Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B78A9614F0C311EE9ECFAF87775412E6.roa
File: B78A9614F0C311EE9ECFAF87775412E6.roa (raw, json)
Hash identifier: Hz3Uos0UVYXUGkbH7Jn2WvczjGRy4hUNlBzmbN7UJYA=
Subject key identifier: CC:E5:19:05:86:B9:AE:50:7B:16:C8:DB:3B:AE:1F:FC:A2:ED:17:6D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A8C5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B78A9614F0C311EE9ECFAF87775412E6.roa
Signing time: Tue 02 Apr 2024 07:36:28 +0000
ROA not before: Tue 02 Apr 2024 07:36:25 +0000
ROA not after: Mon 29 Apr 2024 07:36:25 +0000
asID: 139646
IP address blocks: 154.208.16.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43205 (0xa8c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 07:36:25 2024 GMT
Not After : Apr 29 07:36:25 2024 GMT
Subject: CN=660bb57c-c695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:08:42:4a:d7:d2:b9:70:06:7d:8b:4e:53:f4:
1f:e9:36:49:34:16:2b:ac:90:06:90:df:c6:cc:63:
a5:50:0e:68:73:9c:8a:49:e0:5c:c9:18:82:64:a9:
4b:90:a0:62:05:57:ab:d1:5b:e1:93:25:62:a8:0a:
d3:f5:c1:0c:c2:71:dd:12:a1:09:82:7f:c4:82:d1:
e0:70:4b:65:7a:4f:e4:4a:e7:f0:cd:7c:ad:ab:a6:
d3:a9:7d:2f:56:29:5b:d2:7c:a8:29:23:2a:6b:0c:
e9:d2:92:41:c3:cb:08:f4:7d:e0:e6:6b:9e:16:c1:
7c:6d:d9:1e:f0:46:14:ee:d3:dc:5d:86:6a:db:b2:
02:fd:d2:0b:16:61:cc:dc:80:03:d9:f5:55:12:76:
7c:62:4d:d3:52:f8:a3:ec:b7:49:27:0e:58:42:c7:
2c:09:5b:ec:fb:8f:cb:31:4d:95:5f:3b:83:30:cc:
28:05:45:d6:cd:ae:02:8c:c8:0d:a3:09:12:b2:81:
4f:d5:8d:73:1f:76:00:64:94:d2:94:38:fb:52:77:
9f:76:d9:16:a3:02:2a:6c:67:1c:bb:6d:a0:88:69:
7d:cb:59:b6:94:09:2c:c7:46:d3:09:52:91:ce:39:
a9:ed:aa:c1:1f:4e:82:d4:27:c4:5e:25:4f:5e:e1:
a4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E5:19:05:86:B9:AE:50:7B:16:C8:DB:3B:AE:1F:FC:A2:ED:17:6D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B78A9614F0C311EE9ECFAF87775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.16.0/23
Signature Algorithm: sha256WithRSAEncryption
88:fe:81:2b:48:64:c4:1e:1b:67:56:f8:d6:f0:42:54:61:78:
e6:7a:88:97:3c:a9:a7:59:10:be:90:08:05:df:98:a4:18:5a:
74:bd:56:83:ce:3d:72:44:e4:95:dc:a4:ea:4a:0b:f7:5c:3c:
1a:9b:33:69:28:eb:4e:47:43:b4:c7:13:03:1a:a2:96:95:cd:
09:4d:65:37:92:f3:de:01:e6:fc:43:d7:95:8e:fc:42:68:28:
43:34:68:ce:41:0b:aa:92:b2:40:8e:17:db:62:26:78:c8:9e:
26:8c:23:15:ae:28:44:7d:b2:a7:2b:0b:2b:44:35:be:c9:61:
5d:e5:37:9d:e0:a9:ec:1e:92:32:bc:c7:3e:86:61:5c:9b:64:
50:01:2c:94:e5:05:7e:d5:39:35:bd:3e:8a:53:cd:16:43:14:
d9:d0:26:25:e0:ff:26:c9:10:e6:b4:1f:c9:ec:35:eb:c9:fd:
2b:40:87:cd:dc:9d:5b:03:ea:9a:85:bb:bf:86:30:ea:0c:7f:
64:07:30:3a:d2:3d:8b:eb:43:9b:f6:5d:78:0c:1e:48:55:77:
10:b8:96:f4:4a:13:4f:82:ad:a0:fe:93:0d:66:76:90:c8:39:
04:66:f6:8c:4d:cd:ab:7b:a9:b3:0e:80:69:cf:e9:54:68:a0:
17:b5:c1:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKjFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAyMDczNjI1WhcNMjQwNDI5MDczNjI1WjAYMRYw
FAYDVQQDEw02NjBiYjU3Yy1jNjk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3whCStfSuXAGfYtOU/Qf6TZJNBYrrJAGkN/GzGOlUA5oc5yKSeBcyRiC
ZKlLkKBiBVer0VvhkyViqArT9cEMwnHdEqEJgn/EgtHgcEtlek/kSufwzXytq6bT
qX0vVilb0nyoKSMqawzp0pJBw8sI9H3g5mueFsF8bdke8EYU7tPcXYZq27IC/dIL
FmHM3IAD2fVVEnZ8Yk3TUvij7LdJJw5YQscsCVvs+4/LMU2VXzuDMMwoBUXWza4C
jMgNowkSsoFP1Y1zH3YAZJTSlDj7UnefdtkWowIqbGccu22giGl9y1m2lAksx0bT
CVKRzjmp7arBH06C1CfEXiVPXuGkCwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMzl
GQWGua5QexbI2zuuH/yi7RdtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNzhBOTYxNEYwQzMxMUVFOUVDRkFGODc3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtAQMA0GCSqGSIb3DQEB
CwUAA4IBAQCI/oErSGTEHhtnVvjW8EJUYXjmeoiXPKmnWRC+kAgF35ikGFp0vVaD
zj1yROSV3KTqSgv3XDwamzNpKOtOR0O0xxMDGqKWlc0JTWU3kvPeAeb8Q9eVjvxC
aChDNGjOQQuqkrJAjhfbYiZ4yJ4mjCMVrihEfbKnKwsrRDW+yWFd5Ted4KnsHpIy
vMc+hmFcm2RQASyU5QV+1Tk1vT6KU80WQxTZ0CYl4P8myRDmtB/J7DXryf0rQIfN
3J1bA+qahbu/hjDqDH9kBzA60j2L60Ob9l14DB5IVXcQuJb0ShNPgq2g/pMNZnaQ
yDkEZvaMTc2re6mzDoBpz+lUaKAXtcEu
-----END CERTIFICATE-----
Generated at Mon Apr 29 07:56:10 2024 by rpki-client on console-ams.rpki-client.org