Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89AF71C6FB9311EEB460A84E017001B1.roa
File: 89AF71C6FB9311EEB460A84E017001B1.roa (raw, json)
Hash identifier: 7W+RsqZQuDYcpGfcXcYn8aOT6saMQG/1PR2jb8YZuiw=
Subject key identifier: CB:FE:FB:2F:40:85:F2:8D:25:84:B1:BC:A1:B1:D1:F7:8A:89:B9:92
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: ACF7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89AF71C6FB9311EEB460A84E017001B1.roa
Signing time: Tue 16 Apr 2024 01:49:18 +0000
ROA not before: Tue 16 Apr 2024 01:49:15 +0000
ROA not after: Mon 29 Apr 2024 01:49:15 +0000
asID: 141883
IP address blocks: 154.218.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44279 (0xacf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 01:49:15 2024 GMT
Not After : Apr 29 01:49:15 2024 GMT
Subject: CN=661dd91e-bdf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:be:83:84:62:de:5f:ec:fb:c6:d0:df:b5:6d:
77:f4:aa:db:17:20:77:3e:16:25:8f:d5:f4:9d:2d:
92:87:c6:85:0e:4a:63:1d:8d:90:4d:ee:a6:9f:83:
b4:20:af:2f:03:fa:7e:f3:98:51:87:85:88:c8:99:
b7:05:68:92:a6:91:9c:54:59:f6:ed:f8:ba:9b:99:
d4:fe:8d:1e:d1:94:cc:20:3d:4d:50:d5:7b:cf:26:
b0:cb:04:2c:43:bf:42:d8:fc:d8:6b:9d:eb:a7:a5:
f4:f4:bd:20:ff:74:44:1e:14:3c:07:39:f8:cf:b7:
1a:70:ad:2e:e5:08:3c:0d:0b:8b:ab:64:f4:d2:ff:
ec:c2:6a:4d:f9:6d:74:a0:dd:07:02:86:a0:a3:bd:
3b:b0:46:e4:c7:5b:68:cd:1c:73:82:13:e9:fe:7f:
d3:db:39:f2:3b:b4:4a:b6:f0:40:4f:e1:cd:df:b4:
47:37:55:7f:cc:71:9f:fb:ad:60:09:7d:7c:0a:50:
6e:9d:0f:1d:65:58:d0:b2:98:6b:22:5b:c3:2a:2b:
73:9f:4f:aa:16:39:36:87:f9:4e:a9:4f:aa:d8:62:
48:c8:53:ec:0c:30:c2:2f:e8:06:34:6b:df:ff:8f:
f4:98:32:7e:36:14:23:a8:4e:c3:f4:83:2b:21:49:
01:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:FE:FB:2F:40:85:F2:8D:25:84:B1:BC:A1:B1:D1:F7:8A:89:B9:92
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89AF71C6FB9311EEB460A84E017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.0.0/24
Signature Algorithm: sha256WithRSAEncryption
02:82:7b:44:1b:fc:dc:f4:6b:b7:90:c3:bc:bb:fd:d8:8b:75:
a9:f9:49:a2:fd:5d:4e:f9:26:66:3c:a6:0e:0c:30:c6:de:ee:
b7:c9:b8:27:3c:e5:50:43:5b:8b:ff:e9:d5:45:0b:53:63:8b:
ef:d3:e3:62:cf:bf:81:10:40:0e:b5:99:71:b6:ee:2b:40:92:
9d:0f:4e:c1:b6:8b:7c:95:5a:25:d6:c5:e0:c6:96:fd:8d:4f:
4a:1f:33:46:87:41:f0:89:c8:df:62:e0:79:45:f0:24:27:33:
22:53:15:ee:49:00:0d:fa:0c:6b:1a:d1:0b:81:db:8c:7c:cb:
b5:37:5e:dc:ee:07:be:3d:c6:34:14:a1:90:98:c6:7e:e7:44:
98:b7:ee:1d:97:3c:70:46:6e:b5:2f:33:85:3e:9b:b4:63:62:
7e:eb:a6:ac:e8:c4:87:7d:65:9a:fa:d0:df:66:9c:ad:94:60:
43:5b:00:da:cb:5c:e9:de:9e:2f:ca:77:a2:06:7b:67:c9:f3:
be:64:ee:8e:09:7d:8f:ea:1b:e8:07:5a:bb:61:45:78:9c:83:
03:67:8b:9d:e3:95:18:f0:b6:cc:84:63:61:58:25:40:30:95:
e8:53:97:d8:4f:02:c8:5e:7d:e5:78:b1:a9:58:4f:60:2d:82:
2a:f7:ed:01
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKz3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE2MDE0OTE1WhcNMjQwNDI5MDE0OTE1WjAYMRYw
FAYDVQQDEw02NjFkZDkxZS1iZGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApL6DhGLeX+z7xtDftW139KrbFyB3PhYlj9X0nS2Sh8aFDkpjHY2QTe6m
n4O0IK8vA/p+85hRh4WIyJm3BWiSppGcVFn27fi6m5nU/o0e0ZTMID1NUNV7zyaw
ywQsQ79C2PzYa53rp6X09L0g/3REHhQ8Bzn4z7cacK0u5Qg8DQuLq2T00v/swmpN
+W10oN0HAoago707sEbkx1tozRxzghPp/n/T2znyO7RKtvBAT+HN37RHN1V/zHGf
+61gCX18ClBunQ8dZVjQsphrIlvDKitzn0+qFjk2h/lOqU+q2GJIyFPsDDDCL+gG
NGvf/4/0mDJ+NhQjqE7D9IMrIUkBswIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMv+
+y9AhfKNJYSxvKGx0feKibmSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OUFGNzFDNkZCOTMxMUVFQjQ2MEE4NEUwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtoAMA0GCSqGSIb3DQEB
CwUAA4IBAQACgntEG/zc9Gu3kMO8u/3Yi3Wp+Umi/V1O+SZmPKYODDDG3u63ybgn
POVQQ1uL/+nVRQtTY4vv0+Niz7+BEEAOtZlxtu4rQJKdD07Btot8lVol1sXgxpb9
jU9KHzNGh0HwicjfYuB5RfAkJzMiUxXuSQAN+gxrGtELgduMfMu1N17c7ge+PcY0
FKGQmMZ+50SYt+4dlzxwRm61LzOFPpu0Y2J+66as6MSHfWWa+tDfZpytlGBDWwDa
y1zp3p4vyneiBntnyfO+ZO6OCX2P6hvoB1q7YUV4nIMDZ4ud45UY8LbMhGNhWCVA
MJXoU5fYTwLIXn3leLGpWE9gLYIq9+0B
-----END CERTIFICATE-----
Generated at Mon Apr 29 04:17:23 2024 by rpki-client on console-fra.rpki-client.org