Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79E10A68E46C11EEB2DCB9C5775412E6.roa
File: 79E10A68E46C11EEB2DCB9C5775412E6.roa (raw, json)
Hash identifier: vktrwLALih3a5odlTsJ5hXZfFC2E7xf172875D1qW+0=
Subject key identifier: F1:C0:3A:A0:1A:8D:5D:51:AE:76:E7:B5:26:E5:58:FD:2F:E3:A4:15
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A1F1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79E10A68E46C11EEB2DCB9C5775412E6.roa
Signing time: Sun 17 Mar 2024 14:41:45 +0000
ROA not before: Sun 17 Mar 2024 14:41:42 +0000
ROA not after: Tue 30 Apr 2024 14:41:42 +0000
asID: 63139
IP address blocks: 154.93.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41457 (0xa1f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 17 14:41:42 2024 GMT
Not After : Apr 30 14:41:42 2024 GMT
Subject: CN=65f70129-2412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:57:49:c2:74:7e:bc:d1:8e:8d:f8:0c:eb:ca:
8f:cb:f1:06:83:ac:fa:9e:d0:35:9a:b1:11:92:85:
5a:fd:ac:72:59:f3:17:49:09:79:2d:6a:e2:be:8c:
1d:c1:a6:6b:57:9e:95:16:9c:d5:6b:95:83:f4:5e:
ee:fc:a0:7d:22:39:8f:91:07:aa:96:ac:0a:36:3e:
6b:53:01:a1:3f:c5:6b:f8:28:2e:92:16:e6:89:9b:
f6:11:90:75:e5:82:08:78:b8:d8:c3:f7:31:fe:01:
44:7c:a4:98:13:74:d9:c9:67:6d:f3:c7:60:33:2d:
3a:3e:a9:7a:44:f6:65:13:15:1f:00:50:51:9e:29:
8d:52:c2:c7:95:9d:cc:a5:ea:ee:2b:a8:c2:fb:e7:
a3:dd:22:d8:1b:8c:db:37:cb:1d:19:71:9b:54:31:
f0:9f:03:0e:f9:17:b3:c4:48:1e:6d:87:07:25:dc:
9a:a0:21:eb:ea:46:2b:84:cc:c6:91:11:dd:50:7d:
57:98:7e:f9:cd:38:0c:f1:c2:cd:0e:53:6e:7a:05:
a4:c6:8c:c2:38:ab:43:ab:71:41:3a:c1:76:c7:6b:
a8:79:9d:2f:d6:36:0c:95:52:43:e1:30:d2:65:2a:
65:eb:7c:a5:80:66:80:36:8f:7e:16:fe:da:54:af:
1f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C0:3A:A0:1A:8D:5D:51:AE:76:E7:B5:26:E5:58:FD:2F:E3:A4:15
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/79E10A68E46C11EEB2DCB9C5775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.73.0/24
Signature Algorithm: sha256WithRSAEncryption
21:8a:b8:79:5f:0a:73:5e:41:32:e8:41:9c:96:c5:96:15:5a:
fa:99:cc:67:ca:70:25:8a:31:bf:f6:5b:d5:04:9a:c0:0a:7d:
1c:c0:4c:7b:2b:0f:16:cf:0f:05:57:12:9c:5f:d0:a7:ad:68:
58:66:a2:7a:88:05:d4:26:97:25:19:1a:35:31:77:06:41:47:
4a:82:56:5e:b8:16:57:8a:9f:76:80:8e:b8:74:fe:1e:22:d8:
c5:bb:23:46:0b:29:1a:02:03:2e:17:16:b6:e3:cc:a8:13:ab:
b2:57:6d:6f:22:ef:8f:ae:fe:2d:2f:1d:f6:d2:eb:06:ec:e5:
87:d0:c0:be:86:20:1d:c0:4b:0f:2f:f5:95:7c:18:12:bb:5c:
a8:d2:38:60:5f:eb:99:72:37:7d:05:15:95:e5:d3:94:97:5b:
df:80:c6:02:ba:4b:bf:73:fb:da:d6:bb:cf:8b:0c:d0:72:96:
7a:c9:eb:ad:22:7b:8e:65:59:4f:df:c3:46:0f:d0:c5:a4:70:
90:e9:e5:aa:91:ef:55:5b:68:79:55:44:28:71:d4:e2:c5:80:
68:f0:66:0b:a5:fe:65:38:ac:ae:05:ac:ee:0c:64:67:91:9f:
1e:ce:ab:7f:23:33:e2:bd:c0:3c:aa:1d:9d:55:2a:4c:c8:fe:
a2:12:42:6a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKHxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzE3MTQ0MTQyWhcNMjQwNDMwMTQ0MTQyWjAYMRYw
FAYDVQQDEw02NWY3MDEyOS0yNDEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArFdJwnR+vNGOjfgM68qPy/EGg6z6ntA1mrERkoVa/axyWfMXSQl5LWri
vowdwaZrV56VFpzVa5WD9F7u/KB9IjmPkQeqlqwKNj5rUwGhP8Vr+CgukhbmiZv2
EZB15YIIeLjYw/cx/gFEfKSYE3TZyWdt88dgMy06Pql6RPZlExUfAFBRnimNUsLH
lZ3MperuK6jC++ej3SLYG4zbN8sdGXGbVDHwnwMO+RezxEgebYcHJdyaoCHr6kYr
hMzGkRHdUH1XmH75zTgM8cLNDlNuegWkxozCOKtDq3FBOsF2x2uoeZ0v1jYMlVJD
4TDSZSpl63ylgGaANo9+Fv7aVK8fIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPHA
OqAajV1RrnbntSblWP0v46QVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83OUUxMEE2OEU0NkMxMUVFQjJEQ0I5QzU3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml1JMA0GCSqGSIb3DQEB
CwUAA4IBAQAhirh5XwpzXkEy6EGclsWWFVr6mcxnynAlijG/9lvVBJrACn0cwEx7
Kw8Wzw8FVxKcX9CnrWhYZqJ6iAXUJpclGRo1MXcGQUdKglZeuBZXip92gI64dP4e
ItjFuyNGCykaAgMuFxa248yoE6uyV21vIu+Prv4tLx320usG7OWH0MC+hiAdwEsP
L/WVfBgSu1yo0jhgX+uZcjd9BRWV5dOUl1vfgMYCuku/c/va1rvPiwzQcpZ6yeut
InuOZVlP38NGD9DFpHCQ6eWqke9VW2h5VUQocdTixYBo8GYLpf5lOKyuBazuDGRn
kZ8ezqt/IzPivcA8qh2dVSpMyP6iEkJq
-----END CERTIFICATE-----
Generated at Wed May 1 02:03:19 2024 by rpki-client on console-ams.rpki-client.org