Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A52B7AE6FB9B11EEA4713118017001B1.roa
File: A52B7AE6FB9B11EEA4713118017001B1.roa (raw, json)
Hash identifier: 1TWmPLx1W+0mvgUVJS1QAIdKo1Qy8YEeG7HFQEKdJss=
Subject key identifier: AC:4F:57:47:FD:CA:D6:FD:99:A8:B3:0B:9D:07:4A:91:31:12:08:0A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AD1F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A52B7AE6FB9B11EEA4713118017001B1.roa
Signing time: Tue 16 Apr 2024 02:47:20 +0000
ROA not before: Tue 16 Apr 2024 02:47:17 +0000
ROA not after: Thu 25 Apr 2024 02:47:17 +0000
asID: 142062
IP address blocks: 154.212.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44319 (0xad1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 02:47:17 2024 GMT
Not After : Apr 25 02:47:17 2024 GMT
Subject: CN=661de6b8-efca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fb:e1:16:0e:e0:e4:c6:fe:40:40:10:12:1e:
8c:b6:5f:75:d5:e1:5f:92:9b:b0:78:21:e5:09:59:
a0:d9:94:89:1b:04:12:42:8a:fe:40:7f:4e:aa:5c:
87:35:05:61:4d:72:99:73:18:47:dc:35:f8:b3:bd:
f0:72:1b:4b:1e:3b:34:77:ff:87:a5:d7:97:eb:d4:
00:05:5d:6a:8b:64:6a:49:90:cf:5b:88:56:3d:03:
a1:e8:64:2c:a3:c3:20:e7:10:f5:cc:b9:67:bd:6b:
7a:a4:62:06:e8:f5:6e:91:3a:b9:dc:d3:da:26:86:
a2:82:0b:0b:cc:19:b8:14:bf:30:f7:07:8e:bc:bc:
b8:69:15:ed:ef:c5:0c:d3:8a:c7:d6:c5:54:f8:9a:
9f:d8:d0:de:7d:ab:a7:ba:b8:68:6a:90:df:aa:07:
29:3b:e0:92:e2:35:5c:1e:73:d8:bb:db:19:e5:f8:
21:c4:67:75:83:82:6c:33:c7:a0:c8:5a:91:e2:a2:
32:2e:88:9b:b2:61:c4:04:a4:e6:5d:76:ce:00:6f:
cd:72:02:86:1c:af:ba:07:28:27:70:cd:64:cb:b3:
2f:2c:d9:4e:9e:9d:97:f6:5d:89:7c:25:70:b4:e5:
09:b3:40:9e:f1:ad:1e:cd:cf:50:a5:82:56:91:42:
b9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:4F:57:47:FD:CA:D6:FD:99:A8:B3:0B:9D:07:4A:91:31:12:08:0A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A52B7AE6FB9B11EEA4713118017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.154.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:f6:f7:2f:9a:cf:44:5f:32:5b:81:bb:27:89:c1:89:2b:ba:
4d:63:fe:19:14:d3:a7:86:fd:c3:be:d0:d4:35:b2:bf:8b:a9:
c0:58:9f:51:eb:81:c3:9e:37:56:3b:de:62:2f:30:5f:ea:8c:
89:82:91:b8:50:b1:15:0c:3a:1f:d0:6f:81:d3:68:d2:b1:e5:
8b:ad:b6:fa:49:78:6f:a1:e1:7f:a0:27:25:48:ed:18:1b:56:
86:c6:46:51:15:71:b0:71:de:68:58:2e:4c:cf:74:40:cc:e8:
03:b1:42:cc:4d:47:85:62:af:a8:99:71:f0:af:cc:78:4f:3f:
32:f0:60:53:ae:d0:89:90:f9:d1:f2:d3:f4:27:f4:33:a5:fc:
a6:b1:2c:e6:df:b9:61:25:57:d7:de:29:9e:0e:a1:ea:d1:14:
05:8a:e6:d2:23:79:8f:76:9f:5c:9c:8c:27:fd:04:0f:aa:58:
1c:c0:75:98:3c:19:c8:f5:b2:00:d6:fd:34:eb:ad:42:cf:65:
8c:94:52:6a:0c:a7:d4:51:0b:6c:87:5e:f6:83:f3:05:2a:2d:
4d:29:f2:62:b7:f0:7a:b3:53:c7:cc:c6:51:26:2e:f5:77:7f:
7a:a0:06:0e:ab:a5:aa:eb:20:38:c9:a5:38:10:6a:04:e2:30:
e3:f6:4f:01
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK0fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE2MDI0NzE3WhcNMjQwNDI1MDI0NzE3WjAYMRYw
FAYDVQQDEw02NjFkZTZiOC1lZmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArvvhFg7g5Mb+QEAQEh6Mtl911eFfkpuweCHlCVmg2ZSJGwQSQor+QH9O
qlyHNQVhTXKZcxhH3DX4s73wchtLHjs0d/+HpdeX69QABV1qi2RqSZDPW4hWPQOh
6GQso8Mg5xD1zLlnvWt6pGIG6PVukTq53NPaJoaiggsLzBm4FL8w9weOvLy4aRXt
78UM04rH1sVU+Jqf2NDefaunurhoapDfqgcpO+CS4jVcHnPYu9sZ5fghxGd1g4Js
M8egyFqR4qIyLoibsmHEBKTmXXbOAG/NcgKGHK+6BygncM1ky7MvLNlOnp2X9l2J
fCVwtOUJs0Ce8a0ezc9QpYJWkUK5qwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKxP
V0f9ytb9maizC50HSpExEggKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNTJCN0FFNkZCOUIxMUVFQTQ3MTMxMTgwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtSaMA0GCSqGSIb3DQEB
CwUAA4IBAQDN9vcvms9EXzJbgbsnicGJK7pNY/4ZFNOnhv3DvtDUNbK/i6nAWJ9R
64HDnjdWO95iLzBf6oyJgpG4ULEVDDof0G+B02jSseWLrbb6SXhvoeF/oCclSO0Y
G1aGxkZRFXGwcd5oWC5Mz3RAzOgDsULMTUeFYq+omXHwr8x4Tz8y8GBTrtCJkPnR
8tP0J/QzpfymsSzm37lhJVfX3imeDqHq0RQFiubSI3mPdp9cnIwn/QQPqlgcwHWY
PBnI9bIA1v00661Cz2WMlFJqDKfUUQtsh172g/MFKi1NKfJit/B6s1PHzMZRJi71
d396oAYOq6Wq6yA4yaU4EGoE4jDj9k8B
-----END CERTIFICATE-----
Generated at Thu Apr 25 09:50:18 2024 by rpki-client on console-fra.rpki-client.org