Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DB7C548EF0911EE821CC884775412E6.roa
File: 8DB7C548EF0911EE821CC884775412E6.roa (raw, json)
Hash identifier: uMxnO0sETBY1aY0uw+Cny26Z/zoOdIbqeZHKI3ypsho=
Subject key identifier: 61:07:1B:45:29:5D:EE:B5:15:5F:4B:C9:F3:B7:F1:11:DC:F3:6B:1A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A779
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DB7C548EF0911EE821CC884775412E6.roa
Signing time: Sun 31 Mar 2024 02:51:21 +0000
ROA not before: Sun 31 Mar 2024 02:51:17 +0000
ROA not after: Thu 02 May 2024 02:51:17 +0000
asID: 212042
IP address blocks: 154.197.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42873 (0xa779)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 31 02:51:17 2024 GMT
Not After : May 2 02:51:17 2024 GMT
Subject: CN=6608cfa9-1fc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9e:69:ac:1a:c8:09:1b:21:1a:18:c8:82:e8:
f9:8a:c9:c8:74:9c:23:f0:dd:22:88:1f:a2:e5:3d:
c2:fd:a2:3b:1c:40:7d:1a:55:c8:37:8a:d5:2b:6e:
bf:5d:b4:6a:4f:58:52:bb:08:cc:07:f4:89:99:20:
50:55:0a:2e:db:e2:87:f2:64:30:1b:39:92:e9:41:
29:71:90:bf:9c:53:bf:c1:d1:69:23:10:28:a9:52:
a7:80:f3:00:3b:87:3c:45:d7:f1:45:01:d9:0c:69:
0c:7a:d5:94:34:bb:86:3b:37:e0:3a:34:5f:84:db:
3c:8a:a6:01:44:f4:fb:91:cf:65:83:1a:5e:73:4c:
c7:6d:12:c1:b4:b5:74:30:57:61:a5:20:50:c9:ec:
6b:07:04:47:f3:30:2d:72:b2:9f:e8:40:6c:48:6e:
31:f4:27:3b:75:29:1c:ec:5f:cf:7a:93:0d:23:5b:
c7:a7:1b:38:e0:f8:15:04:05:43:33:25:20:c1:b2:
75:e5:38:25:22:db:4f:40:01:d6:91:75:22:fe:3a:
e4:ef:e9:f8:a0:09:02:33:cd:b4:fe:11:39:6f:26:
a6:a1:52:d5:e3:5d:cd:60:d3:d0:94:66:d6:bb:ac:
8a:46:57:79:f9:37:62:eb:47:0a:98:03:d5:8c:20:
b0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:07:1B:45:29:5D:EE:B5:15:5F:4B:C9:F3:B7:F1:11:DC:F3:6B:1A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DB7C548EF0911EE821CC884775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.68.0/24
Signature Algorithm: sha256WithRSAEncryption
74:e8:9e:a4:20:c1:93:56:bb:0b:e1:a4:46:6c:8d:83:d9:bb:
e5:e6:bd:35:6f:d6:ec:8d:b6:36:fd:14:80:65:b5:21:2f:f2:
ac:73:9d:05:49:6f:57:96:fb:9c:12:fb:94:db:5b:3c:87:0b:
a3:9a:4b:97:2c:3a:ef:82:09:dd:e8:b0:b4:36:b0:57:4a:35:
3e:8b:34:9c:f1:75:71:72:5a:d9:18:42:cb:e9:18:eb:8f:f3:
b9:4d:77:54:07:b0:02:3c:f0:3d:85:d0:b0:c9:82:7a:f1:25:
5a:18:92:58:91:d2:05:5d:b7:d4:9c:b6:ae:92:7c:bd:5d:b4:
04:ff:e7:c2:5c:e0:41:23:8c:04:cc:ec:b5:0e:d0:ad:33:27:
0a:1f:2d:2a:13:83:ea:d2:65:bd:24:d1:63:fc:b7:e2:94:1a:
87:3b:b3:ba:20:a2:c8:b4:b0:9f:43:0a:b6:36:ad:ab:86:46:
5b:c1:7a:7a:15:ac:50:2e:67:98:af:9b:89:91:a4:08:d4:62:
0a:d6:cc:1d:53:14:a1:0e:dc:24:a8:9c:e8:02:08:41:93:27:
4a:55:75:13:2e:c0:89:42:b8:6f:92:3a:7f:ab:0c:1b:9b:9c:
8c:2c:e2:2d:db:c2:bb:fd:01:92:16:f9:62:9f:d9:6e:b4:c9:
9a:da:aa:f9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKd5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzMxMDI1MTE3WhcNMjQwNTAyMDI1MTE3WjAYMRYw
FAYDVQQDEw02NjA4Y2ZhOS0xZmMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu55prBrICRshGhjIguj5isnIdJwj8N0iiB+i5T3C/aI7HEB9GlXIN4rV
K26/XbRqT1hSuwjMB/SJmSBQVQou2+KH8mQwGzmS6UEpcZC/nFO/wdFpIxAoqVKn
gPMAO4c8RdfxRQHZDGkMetWUNLuGOzfgOjRfhNs8iqYBRPT7kc9lgxpec0zHbRLB
tLV0MFdhpSBQyexrBwRH8zAtcrKf6EBsSG4x9Cc7dSkc7F/PepMNI1vHpxs44PgV
BAVDMyUgwbJ15TglIttPQAHWkXUi/jrk7+n4oAkCM820/hE5byamoVLV413NYNPQ
lGbWu6yKRld5+Tdi60cKmAPVjCCwCwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGEH
G0UpXe61FV9LyfO38RHc82saMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84REI3QzU0OEVGMDkxMUVFODIxQ0M4ODQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVEMA0GCSqGSIb3DQEB
CwUAA4IBAQB06J6kIMGTVrsL4aRGbI2D2bvl5r01b9bsjbY2/RSAZbUhL/Ksc50F
SW9XlvucEvuU21s8hwujmkuXLDrvggnd6LC0NrBXSjU+izSc8XVxclrZGELL6Rjr
j/O5TXdUB7ACPPA9hdCwyYJ68SVaGJJYkdIFXbfUnLaukny9XbQE/+fCXOBBI4wE
zOy1DtCtMycKHy0qE4Pq0mW9JNFj/LfilBqHO7O6IKLItLCfQwq2Nq2rhkZbwXp6
FaxQLmeYr5uJkaQI1GIK1swdUxShDtwkqJzoAghBkydKVXUTLsCJQrhvkjp/qwwb
m5yMLOIt28K7/QGSFvlin9lutMma2qr5
-----END CERTIFICATE-----
Generated at Thu May 2 16:58:41 2024 by rpki-client on console-fra.rpki-client.org