Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB8C89E6FB9D11EEB811BE28017001B1.roa
File: AB8C89E6FB9D11EEB811BE28017001B1.roa (raw, json)
Hash identifier: Tbc6w72upCLSnq+hkIzxuyyYQ6/FhlG8eOMotUtGD7U=
Subject key identifier: 86:8B:91:2B:E7:ED:3C:FE:26:D0:FB:04:91:E6:15:2B:53:7E:9E:FF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AD29
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB8C89E6FB9D11EEB811BE28017001B1.roa
Signing time: Tue 16 Apr 2024 03:01:50 +0000
ROA not before: Tue 16 Apr 2024 03:01:47 +0000
ROA not after: Wed 24 Apr 2024 03:01:47 +0000
asID: 136950
IP address blocks: 154.213.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44329 (0xad29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 03:01:47 2024 GMT
Not After : Apr 24 03:01:47 2024 GMT
Subject: CN=661dea1e-343b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1a:e3:eb:06:3d:ba:86:b6:e2:1c:0b:34:96:
38:f5:bd:e2:c0:74:3a:01:70:d9:be:ee:1f:99:32:
d2:5c:bc:1d:a5:10:b3:42:eb:5e:55:c0:96:f5:9c:
90:2b:2f:c2:66:f7:8f:0b:04:df:1c:0d:6c:21:5f:
ae:51:16:50:01:b8:9a:26:b4:55:56:ff:87:6e:bf:
81:ad:01:f3:78:ec:83:eb:dc:34:7e:45:f8:8c:57:
ee:03:3f:2f:f8:8b:2e:bc:70:4b:ff:45:62:37:1f:
d5:0c:f3:4e:79:f5:1d:c6:c4:ec:c3:4c:ff:66:62:
fe:13:67:10:a0:e3:ad:e5:ec:24:5d:3c:8d:0b:a5:
28:5f:27:4c:b0:8e:35:e8:5f:5a:1f:e4:ba:36:10:
61:27:96:bc:a4:ec:43:20:e8:ed:8e:87:b4:10:d5:
29:01:4f:17:f8:76:2c:1c:b5:59:87:3f:3b:66:ae:
69:c3:59:19:66:ac:30:a9:92:f5:d0:1b:b6:ec:2d:
c3:a8:0d:29:06:03:3c:a6:0a:a2:ad:c6:45:41:93:
1a:ba:93:ea:ca:c1:b5:eb:12:c8:51:50:f2:9e:08:
f2:cb:35:5c:3b:01:a2:3d:26:10:91:79:c2:e8:de:
07:41:91:36:54:63:b8:4a:97:1f:c3:c8:4c:4b:5e:
41:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8B:91:2B:E7:ED:3C:FE:26:D0:FB:04:91:E6:15:2B:53:7E:9E:FF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB8C89E6FB9D11EEB811BE28017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.17.0/24
Signature Algorithm: sha256WithRSAEncryption
94:a9:eb:90:36:10:87:ed:ec:26:61:df:f7:ea:6a:3e:34:95:
4f:da:78:d4:fd:05:f1:ca:67:52:63:90:94:55:40:66:5b:07:
19:09:b0:59:22:f8:53:6f:60:9e:44:cd:a3:8a:2d:05:67:ea:
5c:8c:ae:69:cc:ba:17:ce:9b:9b:ad:b4:97:41:2d:00:0d:1f:
3a:44:c9:b3:77:3e:d9:c0:34:23:2c:08:95:da:d0:68:4e:af:
44:ef:78:f7:dc:7c:58:4d:65:7d:d5:db:51:20:a0:ce:e8:9a:
33:92:07:bf:76:b7:98:89:da:85:64:66:28:42:1d:67:a9:1b:
81:4e:28:29:35:ae:68:ef:e3:18:40:57:4e:fa:08:b0:04:24:
e2:61:67:10:72:fe:79:f3:c7:12:e2:04:11:1b:50:f7:91:d0:
87:33:2a:30:23:71:fc:58:71:f0:24:f2:dc:05:9d:a1:b7:47:
1e:55:72:50:f6:1a:e6:ca:a1:a3:66:5f:6d:dd:5c:3c:38:07:
35:70:de:6c:d6:d9:72:89:b1:09:7d:44:6c:b2:e0:1c:33:20:
9d:e0:85:8c:be:a2:f6:c7:d4:5b:de:31:26:bb:b0:11:61:88:
0b:8a:6a:5b:eb:45:ac:ed:71:e2:2a:be:17:4c:02:68:55:23:
1f:81:21:8d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK0pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE2MDMwMTQ3WhcNMjQwNDI0MDMwMTQ3WjAYMRYw
FAYDVQQDEw02NjFkZWExZS0zNDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAthrj6wY9uoa24hwLNJY49b3iwHQ6AXDZvu4fmTLSXLwdpRCzQuteVcCW
9ZyQKy/CZvePCwTfHA1sIV+uURZQAbiaJrRVVv+Hbr+BrQHzeOyD69w0fkX4jFfu
Az8v+IsuvHBL/0ViNx/VDPNOefUdxsTsw0z/ZmL+E2cQoOOt5ewkXTyNC6UoXydM
sI416F9aH+S6NhBhJ5a8pOxDIOjtjoe0ENUpAU8X+HYsHLVZhz87Zq5pw1kZZqww
qZL10Bu27C3DqA0pBgM8pgqircZFQZMaupPqysG16xLIUVDyngjyyzVcOwGiPSYQ
kXnC6N4HQZE2VGO4Spcfw8hMS15BVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIaL
kSvn7Tz+JtD7BJHmFStTfp7/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQjhDODlFNkZCOUQxMUVFQjgxMUJFMjgwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtURMA0GCSqGSIb3DQEB
CwUAA4IBAQCUqeuQNhCH7ewmYd/36mo+NJVP2njU/QXxymdSY5CUVUBmWwcZCbBZ
IvhTb2CeRM2jii0FZ+pcjK5pzLoXzpubrbSXQS0ADR86RMmzdz7ZwDQjLAiV2tBo
Tq9E73j33HxYTWV91dtRIKDO6Jozkge/dreYidqFZGYoQh1nqRuBTigpNa5o7+MY
QFdO+giwBCTiYWcQcv5588cS4gQRG1D3kdCHMyowI3H8WHHwJPLcBZ2ht0ceVXJQ
9hrmyqGjZl9t3Vw8OAc1cN5s1tlyibEJfURssuAcMyCd4IWMvqL2x9Rb3jEmu7AR
YYgLimpb60Ws7XHiKr4XTAJoVSMfgSGN
-----END CERTIFICATE-----
Generated at Wed Apr 24 12:34:44 2024 by rpki-client on console-ams.rpki-client.org