Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/87F73F4AE78D11EEAAAFAC6D775412E6.roa
File: 87F73F4AE78D11EEAAAFAC6D775412E6.roa (raw, json)
Hash identifier: AcjVOUCVRrRL3UWlQIguFJCjS71GkRnkyGnUd9+FPio=
Subject key identifier: 6F:25:DE:CD:6D:7C:98:7C:B9:81:7B:AB:B2:4B:31:B3:B5:48:AE:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A5CF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/87F73F4AE78D11EEAAAFAC6D775412E6.roa
Signing time: Thu 21 Mar 2024 14:15:55 +0000
ROA not before: Thu 21 Mar 2024 14:15:52 +0000
ROA not after: Thu 25 Apr 2024 14:15:52 +0000
asID: 5065
IP address blocks: 154.206.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42447 (0xa5cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 21 14:15:52 2024 GMT
Not After : Apr 25 14:15:52 2024 GMT
Subject: CN=65fc411b-3ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a7:eb:37:9e:9b:0c:7c:f2:49:35:72:2a:2e:
67:9c:0a:b3:92:9b:0a:7f:dd:fc:04:e9:0c:a2:37:
22:d6:76:c2:b2:f1:8d:00:1b:dd:4e:6b:7c:ee:02:
f2:10:78:2c:d0:2e:19:47:a6:1e:e5:92:0e:df:78:
47:d3:2e:77:09:cc:9d:3f:79:67:d3:f5:9d:aa:b9:
9a:8c:ef:74:f7:2e:64:47:86:46:61:62:f5:65:ae:
d0:39:f9:82:d3:05:09:37:22:19:96:70:30:a3:54:
c4:77:58:1e:10:4a:e1:a6:c5:0d:3d:84:33:58:9a:
55:c8:2e:da:ca:3d:86:5d:ef:87:35:76:ec:ce:6c:
87:b5:b9:bc:a7:9f:fe:0a:a8:98:44:8b:91:dd:b6:
77:ca:d0:42:1f:2b:bc:d7:d9:08:fa:1a:25:e2:e6:
d3:b4:df:fb:47:29:c0:fa:2c:8e:64:5d:71:8f:81:
e9:84:ad:ef:3d:84:9e:72:f5:58:2f:54:ea:d7:47:
2e:9f:fb:74:a6:1b:1a:e0:86:ab:ce:66:fb:a1:32:
a5:43:cb:17:8b:51:af:f9:36:f1:53:d0:f9:f6:b3:
b8:86:d3:a2:2b:98:c5:04:a6:ea:8a:7c:73:79:5f:
03:0e:ea:c7:38:84:e0:27:44:14:a0:56:40:04:f4:
9c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:25:DE:CD:6D:7C:98:7C:B9:81:7B:AB:B2:4B:31:B3:B5:48:AE:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/87F73F4AE78D11EEAAAFAC6D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.34.0/24
Signature Algorithm: sha256WithRSAEncryption
47:aa:75:75:54:c8:03:43:bc:6c:e6:4b:61:72:57:43:d4:54:
93:55:b2:7b:23:57:0e:1c:5a:6e:2b:87:82:54:0f:dc:d9:04:
f0:dc:b7:ce:9b:dd:a5:44:03:40:b6:60:ac:b1:bd:bb:95:a4:
b0:8a:b9:44:0e:b0:7e:df:83:79:b0:b9:6c:ea:ed:24:83:d9:
92:14:92:cb:a8:41:4a:bf:02:ea:03:bb:d3:7c:0f:6c:79:66:
95:fc:c0:63:57:2a:9a:8b:1d:29:ce:36:bb:4e:cc:c2:8a:81:
91:2d:97:e5:06:77:b0:2e:67:98:f0:63:9f:af:43:c7:79:0d:
29:4e:b7:70:6b:e9:07:89:40:82:46:21:86:e2:e1:80:90:01:
13:8e:5e:79:00:6c:61:93:3a:bb:1c:6b:04:8f:73:f1:14:1a:
af:64:5f:50:7b:37:d9:e4:97:7f:5f:fe:f8:45:c9:73:4b:9f:
9f:01:50:e4:30:34:85:39:36:90:e0:a0:06:ae:94:ce:fc:66:
1f:36:60:41:6c:e7:ff:8f:c2:60:e9:fc:9b:38:ac:ff:7f:a2:
8f:7e:77:58:a7:6e:cf:74:7e:81:45:5e:08:86:84:46:69:b1:
a5:e0:47:8d:49:d4:1b:47:aa:cc:03:94:32:f3:35:75:2d:42:
2a:bb:b8:b2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKXPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzIxMTQxNTUyWhcNMjQwNDI1MTQxNTUyWjAYMRYw
FAYDVQQDEw02NWZjNDExYi0zZGRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA26frN56bDHzySTVyKi5nnAqzkpsKf938BOkMojci1nbCsvGNABvdTmt8
7gLyEHgs0C4ZR6Ye5ZIO33hH0y53CcydP3ln0/WdqrmajO909y5kR4ZGYWL1Za7Q
OfmC0wUJNyIZlnAwo1TEd1geEErhpsUNPYQzWJpVyC7ayj2GXe+HNXbszmyHtbm8
p5/+CqiYRIuR3bZ3ytBCHyu819kI+hol4ubTtN/7RynA+iyOZF1xj4HphK3vPYSe
cvVYL1Tq10cun/t0phsa4Iarzmb7oTKlQ8sXi1Gv+TbxU9D59rO4htOiK5jFBKbq
inxzeV8DDurHOITgJ0QUoFZABPScXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG8l
3s1tfJh8uYF7q7JLMbO1SK4PMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84N0Y3M0Y0QUU3OEQxMUVFQUFBRkFDNkQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4iMA0GCSqGSIb3DQEB
CwUAA4IBAQBHqnV1VMgDQ7xs5kthcldD1FSTVbJ7I1cOHFpuK4eCVA/c2QTw3LfO
m92lRANAtmCssb27laSwirlEDrB+34N5sLls6u0kg9mSFJLLqEFKvwLqA7vTfA9s
eWaV/MBjVyqaix0pzja7TszCioGRLZflBnewLmeY8GOfr0PHeQ0pTrdwa+kHiUCC
RiGG4uGAkAETjl55AGxhkzq7HGsEj3PxFBqvZF9QezfZ5Jd/X/74RclzS5+fAVDk
MDSFOTaQ4KAGrpTO/GYfNmBBbOf/j8Jg6fybOKz/f6KPfndYp27PdH6BRV4IhoRG
abGl4EeNSdQbR6rMA5Qy8zV1LUIqu7iy
-----END CERTIFICATE-----
Generated at Fri Apr 26 01:59:41 2024 by rpki-client on console-ams.rpki-client.org