Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/821B4DA49B7011EFA68839BE762E951A.roa
File: 821B4DA49B7011EFA68839BE762E951A.roa (raw, json)
Hash identifier: +qb5mWIQpmHBzIHiI0FfnnxkggJkfetlsy07UwJmPp0=
Subject key identifier: AC:73:37:E4:50:42:6D:03:70:FE:7D:59:DA:AD:E7:72:98:CB:1B:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0107B1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/821B4DA49B7011EFA68839BE762E951A.roa
Signing time: Tue 05 Nov 2024 12:21:39 +0000
ROA not before: Tue 05 Nov 2024 12:21:36 +0000
ROA not after: Mon 13 Jan 2025 12:21:36 +0000
asID: 22773
IP address blocks: 154.93.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67505 (0x107b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 5 12:21:36 2024 GMT
Not After : Jan 13 12:21:36 2025 GMT
Subject: CN=672a0dd3-bb76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2e:e0:13:3b:96:b0:67:db:0a:09:fd:37:45:
ab:f9:77:85:c0:32:77:93:d1:2f:9e:a5:1d:0f:9c:
7f:38:dc:ea:b1:c8:e9:81:67:33:cd:18:bc:0f:05:
05:5e:f5:fe:0e:f8:f5:36:c5:ad:76:6c:19:64:8e:
8b:eb:8c:93:0f:99:24:ab:af:50:bc:5d:a5:a6:35:
8d:9d:84:4e:45:3d:9f:62:f9:77:bd:4b:fe:e2:ed:
e6:cc:a3:28:da:7f:c4:68:c1:5c:86:d2:42:0c:29:
49:1b:d4:57:ec:a0:78:9b:55:5f:36:14:33:c7:9d:
0a:21:41:a4:ef:2d:9e:d3:73:25:21:80:f1:5a:75:
0d:69:9b:4e:0e:e5:5e:d3:bb:ea:e6:f7:f1:87:dd:
cd:67:b0:fa:bc:4a:e5:c0:8b:56:98:f7:57:09:d0:
0e:56:4c:83:e0:6e:ff:3e:66:d8:59:ff:d9:cb:cd:
1b:dd:76:ff:9d:06:0f:47:3b:7c:7f:98:e9:75:ba:
c6:75:96:c0:7d:ad:b5:50:44:f1:4c:db:b9:17:48:
42:2a:80:b5:8b:14:f9:18:5e:6d:c6:62:b4:7c:6c:
a0:42:7e:4a:86:4c:d0:de:d6:60:99:2d:bb:7b:c0:
e9:73:79:5c:ef:40:b2:b1:af:5f:48:3c:96:1c:20:
fd:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:73:37:E4:50:42:6D:03:70:FE:7D:59:DA:AD:E7:72:98:CB:1B:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/821B4DA49B7011EFA68839BE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.20.0/22
Signature Algorithm: sha256WithRSAEncryption
38:8d:16:9d:6c:e8:69:31:a7:0d:28:f0:c8:07:d8:27:ea:e5:
8f:81:c7:32:11:b9:c2:d0:0b:12:71:4f:00:bc:84:e6:4b:43:
68:01:85:eb:91:33:87:3b:82:83:62:64:87:e3:10:6a:3d:ba:
d6:b2:c1:b3:41:6c:7b:a9:4e:f4:f7:62:c5:73:5e:71:f0:19:
89:17:8b:9f:98:ec:51:25:00:11:f9:68:75:a2:df:c1:d1:02:
a7:d6:e0:73:92:fb:a9:e4:14:d9:77:0e:cc:ca:0d:39:d9:08:
8f:9b:df:fb:69:77:8d:78:b5:73:d8:ee:ad:95:21:f2:bc:ae:
f6:d2:73:42:e9:b1:95:ad:0b:8b:d6:ac:61:b7:05:c0:e4:79:
9b:b8:b0:08:44:79:58:a7:07:1c:fe:a5:d7:dc:ab:3e:ca:43:
17:0e:34:82:07:4a:c5:02:bf:fc:c4:9f:75:5f:3f:43:60:c8:
db:f4:0b:7b:0e:7c:be:5e:7a:7e:b8:f9:15:8c:4c:a7:93:29:
3b:4b:34:20:00:44:19:19:c1:1d:ec:8c:0a:56:df:da:42:b7:
79:f3:38:77:23:77:38:dd:7e:d6:8c:90:1c:9b:61:05:2d:7c:
1f:14:af:a9:aa:7c:57:da:3c:30:43:5d:73:ed:d7:bb:30:cb:
0c:ca:1d:fb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQexMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTIyMTM2WhcNMjUwMTEzMTIyMTM2WjAYMRYw
FAYDVQQDEw02NzJhMGRkMy1iYjc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxS7gEzuWsGfbCgn9N0Wr+XeFwDJ3k9EvnqUdD5x/ONzqscjpgWczzRi8
DwUFXvX+Dvj1NsWtdmwZZI6L64yTD5kkq69QvF2lpjWNnYRORT2fYvl3vUv+4u3m
zKMo2n/EaMFchtJCDClJG9RX7KB4m1VfNhQzx50KIUGk7y2e03MlIYDxWnUNaZtO
DuVe07vq5vfxh93NZ7D6vErlwItWmPdXCdAOVkyD4G7/PmbYWf/Zy80b3Xb/nQYP
Rzt8f5jpdbrGdZbAfa21UETxTNu5F0hCKoC1ixT5GF5txmK0fGygQn5KhkzQ3tZg
mS27e8Dpc3lc70Cysa9fSDyWHCD9eQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKxz
N+RQQm0DcP59Wdqt53KYyxvkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MjFCNERBNDlCNzAxMUVGQTY4ODM5QkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCml0UMA0GCSqGSIb3DQEB
CwUAA4IBAQA4jRadbOhpMacNKPDIB9gn6uWPgccyEbnC0AsScU8AvITmS0NoAYXr
kTOHO4KDYmSH4xBqPbrWssGzQWx7qU7092LFc15x8BmJF4ufmOxRJQAR+Wh1ot/B
0QKn1uBzkvup5BTZdw7Myg052QiPm9/7aXeNeLVz2O6tlSHyvK720nNC6bGVrQuL
1qxhtwXA5HmbuLAIRHlYpwcc/qXX3Ks+ykMXDjSCB0rFAr/8xJ91Xz9DYMjb9At7
Dny+Xnp+uPkVjEynkyk7SzQgAEQZGcEd7IwKVt/aQrd58zh3I3c43X7WjJAcm2EF
LXwfFK+pqnxX2jwwQ11z7de7MMsMyh37
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:31:17 2025 by rpki-client