Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF044B94FAE311EEB14B403B017001B1.roa
File: CF044B94FAE311EEB14B403B017001B1.roa (raw, json)
Hash identifier: +bkeNnhpE3ydYROikV8d2uYFtelVeYzXF+V8bTrx1DY=
Subject key identifier: 8D:54:AF:B4:F9:17:D5:65:8F:15:B2:BC:70:F0:D6:F9:E9:D4:34:BE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AC5A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF044B94FAE311EEB14B403B017001B1.roa
Signing time: Mon 15 Apr 2024 04:51:23 +0000
ROA not before: Mon 15 Apr 2024 04:51:20 +0000
ROA not after: Thu 25 Apr 2024 04:51:20 +0000
asID: 212238
IP address blocks: 154.94.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44122 (0xac5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 04:51:20 2024 GMT
Not After : Apr 25 04:51:20 2024 GMT
Subject: CN=661cb24b-432b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a9:38:55:05:c1:61:53:63:f0:72:e7:27:f2:
97:b1:dd:cd:68:4c:98:5e:00:de:26:cc:eb:02:c1:
e0:43:b9:40:8c:4e:44:7a:8b:b2:ea:a3:68:ee:c5:
54:af:1a:8a:23:16:b9:9d:8c:2b:4f:6c:a0:fb:a2:
e1:f7:eb:34:cc:3e:19:e3:f0:7d:d7:6e:b3:fb:92:
d4:6b:81:d4:7e:12:fb:d5:4c:52:10:86:f2:24:3d:
f9:36:f8:95:51:d9:d6:4f:18:15:f7:bd:86:75:b5:
4c:6b:ec:db:4a:8c:4c:0f:d5:3b:cc:a3:9f:65:f2:
d6:64:cf:03:5c:dd:5b:23:57:19:36:80:d0:ad:6f:
95:59:48:78:3d:2b:90:c3:fd:72:62:3f:64:f5:e7:
66:cd:35:d7:5d:05:83:23:67:12:bc:f1:e8:d6:30:
8a:19:00:45:de:4e:6f:bd:c5:6a:80:2d:b0:73:57:
b8:f5:a8:0e:2a:e1:07:fa:87:6d:85:79:b1:c7:93:
0e:f0:a3:e1:90:75:4d:31:76:ff:6f:f8:a4:48:1f:
4b:c8:81:6c:79:5f:de:ea:ae:d2:e1:50:19:69:5b:
44:47:70:5d:22:7c:21:52:5f:0b:1b:dd:82:24:09:
31:e6:5c:ee:f2:c2:0a:1a:bc:6a:62:58:f4:b1:db:
66:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:54:AF:B4:F9:17:D5:65:8F:15:B2:BC:70:F0:D6:F9:E9:D4:34:BE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF044B94FAE311EEB14B403B017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.45.0/24
Signature Algorithm: sha256WithRSAEncryption
62:88:67:dd:5d:2d:04:bf:17:03:4f:1b:01:e1:e5:61:ac:26:
d8:e1:dc:56:ea:6f:f0:94:cc:54:e3:d5:dc:8b:c7:a8:51:35:
ae:a2:b9:a2:42:de:d1:73:86:85:fe:b7:b3:7e:23:24:38:47:
b7:33:c4:04:f7:47:c9:e7:42:2a:b5:e8:83:07:65:51:87:f4:
df:2d:72:8d:5c:54:05:12:cb:b7:5b:48:97:2d:bc:89:ae:86:
ea:a3:fb:4d:4f:6f:5a:a9:d4:30:41:0f:07:70:32:f5:8b:5f:
6d:f3:bd:22:d3:d3:83:e0:88:e6:10:cd:2e:9a:f7:27:e6:79:
ab:45:af:cf:7c:21:5b:63:94:04:44:bc:b1:7d:27:00:7b:0c:
cb:ba:15:80:89:28:5e:49:06:75:a4:72:f4:6e:98:b7:8d:bd:
cf:7c:5d:03:fc:89:1a:09:9a:cc:45:83:cc:1c:eb:d0:21:6c:
40:d1:16:17:11:bd:a5:33:88:c6:be:c3:d1:49:fc:dc:e6:dc:
98:b2:b3:51:4f:44:cc:7a:c6:96:8e:7e:c3:4a:1e:bd:48:f5:
a0:c5:10:58:b0:0b:27:74:5c:0e:fb:78:0b:1d:de:1f:6f:cf:
d0:aa:4b:a5:a4:81:2c:40:d3:ae:c1:a5:b8:fb:31:5e:ce:75:
45:c7:33:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKxaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDQ1MTIwWhcNMjQwNDI1MDQ1MTIwWjAYMRYw
FAYDVQQDEw02NjFjYjI0Yi00MzJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvak4VQXBYVNj8HLnJ/KXsd3NaEyYXgDeJszrAsHgQ7lAjE5Eeouy6qNo
7sVUrxqKIxa5nYwrT2yg+6Lh9+s0zD4Z4/B9126z+5LUa4HUfhL71UxSEIbyJD35
NviVUdnWTxgV972GdbVMa+zbSoxMD9U7zKOfZfLWZM8DXN1bI1cZNoDQrW+VWUh4
PSuQw/1yYj9k9edmzTXXXQWDI2cSvPHo1jCKGQBF3k5vvcVqgC2wc1e49agOKuEH
+odthXmxx5MO8KPhkHVNMXb/b/ikSB9LyIFseV/e6q7S4VAZaVtER3BdInwhUl8L
G92CJAkx5lzu8sIKGrxqYlj0sdtm7wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI1U
r7T5F9VljxWyvHDw1vnp1DS+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjA0NEI5NEZBRTMxMUVFQjE0QjQwM0IwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4tMA0GCSqGSIb3DQEB
CwUAA4IBAQBiiGfdXS0EvxcDTxsB4eVhrCbY4dxW6m/wlMxU49Xci8eoUTWuormi
Qt7Rc4aF/rezfiMkOEe3M8QE90fJ50IqteiDB2VRh/TfLXKNXFQFEsu3W0iXLbyJ
robqo/tNT29aqdQwQQ8HcDL1i19t870i09OD4IjmEM0umvcn5nmrRa/PfCFbY5QE
RLyxfScAewzLuhWAiSheSQZ1pHL0bpi3jb3PfF0D/IkaCZrMRYPMHOvQIWxA0RYX
Eb2lM4jGvsPRSfzc5tyYsrNRT0TMesaWjn7DSh69SPWgxRBYsAsndFwO+3gLHd4f
b8/QqkulpIEsQNOuwaW4+zFeznVFxzNz
-----END CERTIFICATE-----
Generated at Thu Apr 25 10:41:11 2024 by rpki-client on console-ams.rpki-client.org