Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CBE76BBAEDB111EEAADD0E82775412E6.roa
File: CBE76BBAEDB111EEAADD0E82775412E6.roa (raw, json)
Hash identifier: PaAywwdb+jXPzXHl72ZJDtR9kAkNmwlmMwnbFyM13Ag=
Subject key identifier: 1B:E6:C8:4A:85:98:E2:1D:F2:E9:9D:61:28:6C:5A:C5:FA:ED:AD:DD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A6FD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CBE76BBAEDB111EEAADD0E82775412E6.roa
Signing time: Fri 29 Mar 2024 09:50:38 +0000
ROA not before: Fri 29 Mar 2024 09:50:35 +0000
ROA not after: Fri 26 Apr 2024 09:50:35 +0000
asID: 62240
IP address blocks: 154.195.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42749 (0xa6fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 29 09:50:35 2024 GMT
Not After : Apr 26 09:50:35 2024 GMT
Subject: CN=66068eee-a9dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6c:12:6c:38:45:f9:cc:6b:4d:59:aa:0a:13:
b6:a3:2f:15:5b:32:4e:37:8d:35:f3:d7:9b:05:e0:
ce:56:e3:30:1d:21:c2:b7:62:34:91:ec:37:98:c9:
99:6c:3e:4a:85:97:41:9a:dd:7a:2d:76:78:27:ce:
75:62:0d:d9:92:9d:f8:a7:5d:d4:2d:fb:28:57:a7:
1d:b8:8e:aa:f1:8f:69:fe:a0:c5:9e:8a:48:ca:89:
07:49:a2:08:68:52:3e:04:76:d5:d9:72:88:a6:e0:
fc:78:12:8f:ba:9e:1a:fe:61:2b:16:f6:a0:41:95:
df:40:1b:35:fa:3b:4e:c5:f7:00:37:bf:a2:df:b2:
46:fe:47:43:12:dd:d4:bd:3f:d4:2d:33:cb:1c:a8:
9a:62:10:01:33:71:f2:e9:9f:e9:ce:44:83:d1:9b:
b9:45:99:d4:0a:2a:15:a2:79:15:65:cf:da:a7:c1:
e3:fb:40:eb:3e:85:c2:a3:b8:44:a0:37:cc:97:34:
c4:51:36:0b:47:74:da:2c:d2:0d:37:0f:ac:85:a2:
20:c5:8b:ff:73:62:0c:eb:05:a0:dd:54:6b:9b:b6:
fa:30:3f:3f:96:db:44:f3:8d:d0:94:e5:d6:41:f9:
61:88:15:fe:0d:84:99:67:46:e9:d9:ae:ee:0b:93:
93:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E6:C8:4A:85:98:E2:1D:F2:E9:9D:61:28:6C:5A:C5:FA:ED:AD:DD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CBE76BBAEDB111EEAADD0E82775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.16.0/20
Signature Algorithm: sha256WithRSAEncryption
b4:e1:0e:a4:f9:57:50:85:5f:17:46:10:6d:b1:0b:7c:57:68:
33:08:89:c0:30:de:67:57:ec:4e:82:2f:04:68:2d:4e:ef:9a:
58:85:91:c6:23:18:12:fe:c8:e6:a6:f9:78:9f:ec:dd:3f:13:
4e:43:8e:d9:af:8f:a8:90:de:0a:38:eb:7c:ae:a0:5f:6e:9d:
2b:8a:eb:b5:38:f7:f2:b3:fe:d4:7e:f4:64:00:e4:7f:0a:69:
bc:2e:31:f2:8d:5b:9a:95:d3:6c:9e:b2:73:f9:38:49:29:15:
a9:c5:88:b6:31:55:5a:d7:81:7e:f3:1c:ae:8f:ce:91:be:c0:
44:02:87:57:af:30:b4:4c:1a:f9:c0:f0:66:1b:1c:a6:e0:90:
f3:ba:89:5d:e1:70:4e:48:3c:00:57:41:65:61:89:d2:73:92:
4b:c5:e4:e3:19:f0:c9:bb:1b:83:78:91:44:2f:45:d4:5a:28:
14:ed:99:70:f9:cc:09:b1:91:7d:f7:dd:4e:79:a3:6c:f4:cf:
20:ea:af:38:df:c3:9b:81:f3:bb:87:1b:57:59:35:be:1c:b7:
ab:b2:84:24:82:18:d0:a9:c6:37:a9:89:62:76:7e:34:cf:57:
4f:c8:25:db:84:2b:f5:44:f5:31:22:b1:56:e5:71:23:35:0d:
bd:3a:26:9b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKb9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzI5MDk1MDM1WhcNMjQwNDI2MDk1MDM1WjAYMRYw
FAYDVQQDEw02NjA2OGVlZS1hOWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1GwSbDhF+cxrTVmqChO2oy8VWzJON40189ebBeDOVuMwHSHCt2I0kew3
mMmZbD5KhZdBmt16LXZ4J851Yg3Zkp34p13ULfsoV6cduI6q8Y9p/qDFnopIyokH
SaIIaFI+BHbV2XKIpuD8eBKPup4a/mErFvagQZXfQBs1+jtOxfcAN7+i37JG/kdD
Et3UvT/ULTPLHKiaYhABM3Hy6Z/pzkSD0Zu5RZnUCioVonkVZc/ap8Hj+0DrPoXC
o7hEoDfMlzTEUTYLR3TaLNINNw+shaIgxYv/c2IM6wWg3VRrm7b6MD8/lttE843Q
lOXWQflhiBX+DYSZZ0bp2a7uC5OTTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBvm
yEqFmOId8umdYShsWsX67a3dMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQkU3NkJCQUVEQjExMUVFQUFERDBFODI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsMQMA0GCSqGSIb3DQEB
CwUAA4IBAQC04Q6k+VdQhV8XRhBtsQt8V2gzCInAMN5nV+xOgi8EaC1O75pYhZHG
IxgS/sjmpvl4n+zdPxNOQ47Zr4+okN4KOOt8rqBfbp0riuu1OPfys/7UfvRkAOR/
Cmm8LjHyjVualdNsnrJz+ThJKRWpxYi2MVVa14F+8xyuj86RvsBEAodXrzC0TBr5
wPBmGxym4JDzuold4XBOSDwAV0FlYYnSc5JLxeTjGfDJuxuDeJFEL0XUWigU7Zlw
+cwJsZF9991OeaNs9M8g6q8438ObgfO7hxtXWTW+HLersoQkghjQqcY3qYlidn40
z1dPyCXbhCv1RPUxIrFW5XEjNQ29Oiab
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:01:49 2024 by rpki-client on console-ams.rpki-client.org