Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCF408D09F9711EFAEE1EF64762E951A.roa
File: DCF408D09F9711EFAEE1EF64762E951A.roa (raw, json)
Hash identifier: J7q2i8F3FL2UG5gTZyQ9k5ibxrNXBU8EUVw03s3TqsA=
Subject key identifier: A7:99:5B:84:DE:AC:18:85:6D:E6:FD:C0:05:AC:79:87:26:79:00:6D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010BC0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCF408D09F9711EFAEE1EF64762E951A.roa
Signing time: Sun 10 Nov 2024 19:13:27 +0000
ROA not before: Sun 10 Nov 2024 19:13:23 +0000
ROA not after: Thu 21 Nov 2024 19:13:23 +0000
asID: 63139
IP address blocks: 154.223.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68544 (0x10bc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 10 19:13:23 2024 GMT
Not After : Nov 21 19:13:23 2024 GMT
Subject: CN=673105d7-b46c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:29:e9:20:0b:ab:12:7e:53:30:c5:60:58:05:
a3:e4:8c:28:b8:ba:e4:e5:f2:16:8d:9c:d6:1d:27:
ee:8a:78:f1:67:65:5e:69:8b:2b:b1:10:5e:aa:d6:
37:18:47:50:ed:72:3d:a8:87:65:9b:ab:a8:fa:73:
be:fc:d9:e6:0d:2a:af:fe:92:8d:57:67:e2:15:6a:
b7:db:3a:a0:40:99:01:0a:e7:c6:a7:98:c1:25:2f:
6f:1e:66:fa:0f:ff:a7:20:f4:14:59:ee:1a:49:19:
bf:71:72:45:26:30:e7:e6:5b:42:71:4a:38:80:29:
0f:00:48:0c:68:7b:b8:99:15:b3:96:89:ac:df:f7:
09:6e:79:a8:bc:d5:31:d4:90:27:06:45:68:ee:50:
b3:6d:bb:95:67:b0:6a:08:06:78:85:b6:84:b1:ed:
54:93:f8:d8:fb:c5:70:14:f4:bd:0b:20:03:87:65:
87:e1:a2:37:61:ab:60:24:43:83:01:31:15:65:2f:
20:56:eb:28:29:7a:58:5d:32:be:6a:56:73:0d:bf:
1a:26:a4:b1:7e:8d:63:7e:7e:76:e5:8a:c9:95:61:
2d:9c:55:37:87:76:e3:17:93:96:bb:50:71:fc:2a:
ab:a8:8b:da:80:46:a1:ba:f7:e8:3e:38:3e:9d:27:
ca:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:99:5B:84:DE:AC:18:85:6D:E6:FD:C0:05:AC:79:87:26:79:00:6D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCF408D09F9711EFAEE1EF64762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.36.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:75:be:b7:75:0f:26:36:37:d6:34:85:05:08:b0:f8:12:cd:
13:0a:95:c8:31:bc:a5:c7:28:04:d5:b6:b9:e0:90:79:ae:36:
b0:c5:24:84:c3:96:d0:f9:97:aa:19:ce:9c:04:79:ec:1d:f9:
be:7a:15:17:5a:11:05:80:a7:68:24:2e:87:d4:a1:01:49:97:
75:31:2f:d9:33:35:19:fc:d3:79:c8:a1:fa:6d:b4:56:12:6c:
ac:77:02:3d:54:9c:16:e1:24:3a:e8:50:c0:e0:ed:9b:01:e1:
e8:fc:b2:72:25:01:e6:73:b5:73:10:90:3a:31:9d:ab:93:85:
1c:31:8e:27:cb:7c:e2:06:ef:e3:ee:8f:a4:78:54:b6:f2:22:
9a:a3:f1:09:bf:69:a6:88:d9:6b:04:f0:59:6a:c2:7a:95:21:
c1:8e:23:b5:c3:92:3e:79:02:1e:2d:55:ee:32:5b:48:fc:31:
ca:52:7e:e8:07:28:f0:9c:4d:9e:43:81:89:2b:9d:ed:15:97:
85:2f:e1:93:b0:43:f4:3a:0e:d9:03:b6:0a:01:f8:bf:5c:21:
44:d3:36:87:f8:37:24:2a:95:83:1e:b2:4a:55:09:79:ff:bd:
b2:b8:03:f8:fe:01:c4:b9:4d:ec:6d:98:9a:0a:81:48:ec:8a:
62:3a:a0:ce
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQvAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTEwMTkxMzIzWhcNMjQxMTIxMTkxMzIzWjAYMRYw
FAYDVQQDEw02NzMxMDVkNy1iNDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxynpIAurEn5TMMVgWAWj5IwouLrk5fIWjZzWHSfuinjxZ2VeaYsrsRBe
qtY3GEdQ7XI9qIdlm6uo+nO+/NnmDSqv/pKNV2fiFWq32zqgQJkBCufGp5jBJS9v
Hmb6D/+nIPQUWe4aSRm/cXJFJjDn5ltCcUo4gCkPAEgMaHu4mRWzloms3/cJbnmo
vNUx1JAnBkVo7lCzbbuVZ7BqCAZ4hbaEse1Uk/jY+8VwFPS9CyADh2WH4aI3Yatg
JEODATEVZS8gVusoKXpYXTK+alZzDb8aJqSxfo1jfn525YrJlWEtnFU3h3bjF5OW
u1Bx/CqrqIvagEahuvfoPjg+nSfKYQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKeZ
W4TerBiFbeb9wAWseYcmeQBtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQ0Y0MDhEMDlGOTcxMUVGQUVFMUVGNjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8kMA0GCSqGSIb3DQEB
CwUAA4IBAQA+db63dQ8mNjfWNIUFCLD4Es0TCpXIMbylxygE1ba54JB5rjawxSSE
w5bQ+ZeqGc6cBHnsHfm+ehUXWhEFgKdoJC6H1KEBSZd1MS/ZMzUZ/NN5yKH6bbRW
EmysdwI9VJwW4SQ66FDA4O2bAeHo/LJyJQHmc7VzEJA6MZ2rk4UcMY4ny3ziBu/j
7o+keFS28iKao/EJv2mmiNlrBPBZasJ6lSHBjiO1w5I+eQIeLVXuMltI/DHKUn7o
ByjwnE2eQ4GJK53tFZeFL+GTsEP0Og7ZA7YKAfi/XCFE0zaH+DckKpWDHrJKVQl5
/72yuAP4/gHEuU3sbZiaCoFI7IpiOqDO
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:02:52 2024 by rpki-client on console-ams.rpki-client.org