Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0F991329B7111EFAC858648762E951A.roa
File: D0F991329B7111EFAC858648762E951A.roa (raw, json)
Hash identifier: QF7uoA3A9kIzq1fG6hosAGsVtW54wkfVV+nPX000Nbk=
Subject key identifier: B5:B1:91:04:C1:FC:55:FD:3B:AA:D6:12:9E:7E:52:B0:FE:07:FB:36
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0107C1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0F991329B7111EFAC858648762E951A.roa
Signing time: Tue 05 Nov 2024 12:31:01 +0000
ROA not before: Tue 05 Nov 2024 12:30:57 +0000
ROA not after: Mon 13 Jan 2025 12:30:57 +0000
asID: 7018
IP address blocks: 154.198.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67521 (0x107c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 5 12:30:57 2024 GMT
Not After : Jan 13 12:30:57 2025 GMT
Subject: CN=672a1005-8b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:35:8a:43:7f:77:1a:9b:15:69:3d:dd:f2:00:
bf:6d:82:8a:5a:8c:89:0b:44:c1:6d:3e:14:54:a6:
88:63:b9:ce:7e:11:8f:6f:95:90:95:b0:07:ea:42:
24:fe:da:77:98:00:6b:27:52:e7:2c:bf:0a:07:14:
da:0d:b1:4b:af:90:a4:d8:16:49:10:09:c9:c0:97:
ed:1b:72:8b:c3:6e:17:6d:37:81:c2:d6:bc:3f:c7:
05:8b:71:e3:09:43:1f:b5:5f:cb:91:6d:df:89:b4:
8f:33:32:69:68:53:0f:11:37:6c:a6:2b:74:19:58:
db:67:09:85:37:7f:71:57:75:f2:cc:e5:7e:b3:8b:
5e:37:99:2e:d2:17:f2:dd:95:11:9b:b7:0f:f9:e6:
81:09:48:d5:c1:cb:c7:3d:11:12:37:d5:cf:d9:6d:
22:69:7b:74:9a:dc:62:66:f2:6a:73:92:4a:84:c8:
c0:9b:b1:31:66:b0:c2:fe:e0:3d:28:f4:fb:b1:2b:
b2:de:ac:33:6a:b2:24:be:91:9c:6c:78:c4:0c:b5:
db:f4:42:77:06:c4:4c:a6:ac:d7:b8:cb:2c:1a:1f:
57:9d:94:78:8c:7e:c2:db:8c:55:89:db:d7:89:78:
be:8d:43:56:49:34:0c:f2:7f:25:44:ae:7e:35:b4:
dd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B1:91:04:C1:FC:55:FD:3B:AA:D6:12:9E:7E:52:B0:FE:07:FB:36
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0F991329B7111EFAC858648762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.16.0/20
Signature Algorithm: sha256WithRSAEncryption
5f:09:80:48:8d:27:83:5e:5b:7c:13:ff:14:3c:70:40:0b:88:
dc:ba:07:de:fc:4a:db:73:ff:21:fe:0a:70:19:1f:f2:57:25:
0a:3d:6d:b7:52:a4:41:8f:3c:4e:75:30:8c:11:9b:3b:bb:d4:
51:7a:a3:76:35:25:7b:88:8b:a0:20:52:ca:24:7b:0b:fe:40:
f6:f2:94:5d:fb:4b:2a:3f:f4:3b:eb:69:15:1f:37:14:28:7a:
bf:34:61:96:58:bd:fc:c0:df:3a:ed:ce:0e:e5:c2:99:26:cd:
bf:55:c4:1b:09:9e:ee:8b:c9:8f:12:ef:13:a3:54:e6:fe:85:
3e:24:28:88:d6:97:2c:7d:45:c3:ef:1d:e7:6a:7c:10:f7:a7:
9d:23:e7:fc:9b:83:f2:ae:81:17:5c:29:54:2a:bb:77:b3:fa:
cf:2b:db:3b:aa:6b:d8:e6:e0:3f:85:d7:89:79:ac:71:e8:52:
bb:de:49:5c:8d:14:bd:e5:65:d4:c3:ae:e4:3a:5d:57:c4:2f:
cb:89:89:d5:ff:e0:18:45:36:c5:9b:5d:0a:4d:93:1f:79:1a:
d4:17:58:ae:73:c6:42:ed:9e:f3:98:e2:44:76:78:1e:f5:e4:
77:01:9d:c5:b7:fe:6d:28:89:19:d4:b6:bc:88:cd:c2:54:34:
b8:55:25:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQfBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTIzMDU3WhcNMjUwMTEzMTIzMDU3WjAYMRYw
FAYDVQQDEw02NzJhMTAwNS04Yjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2jWKQ393GpsVaT3d8gC/bYKKWoyJC0TBbT4UVKaIY7nOfhGPb5WQlbAH
6kIk/tp3mABrJ1LnLL8KBxTaDbFLr5Ck2BZJEAnJwJftG3KLw24XbTeBwta8P8cF
i3HjCUMftV/LkW3fibSPMzJpaFMPETdspit0GVjbZwmFN39xV3XyzOV+s4teN5ku
0hfy3ZURm7cP+eaBCUjVwcvHPRESN9XP2W0iaXt0mtxiZvJqc5JKhMjAm7ExZrDC
/uA9KPT7sSuy3qwzarIkvpGcbHjEDLXb9EJ3BsRMpqzXuMssGh9XnZR4jH7C24xV
idvXiXi+jUNWSTQM8n8lRK5+NbTdCQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLWx
kQTB/FX9O6rWEp5+UrD+B/s2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMEY5OTEzMjlCNzExMUVGQUM4NTg2NDg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsYQMA0GCSqGSIb3DQEB
CwUAA4IBAQBfCYBIjSeDXlt8E/8UPHBAC4jcugfe/Erbc/8h/gpwGR/yVyUKPW23
UqRBjzxOdTCMEZs7u9RReqN2NSV7iIugIFLKJHsL/kD28pRd+0sqP/Q762kVHzcU
KHq/NGGWWL38wN867c4O5cKZJs2/VcQbCZ7ui8mPEu8To1Tm/oU+JCiI1pcsfUXD
7x3nanwQ96edI+f8m4PyroEXXClUKrt3s/rPK9s7qmvY5uA/hdeJeaxx6FK73klc
jRS95WXUw67kOl1XxC/LiYnV/+AYRTbFm10KTZMfeRrUF1iuc8ZC7Z7zmOJEdnge
9eR3AZ3Ft/5tKIkZ1La8iM3CVDS4VSWE
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:32:29 2025 by rpki-client