Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A095DE84E78911EE8255CC51775412E6.roa
File: A095DE84E78911EE8255CC51775412E6.roa (raw, json)
Hash identifier: dUIXJNc33krk++QMAJ81mErjz76f6iMGvarrv+6tuzA=
Subject key identifier: AE:96:09:7D:FC:3B:1F:1C:C0:EA:5E:7C:9E:C4:ED:4E:1F:A2:2E:54
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A5C9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A095DE84E78911EE8255CC51775412E6.roa
Signing time: Thu 21 Mar 2024 13:47:59 +0000
ROA not before: Thu 21 Mar 2024 13:47:55 +0000
ROA not after: Thu 25 Apr 2024 13:47:55 +0000
asID: 5065
IP address blocks: 154.206.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42441 (0xa5c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 21 13:47:55 2024 GMT
Not After : Apr 25 13:47:55 2024 GMT
Subject: CN=65fc3a8e-2acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5b:f3:4b:db:8d:84:d9:f4:b1:a7:61:95:e6:
4c:d9:0b:3f:e0:7d:59:2c:0e:ff:ed:0f:1d:d9:6d:
05:c6:b9:72:95:46:39:6f:68:2b:39:c5:69:88:48:
aa:c8:89:4e:13:cd:72:4f:27:53:26:2b:a4:fe:b0:
0e:15:a6:3c:32:4d:b0:6b:85:b5:64:c8:da:e9:89:
71:1a:92:72:cf:95:d4:6e:4d:09:75:fb:93:c7:fa:
9d:d7:5e:e2:b7:95:f8:cc:5b:71:34:95:bc:36:c1:
ac:39:ff:cf:79:fa:2b:53:cf:82:1d:79:3c:9b:4c:
c0:0d:d5:47:68:4d:1b:6d:90:a8:bb:8d:3d:11:06:
b8:8d:c3:45:a7:2d:53:c4:5c:b2:02:1b:6f:b0:4a:
46:d8:a8:dc:5a:8c:ab:36:ea:04:6b:5c:0c:5a:d3:
f0:ef:81:5f:fc:ae:93:12:fd:85:2b:47:56:e5:0d:
06:3e:d2:eb:5f:12:a1:c5:b1:1e:a8:55:fb:76:36:
2c:1f:9f:61:90:aa:08:f1:87:f5:dd:2e:5a:eb:02:
66:02:6f:6f:b8:80:e7:8d:8c:20:25:4d:85:76:1c:
d8:4d:02:a7:10:20:28:75:c6:c7:e2:e6:c2:5a:bf:
2e:ea:c2:b1:ab:ce:38:7b:5e:57:d6:d5:1c:09:7b:
a7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:96:09:7D:FC:3B:1F:1C:C0:EA:5E:7C:9E:C4:ED:4E:1F:A2:2E:54
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A095DE84E78911EE8255CC51775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.40.0/24
Signature Algorithm: sha256WithRSAEncryption
40:35:5d:d0:d9:22:f9:03:24:4c:80:5b:42:f9:5f:fe:06:51:
69:be:50:3a:17:81:49:d9:18:cf:fd:b7:86:47:7f:a7:bd:e2:
36:0f:dd:a8:62:29:61:82:71:e0:b9:2a:ca:7b:0f:89:d3:14:
f2:60:d8:84:19:c8:44:37:3c:e5:e4:3a:9d:af:6f:d3:c6:4f:
d9:06:0a:7c:76:d9:f4:f2:0f:41:47:80:78:9a:4f:83:8c:f9:
36:61:b2:dc:3d:d7:f8:10:3e:f9:6f:fb:4b:35:2f:84:c0:b4:
54:62:0d:99:cb:c9:68:56:57:7e:02:cb:36:53:fc:f9:75:7b:
76:44:02:fc:69:32:fe:c0:a0:10:36:cd:3a:6e:08:02:99:b6:
73:fc:85:37:c8:de:74:ae:af:12:ed:27:fe:2a:29:16:d5:34:
eb:0c:ba:d0:01:fd:0e:08:7e:e1:53:89:56:be:4f:52:84:63:
29:5f:2d:b7:5e:83:3e:e1:17:17:7d:72:eb:bf:cd:b7:b9:3b:
0d:85:88:ab:04:42:93:ab:be:4e:bf:0a:1b:7c:0d:3a:fb:c6:
02:71:5d:97:b4:b4:88:0a:3b:a1:b6:e2:4d:e6:5c:e1:98:be:
3a:58:79:62:26:44:2b:e0:d6:a7:25:b5:c3:91:cc:41:f4:bb:
82:9d:2a:67
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKXJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzIxMTM0NzU1WhcNMjQwNDI1MTM0NzU1WjAYMRYw
FAYDVQQDEw02NWZjM2E4ZS0yYWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1VvzS9uNhNn0sadhleZM2Qs/4H1ZLA7/7Q8d2W0FxrlylUY5b2grOcVp
iEiqyIlOE81yTydTJiuk/rAOFaY8Mk2wa4W1ZMja6YlxGpJyz5XUbk0JdfuTx/qd
117it5X4zFtxNJW8NsGsOf/PeforU8+CHXk8m0zADdVHaE0bbZCou409EQa4jcNF
py1TxFyyAhtvsEpG2KjcWoyrNuoEa1wMWtPw74Ff/K6TEv2FK0dW5Q0GPtLrXxKh
xbEeqFX7djYsH59hkKoI8Yf13S5a6wJmAm9vuIDnjYwgJU2FdhzYTQKnECAodcbH
4ubCWr8u6sKxq844e15X1tUcCXunCwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK6W
CX38Ox8cwOpefJ7E7U4foi5UMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMDk1REU4NEU3ODkxMUVFODI1NUNDNTE3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4oMA0GCSqGSIb3DQEB
CwUAA4IBAQBANV3Q2SL5AyRMgFtC+V/+BlFpvlA6F4FJ2RjP/beGR3+nveI2D92o
YilhgnHguSrKew+J0xTyYNiEGchENzzl5Dqdr2/Txk/ZBgp8dtn08g9BR4B4mk+D
jPk2YbLcPdf4ED75b/tLNS+EwLRUYg2Zy8loVld+Ass2U/z5dXt2RAL8aTL+wKAQ
Ns06bggCmbZz/IU3yN50rq8S7Sf+KikW1TTrDLrQAf0OCH7hU4lWvk9ShGMpXy23
XoM+4RcXfXLrv823uTsNhYirBEKTq75OvwobfA06+8YCcV2XtLSICjuhtuJN5lzh
mL46WHliJkQr4NanJbXDkcxB9LuCnSpn
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:37 2024 by rpki-client on console-fra.rpki-client.org