Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/80A213D2E47711EE8790EC8E775412E6.roa
File: 80A213D2E47711EE8790EC8E775412E6.roa (raw, json)
Hash identifier: QRX+bdTZGPtkH59/ytVPzzcsur+iHDUihmR8CHnVub0=
Subject key identifier: CF:45:A4:90:24:6B:50:D7:BF:8A:ED:4B:9B:81:63:79:6D:00:D1:46
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A265
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/80A213D2E47711EE8790EC8E775412E6.roa
Signing time: Sun 17 Mar 2024 16:00:40 +0000
ROA not before: Sun 17 Mar 2024 16:00:37 +0000
ROA not after: Tue 30 Apr 2024 16:00:37 +0000
asID: 63139
IP address blocks: 154.94.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41573 (0xa265)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 17 16:00:37 2024 GMT
Not After : Apr 30 16:00:37 2024 GMT
Subject: CN=65f713a8-807b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:90:5a:1d:b7:cc:69:1e:61:be:9f:28:6b:30:
b6:8a:8e:dc:fb:2d:95:bc:32:19:eb:9e:bf:54:14:
2b:4c:31:a6:d1:ae:a2:d6:af:0c:00:b2:c5:de:58:
a4:c4:92:db:50:63:d5:32:bc:ea:df:3f:7c:78:b3:
7b:4e:49:db:67:0c:bb:c1:ba:53:48:43:4a:b7:17:
e1:63:3c:26:7b:d9:29:d4:e7:8f:91:23:0c:32:31:
ef:73:6a:72:71:c1:c4:6e:98:d5:39:f2:01:0e:30:
06:a7:5f:6b:6a:4e:9e:69:c4:bc:5d:07:5a:74:77:
e3:03:a3:2d:e2:6b:ff:cc:59:8a:27:e9:2c:e7:4a:
15:3e:17:ec:ef:7f:62:ea:e4:7c:b4:38:f4:77:4d:
af:5c:97:b3:8f:99:31:ae:c3:23:e0:36:d8:16:22:
01:b8:3b:05:6d:7b:59:40:95:92:14:e2:68:87:07:
ae:19:59:c9:45:72:47:4a:b1:a5:b8:4e:07:e2:f0:
ff:1f:3a:e4:57:1b:85:26:dd:7e:c9:c9:94:a5:09:
d2:46:a3:a9:a4:52:d3:3e:08:d6:fa:bc:54:5c:74:
7b:65:e3:10:7d:9f:44:0e:87:89:ee:a3:a1:19:34:
92:ee:40:ce:37:76:f0:f2:73:08:ab:8e:45:1d:63:
ad:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:45:A4:90:24:6B:50:D7:BF:8A:ED:4B:9B:81:63:79:6D:00:D1:46
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/80A213D2E47711EE8790EC8E775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.96.0/24
Signature Algorithm: sha256WithRSAEncryption
98:f0:ef:39:d9:c5:29:be:c6:98:7b:44:4e:88:5d:8b:ea:d7:
b1:61:56:b4:0a:b2:29:fa:f4:85:1c:02:3a:0a:bf:b3:82:b5:
8c:89:a4:f1:04:70:67:c0:f7:d7:34:55:f7:66:c5:82:20:f0:
27:2c:5a:dc:aa:89:ab:55:70:8d:bf:90:1a:88:71:08:d7:b0:
7e:7f:fb:a5:e4:7c:63:d0:bb:32:6f:53:be:3d:1d:2c:98:c3:
e6:d7:dc:0f:37:9a:e1:56:18:95:34:ab:64:22:ba:48:d8:3a:
93:f7:84:88:29:0b:1c:80:c0:c0:79:a5:63:85:35:f6:ba:6e:
9f:06:62:be:c0:9d:b2:46:b7:9d:e8:d7:02:90:98:9c:5a:30:
5a:95:44:37:1c:70:25:05:17:37:0f:c9:00:f6:26:4d:4c:d6:
46:24:9d:7e:81:35:e3:a4:9c:11:d8:11:43:3a:63:ba:6c:b9:
ba:1a:8d:c7:30:98:52:9c:cc:ec:91:2c:30:29:24:42:50:7b:
68:4e:df:8a:8b:ef:82:89:42:98:bd:58:69:d6:e5:c2:f4:54:
46:67:5d:84:3d:4c:c6:3a:67:71:53:53:b4:0c:01:be:2b:90:
7c:d5:85:83:29:83:1c:ae:d9:f9:9b:05:e8:aa:a3:ad:84:7a:
8c:29:f7:4f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKJlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzE3MTYwMDM3WhcNMjQwNDMwMTYwMDM3WjAYMRYw
FAYDVQQDEw02NWY3MTNhOC04MDdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApJBaHbfMaR5hvp8oazC2io7c+y2VvDIZ656/VBQrTDGm0a6i1q8MALLF
3likxJLbUGPVMrzq3z98eLN7TknbZwy7wbpTSENKtxfhYzwme9kp1OePkSMMMjHv
c2pyccHEbpjVOfIBDjAGp19rak6eacS8XQdadHfjA6Mt4mv/zFmKJ+ks50oVPhfs
739i6uR8tDj0d02vXJezj5kxrsMj4DbYFiIBuDsFbXtZQJWSFOJohweuGVnJRXJH
SrGluE4H4vD/HzrkVxuFJt1+ycmUpQnSRqOppFLTPgjW+rxUXHR7ZeMQfZ9EDoeJ
7qOhGTSS7kDON3bw8nMIq45FHWOtTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM9F
pJAka1DXv4rtS5uBY3ltANFGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MEEyMTNEMkU0NzcxMUVFODc5MEVDOEU3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml5gMA0GCSqGSIb3DQEB
CwUAA4IBAQCY8O852cUpvsaYe0ROiF2L6texYVa0CrIp+vSFHAI6Cr+zgrWMiaTx
BHBnwPfXNFX3ZsWCIPAnLFrcqomrVXCNv5AaiHEI17B+f/ul5Hxj0Lsyb1O+PR0s
mMPm19wPN5rhVhiVNKtkIrpI2DqT94SIKQscgMDAeaVjhTX2um6fBmK+wJ2yRred
6NcCkJicWjBalUQ3HHAlBRc3D8kA9iZNTNZGJJ1+gTXjpJwR2BFDOmO6bLm6Go3H
MJhSnMzskSwwKSRCUHtoTt+Ki++CiUKYvVhp1uXC9FRGZ12EPUzGOmdxU1O0DAG+
K5B81YWDKYMcrtn5mwXoqqOthHqMKfdP
-----END CERTIFICATE-----
Generated at Wed May 1 02:40:37 2024 by rpki-client on console-fra.rpki-client.org