Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A0A6B1D2DB5911EE9E435094775412E6.roa
File: A0A6B1D2DB5911EE9E435094775412E6.roa (raw, json)
Hash identifier: DdekoVdkNk70mn7cYnNGisoIzyQwlnRm7UnE7svgHN4=
Subject key identifier: B8:A5:04:E6:91:0D:FF:D6:B4:AF:55:A6:34:51:8D:F7:72:3C:0F:B1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 9D53
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A0A6B1D2DB5911EE9E435094775412E6.roa
Signing time: Wed 06 Mar 2024 01:34:09 +0000
ROA not before: Wed 06 Mar 2024 01:34:06 +0000
ROA not after: Sat 06 Apr 2024 01:34:06 +0000
asID: 174
IP address blocks: 154.197.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40275 (0x9d53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 6 01:34:06 2024 GMT
Not After : Apr 6 01:34:06 2024 GMT
Subject: CN=65e7c811-5fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:70:70:99:c1:98:56:64:32:f6:a3:42:99:bc:
57:17:64:d5:7e:95:a7:3d:a5:87:5d:8c:64:1c:e4:
21:92:66:83:54:7c:05:15:45:30:65:36:8e:09:e0:
e1:3f:77:d5:99:20:53:76:0e:9f:4d:79:0f:ac:45:
95:f4:8e:13:e4:eb:f0:64:7d:bf:f7:23:85:26:25:
b3:81:16:6b:54:58:ea:5d:04:ea:c8:f5:eb:84:ab:
a4:00:3a:56:c3:de:6b:20:68:cf:40:7e:e2:53:08:
4a:ab:71:16:1e:60:3f:70:f6:f5:cb:92:47:92:1d:
04:d6:2e:b7:bc:7d:e7:5a:ef:53:13:c0:05:5d:97:
dd:3d:e8:50:a2:81:cf:a2:57:ce:8f:ac:e0:e2:5a:
9d:70:f9:ae:df:89:76:53:15:10:0c:8f:3a:39:77:
31:de:bc:c1:cd:bb:ce:45:d4:40:2d:45:c6:c5:5a:
66:73:8e:e7:e4:17:c3:b9:3a:6c:22:60:9d:81:3e:
38:cf:93:ae:c4:14:ad:fd:a6:76:07:38:1d:bb:4f:
a3:a8:0e:35:05:26:c8:21:41:c4:fb:84:8b:bb:00:
97:49:18:a9:95:1b:02:9e:99:62:aa:b0:2c:eb:d5:
2e:f2:e0:b5:a2:0a:ce:5d:a1:03:c4:37:40:c5:a5:
25:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A5:04:E6:91:0D:FF:D6:B4:AF:55:A6:34:51:8D:F7:72:3C:0F:B1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A0A6B1D2DB5911EE9E435094775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.78.0/24
Signature Algorithm: sha256WithRSAEncryption
32:2b:05:e7:1c:65:a4:21:b5:22:12:33:7b:2a:ab:4c:be:ec:
2a:17:70:0f:a5:66:18:1c:dd:7e:b3:7d:4b:5d:39:84:1b:7a:
fb:50:c5:5d:f5:df:c5:01:1e:3b:76:39:b3:11:78:e0:a8:9f:
4c:cb:bf:39:b8:3f:53:a8:4c:b8:c2:f7:64:3f:43:1e:77:8e:
2e:b1:7a:af:9c:fb:93:d3:4e:ef:a4:39:c4:bd:06:86:c0:d7:
e7:f4:12:34:c8:04:fc:46:39:58:95:17:08:dd:60:af:f2:4d:
b6:9e:11:93:ee:1d:5f:93:c2:6c:5a:6c:f7:83:b0:8b:62:ea:
20:9c:62:05:1a:44:35:47:85:4d:b7:2d:5a:11:dc:39:39:12:
52:e8:e8:f5:96:64:e7:73:2a:ed:c7:28:b3:dc:73:bb:39:bb:
b9:83:56:8d:cf:27:9e:46:09:33:f5:c2:3a:9c:29:39:a6:5d:
d2:fe:92:d7:e6:7c:f7:41:99:68:f9:66:41:15:5c:dd:48:b4:
c7:b6:79:3f:ca:d8:09:45:ed:1b:47:cb:bb:31:1a:32:ce:32:
f5:c2:f7:f1:83:dc:cd:c3:e3:1b:2b:46:8c:1d:d3:de:56:a8:
de:d7:02:c8:9a:af:33:a3:eb:a0:ec:2d:d0:1a:d8:55:de:d6:
f0:11:39:65
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAJ1TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzA2MDEzNDA2WhcNMjQwNDA2MDEzNDA2WjAYMRYw
FAYDVQQDEw02NWU3YzgxMS01ZmI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqnBwmcGYVmQy9qNCmbxXF2TVfpWnPaWHXYxkHOQhkmaDVHwFFUUwZTaO
CeDhP3fVmSBTdg6fTXkPrEWV9I4T5OvwZH2/9yOFJiWzgRZrVFjqXQTqyPXrhKuk
ADpWw95rIGjPQH7iUwhKq3EWHmA/cPb1y5JHkh0E1i63vH3nWu9TE8AFXZfdPehQ
ooHPolfOj6zg4lqdcPmu34l2UxUQDI86OXcx3rzBzbvORdRALUXGxVpmc47n5BfD
uTpsImCdgT44z5OuxBSt/aZ2Bzgdu0+jqA41BSbIIUHE+4SLuwCXSRiplRsCnpli
qrAs69Uu8uC1ogrOXaEDxDdAxaUl3QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLil
BOaRDf/WtK9VpjRRjfdyPA+xMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMEE2QjFEMkRCNTkxMUVFOUU0MzUwOTQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVOMA0GCSqGSIb3DQEB
CwUAA4IBAQAyKwXnHGWkIbUiEjN7KqtMvuwqF3APpWYYHN1+s31LXTmEG3r7UMVd
9d/FAR47djmzEXjgqJ9My785uD9TqEy4wvdkP0Med44usXqvnPuT007vpDnEvQaG
wNfn9BI0yAT8RjlYlRcI3WCv8k22nhGT7h1fk8JsWmz3g7CLYuognGIFGkQ1R4VN
ty1aEdw5ORJS6Oj1lmTncyrtxyiz3HO7Obu5g1aNzyeeRgkz9cI6nCk5pl3S/pLX
5nz3QZlo+WZBFVzdSLTHtnk/ytgJRe0bR8u7MRoyzjL1wvfxg9zNw+MbK0aMHdPe
Vqje1wLImq8zo+ug7C3QGthV3tbwETll
-----END CERTIFICATE-----
Generated at Sun Apr 7 02:16:14 2024 by rpki-client on console-ams.rpki-client.org