Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0A3D6AEFADE11EEA9684E14017001B1.roa
File: D0A3D6AEFADE11EEA9684E14017001B1.roa (raw, json)
Hash identifier: 78FDhlrXi1E7TAXWjFJJuZBrpFWt0VZkbPie/i0bUvg=
Subject key identifier: 2E:43:2C:B9:B4:46:F4:1F:36:17:DE:4F:FF:4A:C1:29:17:A6:61:47
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AC45
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0A3D6AEFADE11EEA9684E14017001B1.roa
Signing time: Mon 15 Apr 2024 04:15:38 +0000
ROA not before: Mon 15 Apr 2024 04:15:35 +0000
ROA not after: Thu 25 Apr 2024 04:15:35 +0000
asID: 21859
IP address blocks: 154.94.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44101 (0xac45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 04:15:35 2024 GMT
Not After : Apr 25 04:15:35 2024 GMT
Subject: CN=661ca9ea-35f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:63:30:e2:32:c6:b8:5f:e0:1d:9d:0e:7c:23:
33:1a:65:42:e2:bc:80:d9:13:41:a6:9d:28:31:f0:
e5:8a:98:a9:0a:89:94:fd:d8:b3:4d:6e:8e:4f:0f:
c9:1b:2a:0c:37:8b:44:c7:a2:bb:da:6d:ef:a7:fe:
e7:39:7b:ef:45:0a:cc:fd:9a:08:b0:f5:62:3b:ce:
9a:74:10:6d:f0:c5:70:0d:94:1d:31:0f:71:c3:f3:
9b:b2:05:a1:6f:dd:c2:e0:13:5d:ba:99:bd:10:2e:
bc:68:bc:a2:b4:72:a5:06:0a:47:47:e3:07:32:45:
c6:4f:7f:ab:af:de:dc:b5:08:ef:aa:ff:22:33:b3:
6a:65:6c:27:d1:f3:5e:8c:c0:30:c6:8b:70:25:92:
26:1a:55:4b:dd:bf:51:13:3f:76:ae:69:cb:ab:28:
af:2f:99:b8:85:36:59:68:18:f9:a0:ab:32:c9:88:
ad:5e:4a:26:d0:b7:81:86:10:9f:d2:35:29:6f:1e:
fe:bd:d6:d8:bb:c9:a2:d6:51:6a:94:8f:a7:b8:74:
31:7f:f3:fd:b4:94:af:7c:74:88:3a:9a:20:2a:61:
19:ad:4f:64:e7:5e:f5:17:8d:14:f0:0d:91:ff:ed:
c8:88:88:7f:ac:e7:fa:2e:36:69:b1:cf:59:a1:78:
06:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:43:2C:B9:B4:46:F4:1F:36:17:DE:4F:FF:4A:C1:29:17:A6:61:47
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0A3D6AEFADE11EEA9684E14017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.49.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:97:0d:eb:90:9c:02:07:e7:51:2e:e3:57:e2:f3:7f:c0:89:
31:9a:81:ed:d1:34:b6:aa:6a:ac:e1:0c:b6:7f:c6:41:0a:cb:
ba:c8:16:28:5e:e2:f4:dd:86:60:83:ad:58:47:40:10:43:c4:
ff:7f:11:c6:b1:8f:88:96:eb:d9:ad:66:77:8d:66:9c:e4:5c:
6c:64:c8:00:9b:90:64:30:2d:6e:0d:35:85:0c:5a:b3:aa:23:
61:af:bc:04:6b:9e:78:f6:fe:39:08:36:9e:06:64:e4:ca:df:
ca:f1:43:7b:1b:e4:56:84:54:32:e9:59:13:17:7b:4b:50:7d:
c7:3a:31:02:e1:03:8d:cf:7a:45:86:4c:88:cb:b7:68:2b:6e:
e2:8d:fc:6c:c0:9a:e7:9e:44:ae:37:d7:86:f6:d4:1c:3c:71:
83:6a:33:ec:95:f3:a7:b8:c8:63:c7:b5:3c:3f:ba:e7:17:90:
7a:aa:08:b1:87:12:bd:89:ec:a7:4f:17:02:a0:e5:12:e4:18:
0c:7c:13:63:75:eb:d8:54:d3:2a:75:e0:1a:85:98:7d:9c:e6:
65:27:bc:b9:05:74:a8:df:90:04:db:22:c8:5e:c4:a0:2a:0c:
e1:da:a6:d4:4f:9f:57:51:99:8f:85:0e:f7:21:ef:5e:d6:a6:
ba:2c:29:d2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKxFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDQxNTM1WhcNMjQwNDI1MDQxNTM1WjAYMRYw
FAYDVQQDEw02NjFjYTllYS0zNWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvWMw4jLGuF/gHZ0OfCMzGmVC4ryA2RNBpp0oMfDlipipComU/dizTW6O
Tw/JGyoMN4tEx6K72m3vp/7nOXvvRQrM/ZoIsPViO86adBBt8MVwDZQdMQ9xw/Ob
sgWhb93C4BNdupm9EC68aLyitHKlBgpHR+MHMkXGT3+rr97ctQjvqv8iM7NqZWwn
0fNejMAwxotwJZImGlVL3b9REz92rmnLqyivL5m4hTZZaBj5oKsyyYitXkom0LeB
hhCf0jUpbx7+vdbYu8mi1lFqlI+nuHQxf/P9tJSvfHSIOpogKmEZrU9k5171F40U
8A2R/+3IiIh/rOf6LjZpsc9ZoXgGNwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC5D
LLm0RvQfNhfeT/9KwSkXpmFHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMEEzRDZBRUZBREUxMUVFQTk2ODRFMTQwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4xMA0GCSqGSIb3DQEB
CwUAA4IBAQDBlw3rkJwCB+dRLuNX4vN/wIkxmoHt0TS2qmqs4Qy2f8ZBCsu6yBYo
XuL03YZgg61YR0AQQ8T/fxHGsY+IluvZrWZ3jWac5FxsZMgAm5BkMC1uDTWFDFqz
qiNhr7wEa5549v45CDaeBmTkyt/K8UN7G+RWhFQy6VkTF3tLUH3HOjEC4QONz3pF
hkyIy7doK27ijfxswJrnnkSuN9eG9tQcPHGDajPslfOnuMhjx7U8P7rnF5B6qgix
hxK9ieynTxcCoOUS5BgMfBNjdevYVNMqdeAahZh9nOZlJ7y5BXSo35AE2yLIXsSg
Kgzh2qbUT59XUZmPhQ73Ie9e1qa6LCnS
-----END CERTIFICATE-----
Generated at Thu Apr 25 09:50:18 2024 by rpki-client on console-fra.rpki-client.org