Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF6285BAE46F11EEA1824C5D775412E6.roa
File: AF6285BAE46F11EEA1824C5D775412E6.roa (raw, json)
Hash identifier: PHsdVRVKGNygvZ69WjF7xtRxcvbPqerecQ+QZC20pWk=
Subject key identifier: E1:8A:3C:43:D6:EE:31:50:C6:14:31:55:A7:BA:D4:D7:47:47:C8:60
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A213
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF6285BAE46F11EEA1824C5D775412E6.roa
Signing time: Sun 17 Mar 2024 15:04:43 +0000
ROA not before: Sun 17 Mar 2024 15:04:40 +0000
ROA not after: Tue 30 Apr 2024 15:04:40 +0000
asID: 63139
IP address blocks: 154.94.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41491 (0xa213)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 17 15:04:40 2024 GMT
Not After : Apr 30 15:04:40 2024 GMT
Subject: CN=65f7068b-f0cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:65:4b:4e:9a:c4:47:06:05:26:95:87:dd:76:
3b:c6:26:04:86:77:bb:cf:1c:e8:3c:d2:7a:bf:62:
73:b0:51:53:85:1d:ac:64:8f:a8:e5:32:11:70:b0:
7f:e5:16:41:f2:83:49:72:96:f2:44:22:a1:3d:d8:
6d:eb:5a:1d:5d:8e:d6:9f:56:d3:05:ec:22:dc:16:
5f:9e:b4:aa:2f:65:77:54:00:71:fb:c7:df:88:36:
2b:e6:b4:3f:aa:89:7f:55:a0:f1:29:c0:7c:f4:0c:
b1:b3:57:d3:c4:a3:4f:01:c4:dc:d6:3d:88:a7:15:
e1:44:4b:26:ea:c5:11:b5:6f:e1:1d:e2:ee:52:66:
4e:65:51:8d:bc:ad:f8:4a:24:79:85:26:1d:a3:80:
7a:a0:26:7f:5d:b8:03:d1:74:24:e2:dd:9e:38:2d:
35:5a:c9:f1:de:61:8e:9b:1b:a3:d1:bc:f5:c4:6a:
fd:55:6e:8e:c0:32:0d:4c:84:12:9f:4b:1d:53:7c:
94:e1:07:6e:0d:1a:2d:86:ef:ee:65:74:1c:da:11:
3e:77:28:55:a4:6d:93:58:eb:9f:8c:24:fa:31:c2:
ea:b5:a7:a3:ce:63:29:e5:a2:a0:5c:c6:1d:95:b1:
92:1b:b3:91:c4:53:b5:99:4a:c8:2c:3d:3a:0b:5b:
20:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8A:3C:43:D6:EE:31:50:C6:14:31:55:A7:BA:D4:D7:47:47:C8:60
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF6285BAE46F11EEA1824C5D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.90.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:f2:95:7b:3b:ee:5e:f9:98:55:fa:04:17:d7:29:a3:03:59:
93:73:46:c7:7b:78:28:8b:2e:21:8c:26:a5:aa:9d:f5:84:a8:
90:13:fe:6f:e5:3d:46:6d:c5:2c:89:26:5c:fb:3b:c7:69:8a:
85:67:ea:ea:a9:39:92:50:b5:71:43:a4:30:42:cd:9a:4e:bb:
6f:74:21:79:65:db:3b:1c:dd:54:8e:b8:9a:7f:b3:53:11:9f:
fb:72:f9:31:a8:51:81:d2:7f:20:f2:e3:dc:ed:b6:03:bf:96:
46:13:08:c7:27:0b:2a:1a:5a:68:7e:b9:08:d6:59:1d:3a:35:
e2:43:25:80:db:d3:31:f6:87:c3:5c:ad:ae:67:d3:22:fb:67:
f3:37:ca:3b:78:0b:fb:44:60:4f:35:a8:ab:80:37:48:f4:23:
74:eb:e0:a0:22:21:18:69:23:61:e4:08:c0:b2:85:b5:1c:19:
a3:04:6c:39:75:44:59:50:0e:84:8e:32:45:f4:93:67:ca:e0:
dc:2c:6e:95:a4:cd:ad:eb:ba:4f:5e:27:9a:bd:64:c7:f3:9f:
ee:de:37:e6:e9:df:e5:8b:5d:d1:50:b2:a9:b1:88:b4:18:7f:
53:f4:8c:c1:43:e7:ce:65:22:7f:17:70:fd:0f:39:73:66:bf:
cb:53:cb:e6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKITMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzE3MTUwNDQwWhcNMjQwNDMwMTUwNDQwWjAYMRYw
FAYDVQQDEw02NWY3MDY4Yi1mMGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyGVLTprERwYFJpWH3XY7xiYEhne7zxzoPNJ6v2JzsFFThR2sZI+o5TIR
cLB/5RZB8oNJcpbyRCKhPdht61odXY7Wn1bTBewi3BZfnrSqL2V3VABx+8ffiDYr
5rQ/qol/VaDxKcB89Ayxs1fTxKNPAcTc1j2IpxXhREsm6sURtW/hHeLuUmZOZVGN
vK34SiR5hSYdo4B6oCZ/XbgD0XQk4t2eOC01Wsnx3mGOmxuj0bz1xGr9VW6OwDIN
TIQSn0sdU3yU4QduDRothu/uZXQc2hE+dyhVpG2TWOufjCT6McLqtaejzmMp5aKg
XMYdlbGSG7ORxFO1mUrILD06C1sgPQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOGK
PEPW7jFQxhQxVae61NdHR8hgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjYyODVCQUU0NkYxMUVFQTE4MjRDNUQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml5aMA0GCSqGSIb3DQEB
CwUAA4IBAQA/8pV7O+5e+ZhV+gQX1ymjA1mTc0bHe3goiy4hjCalqp31hKiQE/5v
5T1GbcUsiSZc+zvHaYqFZ+rqqTmSULVxQ6QwQs2aTrtvdCF5Zds7HN1Ujriaf7NT
EZ/7cvkxqFGB0n8g8uPc7bYDv5ZGEwjHJwsqGlpofrkI1lkdOjXiQyWA29Mx9ofD
XK2uZ9Mi+2fzN8o7eAv7RGBPNairgDdI9CN06+CgIiEYaSNh5AjAsoW1HBmjBGw5
dURZUA6EjjJF9JNnyuDcLG6VpM2t67pPXieavWTH85/u3jfm6d/li13RULKpsYi0
GH9T9IzBQ+fOZSJ/F3D9DzlzZr/LU8vm
-----END CERTIFICATE-----
Generated at Wed May 1 02:40:37 2024 by rpki-client on console-fra.rpki-client.org