48:76:62:1e:08:a2:8a:9b:81:a6:15:36:
f5:a9:16:9b:53:3b:dd:cc:ce:10:b9:53:d6:bb:d1:
63:8c:05:8b:4c:6b:85:ac:a3:f0:07:d1:26:68:d2:
5f:8a:7b:4c:bf:0b:5f:c3:0c:56:00:c4:29:7a:62:
3c:7d:38:25:97:de:ea:14:f7:41:f9:da:fd:4f:d5:
fc:f5:1a:06:b5:f1:c8:3f:c9:b2:2b:03:17:32:1a:
1a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:3D:6F:09:B1:8A:88:45:EB:78:77:E4:C4:66:EC:E2:B9:BA:66:74
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/73A23DB2155E11EE9BDDA84E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.22.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:f0:ab:0d:29:9a:3f:7f:0f:42:e3:72:16:47:28:c4:8d:39:
14:39:5e:34:01:b5:8d:52:72:8c:4d:98:7f:f5:b4:1e:61:c8:
38:dc:48:04:cc:81:14:0a:65:d2:90:5a:3e:1f:09:b9:e2:34:
f8:56:c9:90:90:81:15:fc:ca:27:02:f3:7e:77:fb:f0:ed:80:
48:6f:a3:6e:7a:65:cd:09:66:ba:90:64:5e:5f:24:67:35:08:
d3:06:d1:26:d7:14:77:a9:43:67:71:d3:bc:a9:b3:ab:0f:42:
9b:a8:4a:a0:cb:2e:e2:7c:b6:d2:21:dc:81:77:ec:bb:f9:9a:
6a:2e:3f:aa:af:04:a8:21:57:4e:40:83:91:3b:85:5e:d9:c6:
16:75:7f:f7:4f:d8:7c:05:60:d6:33:33:c4:50:a4:90:21:16:
7f:4c:91:f0:6b:e4:64:0a:81:06:9e:b8:6e:72:97:46:6c:e1:
24:02:fc:4a:42:45:f2:aa:29:5a:c4:1a:0c:73:1b:95:db:da:
1c:f8:ef:56:11:b1:46:11:92:1a:84:9b:23:ab:90:38:d3:e9:
d4:07:b0:0b:e6:0f:fb:ba:e8:c3:4b:b0:1c:d1:bf:a0:51:5b:
17:fe:3a:19:7c:d5:26:07:8c:16:3b:7f:9e:6a:e2:8e:ea:fb:
00:a8:29:58
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICLmEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA2MjgwMjQ5NDdaFw0yNDA1MDEwMjQ5NDdaMBgxFjAU
BgNVBAMTDTY0OWI5ZmNmLWEwYTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCsksNF4S3gTh62tBW+Ec43Je5nF6wc67PbG3o9hyhd/oWp8JhdnDPUT3Ae
Lj8u1zeo9JrUoCLM4YyEaK8HkvI4/o7WGC9DiJgmr4ZN0a7mCGRE6eBJT9tFr67o
Njb+XrIYWJHWdYpmlwvGEx821nuUnuqxL5h56/JzcZztdr8FAWsFl3ejQBrSe7Bn
wkmQKEjMCUfDM8EpLW8j5zJ2Kc6EuZ0YQQG830h2Yh4IooqbgaYVNvWpFptTO93M
zhC5U9a70WOMBYtMa4Wso/AH0SZo0l+Ke0y/C1/DDFYAxCl6Yjx9OCWX3uoU90H5
2v1P1fz1Gga18cg/ybIrAxcyGho5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUzz1v
CbGKiEXreHfkxGbs4rm6ZnQwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzczQTIzREIyMTU1RTExRUU5QkREQTg0RTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVhYwDQYJKoZIhvcNAQEL
BQADggEBAIvwqw0pmj9/D0LjchZHKMSNORQ5XjQBtY1ScoxNmH/1tB5hyDjcSATM
gRQKZdKQWj4fCbniNPhWyZCQgRX8yicC8353+/DtgEhvo256Zc0JZrqQZF5fJGc1
CNMG0SbXFHepQ2dx07yps6sPQpuoSqDLLuJ8ttIh3IF37Lv5mmouP6qvBKghV05A
g5E7hV7ZxhZ1f/dP2HwFYNYzM8RQpJAhFn9MkfBr5GQKgQaeuG5yl0Zs4SQC/EpC
RfKqKVrEGgxzG5Xb2hz471YRsUYRkhqEmyOrkDjT6dQHsAvmD/u66MNLsBzRv6BR
Wxf+Ohl81SYHjBY7f55q4o7q+wCoKVg=
-----END CERTIFICATE-----
Generated at Wed May 1 06:28:06 2024 by rpki-client on console-fra.rpki-client.org