Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B604EECCBBE211EE9BBACBA1775412E6.roa
File: B604EECCBBE211EE9BBACBA1775412E6.roa (raw, json)
Hash identifier: PEVC+pc+x0Eyz5zNl56XIPwjJWQwmCZKSwIbv+hG0dM=
Subject key identifier: 0A:C7:DC:A7:71:79:0D:AC:45:27:DF:A1:6B:39:1B:25:B5:02:FF:78
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 7D05
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B604EECCBBE211EE9BBACBA1775412E6.roa
Signing time: Fri 26 Jan 2024 00:34:49 +0000
ROA not before: Fri 26 Jan 2024 00:00:45 +0000
ROA not after: Wed 01 May 2024 00:00:45 +0000
asID: 216038
IP address blocks: 154.86.26.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32005 (0x7d05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 26 00:00:45 2024 GMT
Not After : May 1 00:00:45 2024 GMT
Subject: CN=65b2fe28-948d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0f:31:ff:fb:02:e7:54:a5:fd:c8:4c:bf:be:
e0:9c:b3:ed:bb:c5:25:3e:bf:62:03:0a:ce:c8:94:
22:2d:be:39:2c:89:37:93:4c:3c:d1:0c:64:90:ff:
68:a0:a4:63:b2:12:52:19:9c:fc:5d:f1:b9:10:04:
1c:00:04:e8:33:73:d4:ca:fa:06:2c:11:b7:c5:6e:
97:48:37:53:ad:0f:51:b4:48:20:9f:ad:6b:51:02:
41:22:fa:06:e9:1e:a1:9e:bc:45:a2:e1:60:8f:e0:
23:4b:5b:64:f8:da:e5:d0:17:76:eb:4d:e5:f1:db:
17:f8:fd:6b:72:1d:51:22:3e:b7:b6:2d:1f:41:08:
50:5c:72:30:e5:0b:18:98:b2:c9:99:65:0d:db:f0:
64:3a:18:85:c9:d1:5b:ed:ba:f1:69:b4:b0:13:d9:
1a:72:d7:9e:99:db:17:54:eb:d0:e3:14:98:f8:1e:
72:f5:f4:fb:40:be:cb:d0:26:fe:5f:fc:2c:82:c7:
b7:74:45:2b:0e:a2:55:d9:33:32:fc:b5:49:bd:37:
55:b1:70:b0:d4:ba:03:a9:39:24:c8:b8:4d:ec:e5:
8b:3c:11:0c:90:0f:5f:d0:61:46:90:24:7a:dc:7d:
16:d0:2f:bb:ce:61:75:59:44:ee:07:5c:a5:6e:67:
b7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:C7:DC:A7:71:79:0D:AC:45:27:DF:A1:6B:39:1B:25:B5:02:FF:78
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B604EECCBBE211EE9BBACBA1775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.26.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:dc:70:d9:47:cf:ff:8a:65:09:86:33:ce:56:9c:b9:2f:6e:
bd:ad:06:6e:94:fc:b7:de:e1:56:e1:7a:b5:ad:6f:43:8d:7d:
6c:66:c7:ef:6b:64:8c:cf:aa:43:d7:f9:23:5c:56:44:f2:21:
fc:9b:1b:b1:14:bc:0f:d8:c6:5a:21:85:c7:ff:07:2c:2e:86:
32:57:c6:83:12:3e:59:09:b5:3f:1c:f6:4a:08:cf:95:5a:26:
be:59:47:f7:3c:24:96:b8:31:28:cb:c7:e0:9a:db:07:b2:df:
c6:81:77:07:07:31:04:53:9b:42:37:f1:89:38:c2:9f:99:6b:
00:0d:69:f6:af:f8:9b:97:a0:9e:4b:eb:95:4b:e8:03:d5:97:
94:ef:f9:4e:ec:e0:36:10:2d:e5:49:c2:e9:ff:ee:b7:62:02:
e5:68:bc:8c:6e:5d:0b:88:80:96:ca:96:02:34:44:9d:81:6a:
01:c3:cd:8c:c8:27:1a:53:c4:6a:0e:e1:03:42:93:62:e7:b3:
00:a8:90:22:18:60:dc:c6:22:86:3a:38:13:7c:16:2c:d4:bc:
3a:e4:03:3d:e2:db:3b:b8:0d:5b:d5:aa:d8:3e:71:22:29:5a:
71:e0:a9:38:95:75:b1:4f:2c:f1:46:46:fa:51:49:9c:cb:59:
88:3b:64:b4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICfQUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yNDAxMjYwMDAwNDVaFw0yNDA1MDEwMDAwNDVaMBgxFjAU
BgNVBAMTDTY1YjJmZTI4LTk0OGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCyDzH/+wLnVKX9yEy/vuCcs+27xSU+v2IDCs7IlCItvjksiTeTTDzRDGSQ
/2igpGOyElIZnPxd8bkQBBwABOgzc9TK+gYsEbfFbpdIN1OtD1G0SCCfrWtRAkEi
+gbpHqGevEWi4WCP4CNLW2T42uXQF3brTeXx2xf4/WtyHVEiPre2LR9BCFBccjDl
CxiYssmZZQ3b8GQ6GIXJ0VvtuvFptLAT2Rpy156Z2xdU69DjFJj4HnL19PtAvsvQ
Jv5f/CyCx7d0RSsOolXZMzL8tUm9N1WxcLDUugOpOSTIuE3s5Ys8EQyQD1/QYUaQ
JHrcfRbQL7vOYXVZRO4HXKVuZ7clAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUCsfc
p3F5DaxFJ9+hazkbJbUC/3gwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0I2MDRFRUNDQkJFMjExRUU5QkJBQ0JBMTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVhowDQYJKoZIhvcNAQEL
BQADggEBAL/ccNlHz/+KZQmGM85WnLkvbr2tBm6U/Lfe4VbherWtb0ONfWxmx+9r
ZIzPqkPX+SNcVkTyIfybG7EUvA/Yxlohhcf/BywuhjJXxoMSPlkJtT8c9koIz5Va
Jr5ZR/c8JJa4MSjLx+Ca2wey38aBdwcHMQRTm0I38Yk4wp+ZawANafav+JuXoJ5L
65VL6APVl5Tv+U7s4DYQLeVJwun/7rdiAuVovIxuXQuIgJbKlgI0RJ2BagHDzYzI
JxpTxGoO4QNCk2LnswCokCIYYNzGIoY6OBN8FizUvDrkAz3i2zu4DVvVqtg+cSIp
WnHgqTiVdbFPLPFGRvpRSZzLWYg7ZLQ=
-----END CERTIFICATE-----
Generated at Wed May 1 02:40:37 2024 by rpki-client on console-fra.rpki-client.org