Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5E97566E46E11EEB5E4B356775412E6.roa
File: B5E97566E46E11EEB5E4B356775412E6.roa (raw, json)
Hash identifier: OtmQHI102E8hQ8SDpNCjesCba+3t27l28uqSWwz9fdk=
Subject key identifier: 8D:58:11:FE:44:A5:CD:63:34:B6:8E:8A:89:85:29:8A:93:34:9D:C8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A209
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5E97566E46E11EEB5E4B356775412E6.roa
Signing time: Sun 17 Mar 2024 14:57:44 +0000
ROA not before: Sun 17 Mar 2024 14:57:41 +0000
ROA not after: Tue 30 Apr 2024 14:57:41 +0000
asID: 63139
IP address blocks: 154.94.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41481 (0xa209)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 17 14:57:41 2024 GMT
Not After : Apr 30 14:57:41 2024 GMT
Subject: CN=65f704e8-9270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5e:d3:83:41:8f:d9:10:7f:44:2f:5f:cf:86:
77:d9:d0:68:db:95:20:02:b4:b4:34:53:19:f6:42:
41:bd:85:57:0f:a9:ee:40:69:77:11:40:d8:6a:c1:
d1:13:a5:22:9f:61:a9:17:18:97:b3:2e:52:58:36:
99:1f:94:15:83:f0:31:22:99:80:e8:9f:0f:40:85:
83:f3:b1:33:0b:f9:77:c5:1a:72:51:8a:af:d9:b4:
d4:c7:58:c5:83:27:86:8e:20:3c:99:cb:3c:0f:22:
f3:58:4f:20:9b:02:68:3e:5c:25:c1:ab:8a:bb:42:
d2:64:16:fd:6e:94:d1:11:f6:37:b3:98:d1:e2:ee:
ed:5c:e0:e0:8e:fc:bd:cc:14:bb:0a:68:4a:e8:f2:
2a:04:b9:f3:0f:05:f7:63:a4:ea:06:b4:03:8e:62:
24:fc:ed:43:74:83:55:18:4f:21:d3:5c:54:f9:1d:
97:de:13:03:4b:a0:c8:ac:66:6a:9c:1f:09:44:3d:
a5:db:03:d6:db:c2:bf:f6:4f:fd:50:e2:73:74:cd:
c0:b2:40:4a:11:70:df:d7:c6:e6:1c:fa:2e:e0:3a:
e4:7c:66:ca:27:f4:3e:16:27:24:c2:dd:bb:01:cc:
2a:3f:14:9b:6b:7e:9c:15:27:fa:1a:22:e0:73:ad:
16:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:58:11:FE:44:A5:CD:63:34:B6:8E:8A:89:85:29:8A:93:34:9D:C8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5E97566E46E11EEB5E4B356775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.114.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:21:fc:22:c4:71:51:f4:f7:0d:83:b8:f1:97:56:be:36:3a:
e1:91:d0:19:a9:c9:19:fc:6c:fc:4a:41:5d:2e:af:ad:c3:9d:
dc:63:30:bf:29:90:d6:83:ca:fb:92:61:0f:6e:4e:b2:68:bd:
a9:33:0e:7b:32:a0:1f:91:31:c7:7b:ca:61:6d:7d:26:37:e6:
1e:0e:80:48:af:19:a1:63:04:6f:39:6d:b2:16:63:df:c1:d4:
69:6c:7b:94:84:17:66:98:db:9b:03:ac:5b:b7:2b:99:d8:66:
c4:22:3a:37:09:8f:30:f3:c6:56:72:69:86:f9:32:34:b1:c3:
fe:e0:01:99:49:f9:4b:6c:94:79:03:0f:d9:09:ae:fe:28:c2:
66:0a:8d:8f:5b:b6:c1:0f:c6:bb:53:5a:00:1c:8b:47:8b:b5:
d1:ca:c0:51:cd:72:ef:d8:0c:d2:07:0d:77:4f:29:b3:0d:a1:
32:fb:a8:47:51:96:31:f3:48:d6:80:37:74:89:82:88:04:10:
e6:5d:83:0a:19:b3:33:97:2f:3e:39:11:aa:04:6d:1a:e8:99:
d3:33:94:f0:aa:d5:79:62:22:69:a6:25:43:68:36:50:67:54:
5b:b5:d7:09:75:2b:a9:42:98:c0:4c:26:cb:0b:d6:4c:4d:70:
d6:16:86:27
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKIJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzE3MTQ1NzQxWhcNMjQwNDMwMTQ1NzQxWjAYMRYw
FAYDVQQDEw02NWY3MDRlOC05MjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr17Tg0GP2RB/RC9fz4Z32dBo25UgArS0NFMZ9kJBvYVXD6nuQGl3EUDY
asHRE6Uin2GpFxiXsy5SWDaZH5QVg/AxIpmA6J8PQIWD87EzC/l3xRpyUYqv2bTU
x1jFgyeGjiA8mcs8DyLzWE8gmwJoPlwlwauKu0LSZBb9bpTREfY3s5jR4u7tXODg
jvy9zBS7CmhK6PIqBLnzDwX3Y6TqBrQDjmIk/O1DdINVGE8h01xU+R2X3hMDS6DI
rGZqnB8JRD2l2wPW28K/9k/9UOJzdM3AskBKEXDf18bmHPou4DrkfGbKJ/Q+Fick
wt27AcwqPxSba36cFSf6GiLgc60W1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI1Y
Ef5Epc1jNLaOiomFKYqTNJ3IMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNUU5NzU2NkU0NkUxMUVFQjVFNEIzNTY3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml5yMA0GCSqGSIb3DQEB
CwUAA4IBAQCqIfwixHFR9PcNg7jxl1a+NjrhkdAZqckZ/Gz8SkFdLq+tw53cYzC/
KZDWg8r7kmEPbk6yaL2pMw57MqAfkTHHe8phbX0mN+YeDoBIrxmhYwRvOW2yFmPf
wdRpbHuUhBdmmNubA6xbtyuZ2GbEIjo3CY8w88ZWcmmG+TI0scP+4AGZSflLbJR5
Aw/ZCa7+KMJmCo2PW7bBD8a7U1oAHItHi7XRysBRzXLv2AzSBw13TymzDaEy+6hH
UZYx80jWgDd0iYKIBBDmXYMKGbMzly8+ORGqBG0a6JnTM5TwqtV5YiJppiVDaDZQ
Z1RbtdcJdSupQpjATCbLC9ZMTXDWFoYn
-----END CERTIFICATE-----
Generated at Wed May 1 02:40:37 2024 by rpki-client on console-fra.rpki-client.org