Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/797B0F6C441411EF8E3BF941762E951A.roa
File: 797B0F6C441411EF8E3BF941762E951A.roa (raw, json)
Hash identifier: K/nA6hJ1uZ/V599aNJRMnMHnNnAw8pyCbQX/Y+txjO8=
Subject key identifier: 57:78:68:51:0F:42:35:38:D3:77:72:F6:6E:AA:6E:19:95:94:82:8A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: D315
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/797B0F6C441411EF8E3BF941762E951A.roa
Signing time: Wed 17 Jul 2024 08:13:40 +0000
ROA not before: Wed 17 Jul 2024 08:13:37 +0000
ROA not after: Sat 27 Jul 2024 08:13:37 +0000
asID: 22773
IP address blocks: 154.90.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54037 (0xd315)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 17 08:13:37 2024 GMT
Not After : Jul 27 08:13:37 2024 GMT
Subject: CN=66977d34-4578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b6:46:76:ef:b8:57:32:c4:da:f0:bf:00:71:
3e:49:ff:84:c4:72:23:d2:e5:77:a9:b3:f1:5c:91:
eb:c4:9d:19:29:da:60:81:00:37:9b:cb:a5:6d:8b:
16:58:55:7c:57:6d:3c:ed:4a:e7:d6:41:9d:08:90:
59:99:eb:aa:ef:03:32:71:f4:2c:d7:7f:52:75:1f:
02:a7:df:62:bd:43:d5:80:fe:d7:61:6c:1e:c1:e7:
9b:3e:92:b0:88:e6:da:b7:5a:c3:ac:23:49:ed:8c:
84:18:99:8a:4f:59:ed:6c:da:d5:e7:16:dd:14:0a:
c7:15:ed:e8:08:07:08:63:95:87:15:9b:d4:6d:fa:
fb:91:96:dd:17:0f:43:3f:0e:66:d0:22:b8:36:88:
da:34:2d:03:7d:7f:0f:6f:ec:6d:ad:d9:54:e1:81:
1e:fc:41:10:85:0a:5a:ad:8c:0e:c6:e4:5d:9f:1a:
bf:54:fc:56:e6:31:3c:61:81:0f:dc:eb:99:70:0a:
46:57:b3:25:95:c0:0e:1b:cb:88:d9:85:53:62:57:
04:2d:cd:d6:74:7f:ab:b2:7f:46:f1:f2:b1:5c:1f:
a1:cb:12:40:9c:e9:63:54:1e:75:48:0a:37:ce:e8:
f3:38:d3:b1:df:1c:79:49:f5:ab:73:a9:a5:d1:ec:
71:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:78:68:51:0F:42:35:38:D3:77:72:F6:6E:AA:6E:19:95:94:82:8A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/797B0F6C441411EF8E3BF941762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.4.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:11:57:13:af:50:c5:cb:fa:26:9b:f6:ec:61:ee:8f:f7:e0:
a0:d8:21:83:c3:c8:e1:e1:da:00:82:ec:aa:c9:41:18:9a:a3:
40:aa:c8:ec:85:ec:0d:c0:7e:70:09:be:3a:c0:eb:38:47:a8:
44:1b:80:d4:09:0c:41:e9:1a:75:13:2f:6c:bf:82:10:8e:bf:
82:f5:73:c1:3a:ce:4b:b7:96:b4:98:03:10:95:f1:e8:65:f0:
8e:3c:71:bf:49:87:3c:7a:92:68:af:ee:80:0a:7e:8e:91:ba:
95:ae:05:9a:b2:eb:5f:6a:5c:5b:a3:7d:f1:b4:34:66:a0:4a:
88:d8:a5:6f:94:81:bb:a9:33:e9:81:a2:19:c6:75:25:c0:97:
41:19:cc:75:ce:f0:db:6e:dc:1c:56:d9:13:08:88:67:28:e5:
47:52:30:ea:5d:cb:00:72:07:74:18:56:22:8a:a5:77:12:71:
5a:c2:04:31:c8:98:ac:01:49:a5:68:31:d2:8b:8e:25:88:cb:
14:4a:60:29:52:bc:b2:a7:60:cd:35:19:ed:ab:6b:5f:cc:9e:
b8:88:3b:a9:47:1f:61:d9:48:95:93:7d:ab:a7:94:f8:b3:2f:
8b:d8:03:bc:45:ec:9e:ae:43:d9:5f:d0:b4:80:7d:1b:0a:b3:
22:6d:7b:ae
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDANMVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNzE3MDgxMzM3WhcNMjQwNzI3MDgxMzM3WjAYMRYw
FAYDVQQDEw02Njk3N2QzNC00NTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0bZGdu+4VzLE2vC/AHE+Sf+ExHIj0uV3qbPxXJHrxJ0ZKdpggQA3m8ul
bYsWWFV8V2087Urn1kGdCJBZmeuq7wMycfQs139SdR8Cp99ivUPVgP7XYWweweeb
PpKwiObat1rDrCNJ7YyEGJmKT1ntbNrV5xbdFArHFe3oCAcIY5WHFZvUbfr7kZbd
Fw9DPw5m0CK4NojaNC0DfX8Pb+xtrdlU4YEe/EEQhQparYwOxuRdnxq/VPxW5jE8
YYEP3OuZcApGV7MllcAOG8uI2YVTYlcELc3WdH+rsn9G8fKxXB+hyxJAnOljVB51
SAo3zujzONOx3xx5SfWrc6ml0exx9QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFd4
aFEPQjU403dy9m6qbhmVlIKKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83OTdCMEY2QzQ0MTQxMUVGOEUzQkY5NDE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmloEMA0GCSqGSIb3DQEB
CwUAA4IBAQCqEVcTr1DFy/omm/bsYe6P9+Cg2CGDw8jh4doAguyqyUEYmqNAqsjs
hewNwH5wCb46wOs4R6hEG4DUCQxB6Rp1Ey9sv4IQjr+C9XPBOs5Lt5a0mAMQlfHo
ZfCOPHG/SYc8epJor+6ACn6OkbqVrgWasutfalxbo33xtDRmoEqI2KVvlIG7qTPp
gaIZxnUlwJdBGcx1zvDbbtwcVtkTCIhnKOVHUjDqXcsAcgd0GFYiiqV3EnFawgQx
yJisAUmlaDHSi44liMsUSmApUryyp2DNNRntq2tfzJ64iDupRx9h2UiVk32rp5T4
sy+L2AO8ReyerkPZX9C0gH0bCrMibXuu
-----END CERTIFICATE-----
Generated at Sun Jul 28 03:06:40 2024 by rpki-client on console-fra.rpki-client.org