Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDDE1C249B7711EF843B636C762E951A.roa
File: CDDE1C249B7711EF843B636C762E951A.roa (raw, json)
Hash identifier: VE9f3teL5nf4CV6rI6TDOTK4ekgox8XIbyMZNZ8rtFE=
Subject key identifier: 0E:31:50:D0:BF:48:27:2C:3F:A9:2D:A2:26:10:67:7D:E2:DA:FD:F2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0107D3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDDE1C249B7711EF843B636C762E951A.roa
Signing time: Tue 05 Nov 2024 13:13:53 +0000
ROA not before: Tue 05 Nov 2024 13:13:49 +0000
ROA not after: Mon 13 Jan 2025 13:13:49 +0000
asID: 7018
IP address blocks: 154.205.48.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67539 (0x107d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 5 13:13:49 2024 GMT
Not After : Jan 13 13:13:49 2025 GMT
Subject: CN=672a1a11-19d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:28:e1:ef:d4:cf:df:7f:4d:40:91:60:88:33:
06:f6:94:d5:8c:53:6b:37:00:ae:36:0d:98:65:85:
9c:44:f7:a6:ea:68:4a:31:b2:8c:71:32:e8:cb:7b:
18:a8:df:c6:01:51:6a:24:72:78:10:1d:a0:d7:66:
ca:e4:c4:89:97:f0:70:2c:60:44:c8:73:9a:9c:fd:
2d:96:85:55:27:76:68:23:5f:37:7e:4b:f8:69:c0:
cf:64:84:dd:69:5d:a8:00:9a:b2:25:07:7a:70:60:
61:92:56:82:73:0f:c9:ee:f9:6f:08:67:3f:ad:3e:
96:f1:d2:a7:7f:97:28:aa:e8:94:f2:0d:00:d7:8c:
bb:8f:1f:a7:5f:94:3b:44:55:34:1c:79:ce:09:5f:
f2:06:58:48:67:1e:10:47:f0:ea:17:f2:67:62:d5:
ba:ee:f2:2e:bd:ce:d8:98:5b:9b:c5:03:25:72:d2:
92:6a:52:9b:f6:77:0e:7d:1a:85:50:16:75:35:4e:
4e:1c:5f:09:c5:6c:12:e7:af:33:2e:b6:bf:83:57:
1e:cc:6c:ba:50:b6:69:4f:11:e3:76:92:fc:0a:17:
75:42:54:4f:4a:a4:3f:9c:ba:c6:51:2c:7f:a9:97:
1b:b5:53:07:2c:e1:85:38:bf:fe:99:09:ff:21:c8:
01:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:31:50:D0:BF:48:27:2C:3F:A9:2D:A2:26:10:67:7D:E2:DA:FD:F2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDDE1C249B7711EF843B636C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.48.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:c8:eb:81:79:59:7b:0c:5c:cc:5c:67:24:33:4d:f6:c4:07:
7c:44:a9:09:de:9b:f4:ee:1d:12:64:50:27:b6:06:b6:5c:31:
b5:f0:13:5a:3b:1b:1c:c7:aa:21:58:a0:96:6d:b3:8d:98:39:
80:53:33:37:77:eb:11:3e:53:cd:ac:0a:fc:5b:37:39:44:97:
0f:15:41:9e:3e:a5:e5:ca:be:c0:8a:03:1c:61:aa:a9:4e:f4:
c9:ae:82:c4:c5:ac:de:f9:69:56:1b:d8:7e:18:b2:fe:9a:47:
7b:6a:b9:35:e4:6d:2d:a2:5a:e9:c1:3d:e1:43:b3:17:db:8a:
6b:e7:49:c1:b7:e3:79:f0:38:39:f8:82:50:3f:56:9f:69:21:
69:42:79:65:25:5f:42:90:39:4b:a5:27:a8:6b:7c:46:88:9e:
2f:cc:cd:5d:00:28:6d:ca:3f:e5:1e:3c:b6:60:bc:ab:ae:81:
59:75:c5:68:52:1a:87:fe:9c:20:87:c2:d9:62:1a:a3:8a:57:
e4:cf:ca:d7:ad:60:b4:b3:48:cc:b5:45:43:58:54:20:72:66:
b1:f1:44:ce:fb:f0:51:31:95:64:5f:97:5a:d6:9f:64:20:a2:
2a:11:f4:5e:dc:59:a0:d8:b6:2e:5e:61:63:87:26:c4:c5:75:
78:d1:ab:45
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQfTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTMxMzQ5WhcNMjUwMTEzMTMxMzQ5WjAYMRYw
FAYDVQQDEw02NzJhMWExMS0xOWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArijh79TP339NQJFgiDMG9pTVjFNrNwCuNg2YZYWcRPem6mhKMbKMcTLo
y3sYqN/GAVFqJHJ4EB2g12bK5MSJl/BwLGBEyHOanP0tloVVJ3ZoI183fkv4acDP
ZITdaV2oAJqyJQd6cGBhklaCcw/J7vlvCGc/rT6W8dKnf5coquiU8g0A14y7jx+n
X5Q7RFU0HHnOCV/yBlhIZx4QR/DqF/JnYtW67vIuvc7YmFubxQMlctKSalKb9ncO
fRqFUBZ1NU5OHF8JxWwS568zLra/g1cezGy6ULZpTxHjdpL8Chd1QlRPSqQ/nLrG
USx/qZcbtVMHLOGFOL/+mQn/IcgBJQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA4x
UNC/SCcsP6ktoiYQZ33i2v3yMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRERFMUMyNDlCNzcxMUVGODQzQjYzNkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEms0wMA0GCSqGSIb3DQEB
CwUAA4IBAQBNyOuBeVl7DFzMXGckM032xAd8RKkJ3pv07h0SZFAntga2XDG18BNa
Oxscx6ohWKCWbbONmDmAUzM3d+sRPlPNrAr8Wzc5RJcPFUGePqXlyr7AigMcYaqp
TvTJroLExaze+WlWG9h+GLL+mkd7ark15G0tolrpwT3hQ7MX24pr50nBt+N58Dg5
+IJQP1afaSFpQnllJV9CkDlLpSeoa3xGiJ4vzM1dAChtyj/lHjy2YLyrroFZdcVo
UhqH/pwgh8LZYhqjilfkz8rXrWC0s0jMtUVDWFQgcmax8UTO+/BRMZVkX5da1p9k
IKIqEfRe3Fmg2LYuXmFjhybExXV40atF
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:21 2025 by rpki-client