Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA4496109B7911EF957A5377762E951A.roa
File: AA4496109B7911EF957A5377762E951A.roa (raw, json)
Hash identifier: nMwsUQ7KIGflkc7tr53vY2LM296QCrYe2vBR2ufUv48=
Subject key identifier: 1A:2C:B7:DD:D8:61:77:6A:02:1C:40:E7:CE:EB:64:00:84:D1:E2:A1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0107E9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA4496109B7911EF957A5377762E951A.roa
Signing time: Tue 05 Nov 2024 13:27:12 +0000
ROA not before: Tue 05 Nov 2024 13:27:08 +0000
ROA not after: Mon 13 Jan 2025 13:27:08 +0000
asID: 22773
IP address blocks: 154.219.6.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67561 (0x107e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 5 13:27:08 2024 GMT
Not After : Jan 13 13:27:08 2025 GMT
Subject: CN=672a1d30-1e44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e2:36:54:92:ed:9e:e2:6a:b2:b2:65:99:1b:
b5:e4:cb:5e:60:ac:5d:d4:cf:4d:79:5f:bf:92:34:
98:4f:f7:ea:25:81:17:c8:5e:8d:98:c5:9e:bd:89:
ec:2a:e2:3a:b2:f7:1e:7f:82:52:f3:6f:54:85:2f:
9f:b4:01:67:1f:82:1e:86:dd:06:93:92:57:10:ff:
32:12:45:95:a2:6f:12:d3:a1:d0:f4:38:0d:e9:0c:
02:27:46:6d:c0:a7:d8:14:52:6e:50:ce:d1:24:b0:
02:09:55:3c:6a:b8:3e:ef:fd:fd:af:b2:47:b1:03:
c7:75:6a:8e:ec:5b:f3:79:37:73:2d:af:c8:14:42:
c5:06:74:b0:0e:52:1a:d9:c2:8c:4d:41:64:e1:b2:
b1:eb:ec:da:69:32:1c:7b:58:e1:01:d2:06:67:93:
ec:0c:3f:1d:d1:50:96:3c:b6:69:0d:56:43:33:6f:
3d:eb:41:f3:3f:78:9a:80:a6:4b:1d:83:a9:dc:bb:
29:e3:f2:72:e3:79:a5:a9:b0:5a:67:43:e3:b0:d5:
fa:a8:72:ee:ed:d9:84:42:48:50:f4:10:b9:6e:a5:
9e:b9:37:24:ed:aa:97:79:83:9b:20:0a:26:44:d8:
84:e5:c3:62:54:47:b5:30:f6:59:30:3a:a3:2a:71:
37:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:2C:B7:DD:D8:61:77:6A:02:1C:40:E7:CE:EB:64:00:84:D1:E2:A1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA4496109B7911EF957A5377762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.6.0/23
Signature Algorithm: sha256WithRSAEncryption
36:7c:fc:ba:2b:57:66:89:7f:9d:37:87:5d:87:fe:76:a4:ea:
a2:af:c8:1c:dc:17:92:40:34:bb:39:38:0b:6d:cf:78:a2:11:
e2:f4:58:4e:9c:35:52:9c:27:c2:64:4f:78:ff:83:a1:5c:fb:
40:5d:81:dc:bb:17:04:43:31:68:ed:5e:12:3e:f1:13:ad:11:
d3:38:dc:6d:ef:ff:75:f9:43:2f:47:b5:d4:9a:d3:c9:d0:e0:
07:5a:a4:69:cd:6e:5e:a9:92:04:04:a6:5b:f7:0d:30:3e:87:
2a:28:63:39:40:08:22:09:01:4d:2e:fa:36:28:28:b2:ca:7b:
55:8d:1e:54:75:b8:0f:3f:45:83:27:7f:e6:c9:32:43:bb:b1:
27:1d:0b:1d:e7:ed:d3:fb:2e:6b:df:dd:a6:9a:e5:d6:68:3c:
92:59:9e:ad:98:21:a2:d0:3e:86:6d:83:8c:ff:b1:ba:ab:8e:
2a:30:15:e3:f9:fa:37:16:c5:11:e4:04:19:36:39:83:c3:ed:
57:dd:df:54:c7:07:1a:dd:53:7c:7e:b5:e2:29:24:f9:8c:e8:
8d:db:7e:05:8c:b9:85:e8:c8:e0:8c:68:2f:01:ec:2e:c8:14:
b2:32:2b:8a:bb:17:fc:3c:23:01:cc:25:3c:4b:82:43:3d:68:
32:ec:85:97
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQfpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTMyNzA4WhcNMjUwMTEzMTMyNzA4WjAYMRYw
FAYDVQQDEw02NzJhMWQzMC0xZTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzuI2VJLtnuJqsrJlmRu15MteYKxd1M9NeV+/kjSYT/fqJYEXyF6NmMWe
vYnsKuI6svcef4JS829UhS+ftAFnH4Ieht0Gk5JXEP8yEkWVom8S06HQ9DgN6QwC
J0ZtwKfYFFJuUM7RJLACCVU8arg+7/39r7JHsQPHdWqO7FvzeTdzLa/IFELFBnSw
DlIa2cKMTUFk4bKx6+zaaTIce1jhAdIGZ5PsDD8d0VCWPLZpDVZDM28960HzP3ia
gKZLHYOp3Lsp4/Jy43mlqbBaZ0PjsNX6qHLu7dmEQkhQ9BC5bqWeuTck7aqXeYOb
IAomRNiE5cNiVEe1MPZZMDqjKnE3EQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBos
t93YYXdqAhxA587rZACE0eKhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQTQ0OTYxMDlCNzkxMUVGOTU3QTUzNzc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtsGMA0GCSqGSIb3DQEB
CwUAA4IBAQA2fPy6K1dmiX+dN4ddh/52pOqir8gc3BeSQDS7OTgLbc94ohHi9FhO
nDVSnCfCZE94/4OhXPtAXYHcuxcEQzFo7V4SPvETrRHTONxt7/91+UMvR7XUmtPJ
0OAHWqRpzW5eqZIEBKZb9w0wPocqKGM5QAgiCQFNLvo2KCiyyntVjR5UdbgPP0WD
J3/myTJDu7EnHQsd5+3T+y5r392mmuXWaDySWZ6tmCGi0D6GbYOM/7G6q44qMBXj
+fo3FsUR5AQZNjmDw+1X3d9Uxwca3VN8frXiKST5jOiN234FjLmF6MjgjGgvAewu
yBSyMiuKuxf8PCMBzCU8S4JDPWgy7IWX
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:30 2025 by rpki-client