Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81B0558AF0C611EE88F1199D775412E6.roa
File: 81B0558AF0C611EE88F1199D775412E6.roa (raw, json)
Hash identifier: NFbuNw7BdmT9ehM2L4UjIqcdf7zFKZ9eadvL1PH7Htk=
Subject key identifier: 56:35:55:52:CB:E7:FE:8A:41:25:EF:EE:D4:A8:72:8D:6F:88:62:AE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A8CF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81B0558AF0C611EE88F1199D775412E6.roa
Signing time: Tue 02 Apr 2024 07:56:27 +0000
ROA not before: Tue 02 Apr 2024 07:56:23 +0000
ROA not after: Mon 29 Apr 2024 07:56:23 +0000
asID: 139646
IP address blocks: 154.204.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43215 (0xa8cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 07:56:23 2024 GMT
Not After : Apr 29 07:56:23 2024 GMT
Subject: CN=660bba2a-0a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:33:2d:d5:e5:0f:a9:d3:64:b4:2b:76:9f:31:
0b:68:6f:b7:40:91:ea:d8:89:b5:20:89:5f:cf:67:
7f:1d:fc:b2:f6:22:4e:60:0b:17:5e:05:12:bb:63:
2d:09:9f:ba:9a:a2:9c:8e:87:c7:ac:47:9e:53:86:
50:1b:cc:ad:f6:6b:7e:46:a1:37:4c:64:1b:ba:35:
60:b4:da:25:79:d0:5a:40:01:25:94:09:c4:28:7f:
7d:99:a8:28:2f:5a:fc:54:0e:b8:40:d3:b5:d1:cf:
d9:d6:55:93:f4:58:c7:9e:38:f1:16:87:cd:a5:5f:
a4:e2:d0:be:ac:a3:f4:08:a8:49:1f:62:7a:7f:a8:
ce:c7:25:a6:f6:e1:44:be:2e:57:c2:4f:90:b5:d0:
d3:59:47:e9:68:ae:1c:20:41:e7:bb:b2:e8:55:17:
ce:1b:da:a8:7f:14:f5:38:6a:ff:c9:fa:a8:b3:0f:
8e:6c:94:b7:2e:f4:20:01:8a:ce:09:73:e1:e4:26:
ee:a1:4b:dc:1c:24:c9:16:21:e6:27:c0:fc:65:bd:
9d:0c:b3:bd:26:f8:66:c0:91:b0:89:c6:6b:9d:35:
3e:10:d3:a3:d8:98:60:ac:bd:9c:e5:4a:3b:71:ab:
0f:d7:fa:9e:7c:7a:b8:95:f9:76:51:69:d2:49:5a:
ee:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:35:55:52:CB:E7:FE:8A:41:25:EF:EE:D4:A8:72:8D:6F:88:62:AE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81B0558AF0C611EE88F1199D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.0.0/24
Signature Algorithm: sha256WithRSAEncryption
42:17:34:a9:ae:b9:c7:0e:e4:0f:29:a5:06:6c:bd:c9:73:6c:
10:dd:32:c7:43:45:76:18:7e:cf:25:2f:68:97:e8:52:9f:d6:
fd:3e:25:c0:ef:da:1b:86:78:04:8e:cb:b8:f3:5a:d2:66:f3:
df:79:e5:e1:a1:2d:6f:45:0e:25:75:6a:13:ef:6f:5b:91:83:
76:40:af:c9:40:18:6a:b9:e8:bb:6c:7e:42:b1:d7:86:1c:0c:
ef:d7:32:a1:52:6c:99:41:03:bd:bb:9a:e1:ee:0b:22:ee:92:
c4:52:8f:d3:84:0f:72:d3:34:1d:c1:94:c1:ca:45:7e:0c:b6:
dc:44:3b:36:f8:d1:1b:af:e1:dc:67:20:a6:0e:2d:ab:37:79:
de:e7:08:b4:82:61:16:89:f0:38:4e:a9:31:3f:94:13:e8:9a:
54:93:25:b3:fc:c6:3f:9b:e9:bb:ea:f6:5d:71:34:95:ea:f4:
3b:1c:7f:ea:02:4e:d2:3c:2b:61:1e:30:50:b2:12:9e:3a:a7:
5f:17:d6:27:5a:31:c3:79:f8:7e:c4:d7:1e:f0:b1:09:d9:3c:
7b:ee:bc:2a:1b:10:48:23:72:be:1d:a6:96:3b:d9:be:c3:4f:
7d:06:e2:a8:b1:2a:2c:ea:fd:c3:dd:4d:9a:12:0b:e9:dc:a2:
f1:8d:03:dc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKjPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAyMDc1NjIzWhcNMjQwNDI5MDc1NjIzWjAYMRYw
FAYDVQQDEw02NjBiYmEyYS0wYTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxjMt1eUPqdNktCt2nzELaG+3QJHq2Im1IIlfz2d/Hfyy9iJOYAsXXgUS
u2MtCZ+6mqKcjofHrEeeU4ZQG8yt9mt+RqE3TGQbujVgtNoledBaQAEllAnEKH99
magoL1r8VA64QNO10c/Z1lWT9FjHnjjxFofNpV+k4tC+rKP0CKhJH2J6f6jOxyWm
9uFEvi5Xwk+QtdDTWUfpaK4cIEHnu7LoVRfOG9qofxT1OGr/yfqosw+ObJS3LvQg
AYrOCXPh5CbuoUvcHCTJFiHmJ8D8Zb2dDLO9JvhmwJGwicZrnTU+ENOj2JhgrL2c
5Uo7casP1/qefHq4lfl2UWnSSVrulQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFY1
VVLL5/6KQSXv7tSoco1viGKuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MUIwNTU4QUYwQzYxMUVFODhGMTE5OUQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmswAMA0GCSqGSIb3DQEB
CwUAA4IBAQBCFzSprrnHDuQPKaUGbL3Jc2wQ3TLHQ0V2GH7PJS9ol+hSn9b9PiXA
79obhngEjsu481rSZvPfeeXhoS1vRQ4ldWoT729bkYN2QK/JQBhquei7bH5CsdeG
HAzv1zKhUmyZQQO9u5rh7gsi7pLEUo/ThA9y0zQdwZTBykV+DLbcRDs2+NEbr+Hc
ZyCmDi2rN3ne5wi0gmEWifA4TqkxP5QT6JpUkyWz/MY/m+m76vZdcTSV6vQ7HH/q
Ak7SPCthHjBQshKeOqdfF9YnWjHDefh+xNce8LEJ2Tx77rwqGxBII3K+HaaWO9m+
w099BuKosSos6v3D3U2aEgvp3KLxjQPc
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:24 2024 by rpki-client on console-fra.rpki-client.org