Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79743F7AF0BD11EEB18F4058775412E6.roa
File: 79743F7AF0BD11EEB18F4058775412E6.roa (raw, json)
Hash identifier: eG+nJO75bV7sumfX8QK2aLcJ6wxgFr9Bz0yyKLsT3wE=
Subject key identifier: C3:8B:2C:5C:99:66:C8:FF:A1:01:8C:DB:5C:56:CB:A9:F8:54:D6:24
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A8BF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79743F7AF0BD11EEB18F4058775412E6.roa
Signing time: Tue 02 Apr 2024 06:51:47 +0000
ROA not before: Tue 02 Apr 2024 06:51:44 +0000
ROA not after: Mon 29 Apr 2024 06:51:44 +0000
asID: 139646
IP address blocks: 154.208.22.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43199 (0xa8bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 06:51:44 2024 GMT
Not After : Apr 29 06:51:44 2024 GMT
Subject: CN=660bab03-6271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9d:51:be:96:ab:4e:a7:10:0d:74:5e:62:1d:
e5:04:57:6f:c6:7c:92:8b:f3:56:ea:8e:ba:e0:9e:
c5:a2:50:03:7a:99:28:49:fa:a1:50:ed:d8:b1:09:
9c:ce:4b:e2:9e:97:40:f6:46:8a:55:39:e4:66:87:
d0:d1:06:b1:f8:3d:9f:72:4b:5e:0b:4d:ed:4e:1f:
ca:c9:e0:38:73:4a:5f:bc:39:1c:3a:fc:e8:8a:cf:
79:7d:3a:50:53:0f:3d:d7:3c:6f:00:3f:f3:a1:29:
8d:23:fe:1f:b6:34:cb:da:eb:24:4a:3a:98:81:ee:
7a:f3:2e:46:29:a9:1d:fc:35:4f:fc:ba:47:98:84:
2d:48:10:22:c3:8f:04:16:4e:aa:c2:2e:17:04:fc:
1e:e4:68:df:a3:a1:51:0b:a1:2b:bd:f4:e0:6d:5d:
db:14:a1:5e:ae:9c:17:96:d0:0b:84:39:04:6c:95:
6f:5e:a5:5c:d4:89:82:f7:4f:c6:a5:2d:99:51:ab:
fa:03:75:58:7a:25:75:25:24:1e:58:7c:cb:ef:27:
e1:96:a8:e0:32:a8:ae:f3:48:84:89:c4:de:b1:8f:
c8:5b:93:8c:98:30:dc:8d:7b:b3:96:77:5f:5c:5d:
09:1e:e5:df:ef:22:75:70:33:af:4b:99:54:b9:1a:
f6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8B:2C:5C:99:66:C8:FF:A1:01:8C:DB:5C:56:CB:A9:F8:54:D6:24
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79743F7AF0BD11EEB18F4058775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.22.0/23
Signature Algorithm: sha256WithRSAEncryption
cb:28:70:ec:f9:b1:63:99:5e:df:ff:5e:1c:81:9f:88:1c:88:
2f:39:49:47:87:68:c9:4b:df:92:cc:05:1f:5f:f3:01:95:79:
64:d0:f7:c1:3b:c8:19:53:f1:01:ef:cb:7b:b4:38:13:9e:2f:
01:92:ed:33:7a:85:e4:ed:2e:c7:4f:5b:8b:f6:4e:11:b9:0a:
4e:46:23:41:02:5c:ad:f3:9a:05:df:04:97:d1:ac:8c:f7:1a:
2a:08:0e:ab:07:71:ee:c1:45:eb:ea:7b:f4:e1:8c:2c:ac:42:
b1:65:35:2a:dd:50:bd:6d:69:f0:66:0e:77:3e:cc:54:62:ef:
d3:75:72:b2:2e:86:97:2e:1d:e6:2d:85:17:6f:45:51:06:de:
94:6f:7f:26:2d:b4:cb:8b:3b:13:fe:3e:ef:92:74:1c:e0:e7:
45:3c:f3:bd:e6:fe:6d:c1:1a:9f:a1:59:dc:85:34:30:67:f3:
0c:bc:26:15:e2:1f:9c:4a:fc:15:c8:ef:0f:8d:51:b3:8b:87:
1d:59:33:21:19:d6:fa:26:70:0b:bb:67:a6:a5:72:7b:8b:64:
ff:78:e7:41:82:4e:8c:78:b2:b1:6a:09:96:fe:b7:47:78:66:
60:32:e1:c5:86:7e:f4:45:3c:04:a7:0b:1c:24:69:d1:d4:6d:
97:16:16:e6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKi/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAyMDY1MTQ0WhcNMjQwNDI5MDY1MTQ0WjAYMRYw
FAYDVQQDEw02NjBiYWIwMy02MjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu51RvparTqcQDXReYh3lBFdvxnySi/NW6o664J7FolADepkoSfqhUO3Y
sQmczkvinpdA9kaKVTnkZofQ0Qax+D2fckteC03tTh/KyeA4c0pfvDkcOvzois95
fTpQUw891zxvAD/zoSmNI/4ftjTL2uskSjqYge568y5GKakd/DVP/LpHmIQtSBAi
w48EFk6qwi4XBPwe5Gjfo6FRC6ErvfTgbV3bFKFerpwXltALhDkEbJVvXqVc1ImC
90/GpS2ZUav6A3VYeiV1JSQeWHzL7yfhlqjgMqiu80iEicTesY/IW5OMmDDcjXuz
lndfXF0JHuXf7yJ1cDOvS5lUuRr2IQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMOL
LFyZZsj/oQGM21xWy6n4VNYkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83OTc0M0Y3QUYwQkQxMUVFQjE4RjQwNTg3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtAWMA0GCSqGSIb3DQEB
CwUAA4IBAQDLKHDs+bFjmV7f/14cgZ+IHIgvOUlHh2jJS9+SzAUfX/MBlXlk0PfB
O8gZU/EB78t7tDgTni8Bku0zeoXk7S7HT1uL9k4RuQpORiNBAlyt85oF3wSX0ayM
9xoqCA6rB3HuwUXr6nv04YwsrEKxZTUq3VC9bWnwZg53PsxUYu/TdXKyLoaXLh3m
LYUXb0VRBt6Ub38mLbTLizsT/j7vknQc4OdFPPO95v5twRqfoVnchTQwZ/MMvCYV
4h+cSvwVyO8PjVGzi4cdWTMhGdb6JnALu2empXJ7i2T/eOdBgk6MeLKxagmW/rdH
eGZgMuHFhn70RTwEpwscJGnR1G2XFhbm
-----END CERTIFICATE-----
Generated at Mon Apr 29 07:56:06 2024 by rpki-client on console-ams.rpki-client.org