Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DF204F8B21B11EFB2322FB3762E951A.roa
File: 8DF204F8B21B11EFB2322FB3762E951A.roa (raw, json)
Hash identifier: IYCSGtxdFMeH83JLLj1OA+1R3u2Af9SumJhiRTqHPYY=
Subject key identifier: FA:B2:EF:15:4B:E2:BF:03:B8:B2:CC:3D:BD:08:D2:CB:5E:51:6E:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0117EA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DF204F8B21B11EFB2322FB3762E951A.roa
Signing time: Wed 04 Dec 2024 08:41:29 +0000
ROA not before: Wed 04 Dec 2024 08:41:25 +0000
ROA not after: Sat 01 Feb 2025 08:41:25 +0000
asID: 136907
IP address blocks: 154.93.100.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71658 (0x117ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 4 08:41:25 2024 GMT
Not After : Feb 1 08:41:25 2025 GMT
Subject: CN=675015b9-f938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:18:53:2f:8b:b1:12:2d:23:e6:a3:ef:d0:5c:
28:4e:94:a3:2e:07:be:0e:2b:db:c1:27:f6:3a:6a:
af:98:40:e9:b6:3f:60:a6:5f:c7:df:5d:d7:53:49:
f5:7d:f0:20:13:80:4d:00:59:01:ff:50:7f:a3:08:
a0:df:e8:a1:72:c3:f9:37:5f:5b:51:c5:f5:ce:7e:
12:7f:73:dc:0f:68:28:a8:86:21:b3:0c:6e:66:75:
2c:db:d0:ca:ef:98:f4:2e:0a:56:8d:3a:89:b1:54:
56:c5:00:8b:94:b2:82:b7:d0:fd:2e:43:5c:45:bc:
84:92:09:17:e2:af:81:8e:fb:0e:ca:55:a9:f4:72:
5b:1b:bd:a3:98:c3:39:9c:fd:cc:30:c4:dc:65:14:
8c:71:2c:27:0a:7e:cc:47:93:84:7f:26:85:8d:b7:
23:68:02:66:94:84:ce:f6:38:e6:e3:d4:0e:5a:97:
ab:fe:6a:1f:de:e9:a1:8f:46:25:b9:3f:ab:13:f0:
b3:e6:a0:eb:ed:f7:e6:de:22:84:3b:10:db:1e:db:
65:44:27:4f:bc:6d:ce:ed:d3:f4:f5:5a:2d:d1:ac:
5a:8c:69:58:9d:59:13:1a:d5:9d:7f:fb:7c:b9:21:
01:3e:6c:fb:6d:07:97:7b:42:e9:c4:5e:61:df:a3:
91:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B2:EF:15:4B:E2:BF:03:B8:B2:CC:3D:BD:08:D2:CB:5E:51:6E:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DF204F8B21B11EFB2322FB3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.100.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:26:b3:d5:68:31:01:f9:51:e6:de:6a:18:c3:b1:b5:da:a7:
0d:75:10:2d:38:96:2b:4e:a5:e8:62:45:65:f2:3c:3f:2e:72:
79:d6:9b:83:90:9b:0e:c9:07:16:5c:39:05:7c:92:b0:ce:04:
64:c0:c9:7d:e3:b2:42:54:0a:39:82:7b:9b:5b:58:8c:c9:25:
3c:a9:33:18:48:13:a6:49:02:71:e0:0a:ea:7a:37:cc:64:1d:
16:48:4a:4f:53:f0:97:74:89:9a:91:2f:67:91:13:fc:3b:fd:
1d:53:30:5b:fe:46:1f:1d:c0:9e:ab:e0:c5:dc:03:a8:7a:73:
c1:b9:35:7f:71:58:de:4d:2b:11:c6:bc:85:e6:fc:1d:0f:02:
1a:74:71:33:06:3f:d7:69:a5:7d:44:cf:3a:fa:b3:b9:73:f9:
ab:c8:61:a6:10:c3:bb:37:21:4d:26:f2:e6:41:97:7f:ba:8f:
e6:cf:75:39:b4:71:99:0f:ed:2c:c8:1e:11:75:da:47:0f:0c:
c5:18:52:2a:b7:f1:28:90:4f:58:e3:f1:bd:15:73:2d:2a:54:
06:8b:dc:ad:59:d8:b4:b6:6f:8f:b3:00:f3:62:78:27:54:00:
b0:0d:7c:92:99:39:a3:05:e8:2b:05:5a:a9:bd:54:b0:42:a6:
e7:00:3e:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARfqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjA0MDg0MTI1WhcNMjUwMjAxMDg0MTI1WjAYMRYw
FAYDVQQDEw02NzUwMTViOS1mOTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuRhTL4uxEi0j5qPv0FwoTpSjLge+DivbwSf2OmqvmEDptj9gpl/H313X
U0n1ffAgE4BNAFkB/1B/owig3+ihcsP5N19bUcX1zn4Sf3PcD2goqIYhswxuZnUs
29DK75j0LgpWjTqJsVRWxQCLlLKCt9D9LkNcRbyEkgkX4q+BjvsOylWp9HJbG72j
mMM5nP3MMMTcZRSMcSwnCn7MR5OEfyaFjbcjaAJmlITO9jjm49QOWper/mof3umh
j0YluT+rE/Cz5qDr7ffm3iKEOxDbHttlRCdPvG3O7dP09Vot0axajGlYnVkTGtWd
f/t8uSEBPmz7bQeXe0LpxF5h36ORwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPqy
7xVL4r8DuLLMPb0I0steUW7+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84REYyMDRGOEIyMUIxMUVGQjIzMjJGQjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml1kMA0GCSqGSIb3DQEB
CwUAA4IBAQCLJrPVaDEB+VHm3moYw7G12qcNdRAtOJYrTqXoYkVl8jw/LnJ51puD
kJsOyQcWXDkFfJKwzgRkwMl947JCVAo5gnubW1iMySU8qTMYSBOmSQJx4ArqejfM
ZB0WSEpPU/CXdImakS9nkRP8O/0dUzBb/kYfHcCeq+DF3AOoenPBuTV/cVjeTSsR
xryF5vwdDwIadHEzBj/XaaV9RM86+rO5c/mryGGmEMO7NyFNJvLmQZd/uo/mz3U5
tHGZD+0syB4RddpHDwzFGFIqt/EokE9Y4/G9FXMtKlQGi9ytWdi0tm+PswDzYngn
VACwDXySmTmjBegrBVqpvVSwQqbnAD4A
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:38:48 2025 by rpki-client