Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A99EC00CA4D211EF81A40F82762E951A.roa
File: A99EC00CA4D211EF81A40F82762E951A.roa (raw, json)
Hash identifier: o+swgifU4dTTDSNglev9GgQmA9Be6wtvCEUgR0KFRKA=
Subject key identifier: 45:E3:02:88:7D:74:DE:66:94:CB:BB:BC:0F:00:84:2C:91:35:F4:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010ECA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A99EC00CA4D211EF81A40F82762E951A.roa
Signing time: Sun 17 Nov 2024 10:56:57 +0000
ROA not before: Sun 17 Nov 2024 10:56:53 +0000
ROA not after: Wed 27 Nov 2024 10:56:53 +0000
asID: 136969
IP address blocks: 154.204.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69322 (0x10eca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 17 10:56:53 2024 GMT
Not After : Nov 27 10:56:53 2024 GMT
Subject: CN=6739cbf9-c0b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b5:8b:ee:10:03:cd:53:0e:20:c4:1e:26:86:
67:72:ce:e6:1c:7f:7d:f2:05:73:97:3c:5d:5a:74:
7b:fb:28:78:e7:e4:51:35:4b:af:e6:05:47:87:88:
80:f4:9c:c8:cd:de:67:ae:d4:2f:81:79:e7:39:fd:
c5:90:41:d9:12:a9:47:67:30:d6:0c:bf:6a:0c:92:
be:a5:cb:cf:a7:5a:82:a8:f0:46:ad:f4:4d:40:09:
e6:a0:f0:7f:09:d2:2b:19:16:79:28:bb:2b:47:10:
f1:5c:ec:db:47:f5:8a:94:9c:10:7d:76:18:55:a3:
33:ce:17:73:f6:a0:4b:3f:05:2f:a5:3a:80:88:f9:
af:3c:69:75:ce:75:de:87:08:4f:57:80:82:27:eb:
63:12:b0:fd:7a:2e:4d:66:f9:00:e0:ea:8c:48:6f:
a1:03:2f:36:75:67:0f:53:87:72:51:15:de:4f:69:
a2:08:35:ff:2a:6d:26:eb:80:d1:91:50:55:47:c4:
6b:77:eb:2d:51:89:8e:a5:a3:de:e5:58:f1:ab:df:
06:ae:4e:3e:8b:2e:20:43:51:93:ee:b8:72:a2:2f:
02:56:08:97:71:08:04:f3:12:d4:52:17:80:c8:d3:
e5:94:b8:f4:fe:3d:6e:bb:33:f9:2a:13:8b:de:2b:
f1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E3:02:88:7D:74:DE:66:94:CB:BB:BC:0F:00:84:2C:91:35:F4:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A99EC00CA4D211EF81A40F82762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4e:c6:26:b2:85:06:58:56:09:f3:b0:78:05:a0:d2:21:34:05:
fc:b5:5b:84:69:07:e6:5e:be:6b:99:c9:f7:19:ed:a2:cb:d6:
a4:f2:a3:5e:c0:9a:c6:1d:15:cd:21:6b:70:e1:e2:21:b9:24:
57:d2:8a:7f:36:cb:52:8b:ce:ac:65:0b:b3:0b:48:b4:07:94:
e0:57:e1:e6:c1:a7:61:6b:01:ee:9f:1e:dd:36:97:a6:b6:8d:
24:ab:3a:a4:67:30:5c:2d:e7:00:65:73:c4:db:6a:70:fb:4c:
0e:b0:93:6b:e1:53:e5:2d:82:38:a0:47:ab:43:84:3a:47:40:
5e:b9:5f:50:b9:05:24:c2:d4:18:d0:c0:c7:bf:4f:86:42:a8:
b0:e6:d0:31:45:da:d5:ec:7a:19:03:01:97:db:01:4a:dc:5e:
36:b0:1e:76:b7:3a:0c:26:cd:0d:6e:81:05:19:84:7d:d4:c7:
b3:d8:b0:98:33:17:32:93:49:7c:b1:1f:04:fd:24:a0:8e:be:
b3:24:ed:8c:a5:26:9c:20:fb:9e:46:7b:e6:80:3a:14:03:28:
ca:07:9a:92:fc:32:a1:a2:ef:52:13:ff:ee:52:6f:07:11:51:
cc:28:1f:7f:3d:6b:c0:63:10:5a:b7:13:92:13:f0:7e:eb:d0:
0c:73:01:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ7KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTE3MTA1NjUzWhcNMjQxMTI3MTA1NjUzWjAYMRYw
FAYDVQQDEw02NzM5Y2JmOS1jMGI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzLWL7hADzVMOIMQeJoZncs7mHH998gVzlzxdWnR7+yh45+RRNUuv5gVH
h4iA9JzIzd5nrtQvgXnnOf3FkEHZEqlHZzDWDL9qDJK+pcvPp1qCqPBGrfRNQAnm
oPB/CdIrGRZ5KLsrRxDxXOzbR/WKlJwQfXYYVaMzzhdz9qBLPwUvpTqAiPmvPGl1
znXehwhPV4CCJ+tjErD9ei5NZvkA4OqMSG+hAy82dWcPU4dyURXeT2miCDX/Km0m
64DRkVBVR8Rrd+stUYmOpaPe5Vjxq98Grk4+iy4gQ1GT7rhyoi8CVgiXcQgE8xLU
UheAyNPllLj0/j1uuzP5KhOL3ivx6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEXj
Aoh9dN5mlMu7vA8AhCyRNfQAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOTlFQzAwQ0E0RDIxMUVGODFBNDBGODI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmsxAMA0GCSqGSIb3DQEB
CwUAA4IBAQBOxiayhQZYVgnzsHgFoNIhNAX8tVuEaQfmXr5rmcn3Ge2iy9ak8qNe
wJrGHRXNIWtw4eIhuSRX0op/NstSi86sZQuzC0i0B5TgV+HmwadhawHunx7dNpem
to0kqzqkZzBcLecAZXPE22pw+0wOsJNr4VPlLYI4oEerQ4Q6R0BeuV9QuQUkwtQY
0MDHv0+GQqiw5tAxRdrV7HoZAwGX2wFK3F42sB52tzoMJs0NboEFGYR91Mez2LCY
Mxcyk0l8sR8E/SSgjr6zJO2MpSacIPueRnvmgDoUAyjKB5qS/DKhou9SE//uUm8H
EVHMKB9/PWvAYxBatxOSE/B+69AMcwHx
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:02:47 2025 by rpki-client