Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF94D16C008011EFB5951BFF007001B1.roa
File: CF94D16C008011EFB5951BFF007001B1.roa (raw, json)
Hash identifier: W6v7mEr4UbL05R9r4hU+RI0/e5WzrnvXS0b1xGRkRnQ=
Subject key identifier: 60:52:A0:2A:DE:CF:B5:C5:CF:80:F5:CA:CB:78:30:0B:A1:1B:E8:EA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AEA0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF94D16C008011EFB5951BFF007001B1.roa
Signing time: Mon 22 Apr 2024 08:17:51 +0000
ROA not before: Mon 22 Apr 2024 08:17:47 +0000
ROA not after: Tue 04 Jun 2024 08:17:47 +0000
asID: 216047
IP address blocks: 154.81.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44704 (0xaea0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 22 08:17:47 2024 GMT
Not After : Jun 4 08:17:47 2024 GMT
Subject: CN=66261d2f-82d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fe:e0:fc:a9:af:3c:ad:5d:69:1d:f3:67:10:
0c:59:e5:be:2e:51:9f:ce:85:1f:ae:b4:41:b4:a2:
94:26:9d:c9:41:15:6e:f0:05:bb:3a:37:9e:db:45:
79:e3:3d:78:27:e2:36:e8:f0:4d:3b:e0:11:dc:4e:
4e:66:0a:3f:61:5f:c1:4c:7c:52:fd:a3:da:dd:a1:
94:cd:a2:d4:cd:b0:07:aa:be:e8:28:63:53:eb:61:
11:d0:09:b3:6d:3c:8e:1a:2c:fb:ca:b4:a6:3a:70:
18:a5:7d:3c:42:95:c7:12:c7:85:22:c9:d9:4c:a0:
b1:b2:90:b2:db:59:cf:8e:15:1e:97:7f:99:20:00:
22:18:98:4d:d1:92:1e:fa:c0:11:33:73:80:22:e2:
ab:c6:9f:81:a7:c7:70:18:a5:ed:60:b9:c0:df:1b:
95:35:f9:9e:da:a2:d2:e5:f1:83:39:67:af:e1:7d:
84:b4:65:84:75:e8:2f:9e:f7:56:32:57:e1:de:2e:
9f:0a:35:3c:07:96:ed:2c:1c:62:a1:77:08:d2:14:
8e:0b:1a:3d:07:c5:cc:5b:34:f2:ae:97:ea:94:39:
5c:55:65:6b:dc:40:31:88:70:94:97:24:fb:cf:97:
7b:62:c1:39:c0:b4:de:f5:7b:3e:6c:4b:df:62:ba:
28:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:52:A0:2A:DE:CF:B5:C5:CF:80:F5:CA:CB:78:30:0B:A1:1B:E8:EA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF94D16C008011EFB5951BFF007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.38.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:4b:85:38:d0:e8:d9:0d:8d:15:b0:8e:f5:16:2b:5b:ff:62:
0a:44:60:33:ff:7f:44:9f:cf:31:30:a8:19:d4:8e:f9:57:b2:
43:5b:9e:67:a3:cd:19:9e:18:af:21:e0:ab:e4:d6:a8:f0:13:
7d:3f:d1:02:a6:9c:5a:e4:b8:eb:b6:d5:4a:dd:8b:54:c2:0e:
1f:36:77:cf:e7:11:a0:01:a9:cd:7a:cf:33:4b:dc:97:c2:7e:
72:30:20:66:ae:13:a2:a3:43:c8:78:66:5b:7c:71:c8:33:f5:
6f:e8:5a:1f:af:0f:ac:b5:7f:43:f7:10:f8:66:29:60:ab:53:
92:b2:62:c3:d7:9e:2a:2b:39:37:c6:95:e6:a0:aa:ef:d3:25:
a9:8d:b6:3e:60:af:42:20:06:0a:5c:46:1d:01:44:72:ca:33:
b9:3d:e9:bb:6f:0b:95:cd:90:42:d2:74:37:64:77:c4:32:44:
ff:1c:27:a1:5d:e1:dc:90:6e:d6:65:3d:c1:9d:42:ab:b9:aa:
b7:73:22:6f:60:89:62:58:06:6a:88:4f:af:d1:df:42:5d:5a:
61:c7:e3:80:cd:1e:4c:ec:2a:3a:5c:e8:28:97:11:ce:e4:82:
33:73:ef:3b:d6:47:91:c5:91:fd:d6:29:39:29:b6:ea:af:1a:
2b:f4:c5:f3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK6gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDIyMDgxNzQ3WhcNMjQwNjA0MDgxNzQ3WjAYMRYw
FAYDVQQDEw02NjI2MWQyZi04MmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxf7g/KmvPK1daR3zZxAMWeW+LlGfzoUfrrRBtKKUJp3JQRVu8AW7Ojee
20V54z14J+I26PBNO+AR3E5OZgo/YV/BTHxS/aPa3aGUzaLUzbAHqr7oKGNT62ER
0AmzbTyOGiz7yrSmOnAYpX08QpXHEseFIsnZTKCxspCy21nPjhUel3+ZIAAiGJhN
0ZIe+sARM3OAIuKrxp+Bp8dwGKXtYLnA3xuVNfme2qLS5fGDOWev4X2EtGWEdegv
nvdWMlfh3i6fCjU8B5btLBxioXcI0hSOCxo9B8XMWzTyrpfqlDlcVWVr3EAxiHCU
lyT7z5d7YsE5wLTe9Xs+bEvfYroo5wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGBS
oCrez7XFz4D1yst4MAuhG+jqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjk0RDE2QzAwODAxMUVGQjU5NTFCRkYwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlEmMA0GCSqGSIb3DQEB
CwUAA4IBAQCqS4U40OjZDY0VsI71Fitb/2IKRGAz/39En88xMKgZ1I75V7JDW55n
o80ZnhivIeCr5Nao8BN9P9ECppxa5LjrttVK3YtUwg4fNnfP5xGgAanNes8zS9yX
wn5yMCBmrhOio0PIeGZbfHHIM/Vv6Fofrw+stX9D9xD4Zilgq1OSsmLD154qKzk3
xpXmoKrv0yWpjbY+YK9CIAYKXEYdAURyyjO5Pem7bwuVzZBC0nQ3ZHfEMkT/HCeh
XeHckG7WZT3BnUKruaq3cyJvYIliWAZqiE+v0d9CXVphx+OAzR5M7Co6XOgolxHO
5IIzc+871keRxZH91ik5Kbbqrxor9MXz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:53 2024 by rpki-client on console-ams.rpki-client.org