Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B8BAF3E155A11EEA09BF7424AD9E6FC.roa
File: 8B8BAF3E155A11EEA09BF7424AD9E6FC.roa (raw, json)
Hash identifier: kknU1+lykl3GM8syQwXv1Ko5plJFVXrvVRvMtYGWFNM=
Subject key identifier: DA:A0:5E:A3:8A:DD:27:98:B4:C3:84:86:A6:EE:60:2F:57:21:6A:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 2E4D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B8BAF3E155A11EEA09BF7424AD9E6FC.roa
Signing time: Wed 28 Jun 2023 02:21:53 +0000
ROA not before: Wed 28 Jun 2023 02:21:49 +0000
ROA not after: Wed 24 Apr 2024 02:21:49 +0000
asID: 63888
IP address blocks: 154.209.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11853 (0x2e4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 28 02:21:49 2023 GMT
Not After : Apr 24 02:21:49 2024 GMT
Subject: CN=649b9941-3a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:eb:35:69:33:6d:b0:6f:00:b9:6e:d3:9c:9b:
55:0e:91:45:93:e5:70:bf:75:4e:9b:db:e8:1e:af:
d8:72:db:e1:9f:c5:b7:63:64:46:63:16:d4:56:04:
81:3d:df:32:1d:39:eb:77:02:59:43:df:6a:53:8b:
70:48:8e:9a:8a:97:b3:0e:17:92:be:ff:f2:85:ed:
eb:10:c3:de:2d:8e:11:3e:b4:1e:d8:38:90:84:2e:
60:6d:49:69:dc:2d:46:23:78:30:b7:97:50:f7:75:
d7:be:bd:f1:4d:a0:79:69:0f:07:84:17:19:d4:79:
78:46:83:2c:51:54:8e:39:ca:f3:39:6b:48:1b:cb:
86:e0:8b:7e:8e:66:2b:86:3d:8e:06:04:9f:14:76:
12:7a:b7:c9:fd:84:5f:08:4f:b0:b9:7c:ad:d2:de:
e1:7c:b4:bd:48:7f:22:54:24:be:b9:0d:12:2b:60:
90:78:67:62:6f:53:11:53:4d:32:91:16:3a:90:33:
e2:be:08:0f:49:54:a8:b5:0b:fd:5b:44:36:de:13:
f3:df:d7:de:67:f1:01:ac:5e:5c:bb:7a:c6:17:c4:
1f:4d:bb:9d:b8:8d:99:7d:99:e4:62:1b:e9:61:13:
d4:1a:85:38:c0:1f:09:80:c6:7f:d5:ec:8e:e1:df:
d4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A0:5E:A3:8A:DD:27:98:B4:C3:84:86:A6:EE:60:2F:57:21:6A:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B8BAF3E155A11EEA09BF7424AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.70.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:de:d4:6f:81:2d:16:2d:60:6e:5c:58:27:e9:33:b4:a2:f8:
08:38:03:41:9f:8a:ab:d0:9a:09:ed:28:84:9c:1e:41:88:75:
ba:ed:99:c2:c9:22:49:f6:8d:f3:16:06:82:ac:82:ef:80:11:
8d:94:db:9f:fa:ec:3a:96:5d:34:f8:99:10:14:a6:24:cb:a4:
42:c0:04:c5:e8:45:35:1c:f2:91:fe:72:68:9e:1b:93:80:97:
8d:7a:1c:a0:dd:d7:f6:56:1e:73:c9:4e:a6:45:79:3f:9c:e4:
f2:b3:7a:1f:4f:0f:ac:b4:ee:e6:6c:a7:69:00:08:f3:e7:20:
7b:c8:5f:e9:3b:72:78:2d:37:11:53:b6:7d:a6:7f:aa:f9:da:
3d:a1:7c:65:24:9c:af:33:a3:f7:1d:8e:f3:43:81:f6:14:95:
05:32:cf:20:ec:5b:bf:da:a8:07:73:82:8b:dd:2b:41:9d:a2:
43:a1:da:bd:06:94:49:35:58:56:82:8f:84:41:8c:60:cd:48:
c3:c6:2e:e2:55:09:59:5d:bf:fb:ff:cd:5f:2f:45:e3:73:7b:
40:3a:ea:66:50:78:e4:bf:57:fe:dc:ff:51:3c:1d:42:39:df:
d8:fb:8c:9e:b7:3e:77:42:2e:53:79:e5:4d:71:f7:11:7b:bd:
90:4b:84:29
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICLk0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzA2MjgwMjIxNDlaFw0yNDA0MjQwMjIxNDlaMBgxFjAU
BgNVBAMTDTY0OWI5OTQxLTNhNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCa6zVpM22wbwC5btOcm1UOkUWT5XC/dU6b2+ger9hy2+GfxbdjZEZjFtRW
BIE93zIdOet3AllD32pTi3BIjpqKl7MOF5K+//KF7esQw94tjhE+tB7YOJCELmBt
SWncLUYjeDC3l1D3dde+vfFNoHlpDweEFxnUeXhGgyxRVI45yvM5a0gby4bgi36O
ZiuGPY4GBJ8UdhJ6t8n9hF8IT7C5fK3S3uF8tL1IfyJUJL65DRIrYJB4Z2JvUxFT
TTKRFjqQM+K+CA9JVKi1C/1bRDbeE/Pf195n8QGsXly7esYXxB9Nu524jZl9meRi
G+lhE9QahTjAHwmAxn/V7I7h39RtAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU2qBe
o4rdJ5i0w4SGpu5gL1charIwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzhCOEJBRjNFMTU1QTExRUVBMDlCRjc0MjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACa0UYwDQYJKoZIhvcNAQEL
BQADggEBAKDe1G+BLRYtYG5cWCfpM7Si+Ag4A0GfiqvQmgntKIScHkGIdbrtmcLJ
Ikn2jfMWBoKsgu+AEY2U25/67DqWXTT4mRAUpiTLpELABMXoRTUc8pH+cmieG5OA
l416HKDd1/ZWHnPJTqZFeT+c5PKzeh9PD6y07uZsp2kACPPnIHvIX+k7cngtNxFT
tn2mf6r52j2hfGUknK8zo/cdjvNDgfYUlQUyzyDsW7/aqAdzgovdK0GdokOh2r0G
lEk1WFaCj4RBjGDNSMPGLuJVCVldv/v/zV8vReNze0A66mZQeOS/V/7c/1E8HUI5
39j7jJ63PndCLlN55U1x9xF7vZBLhCk=
-----END CERTIFICATE-----
Generated at Wed Apr 24 12:34:44 2024 by rpki-client on console-ams.rpki-client.org