Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD400E3C9B7911EFACFF2879762E951A.roa
File: DD400E3C9B7911EFACFF2879762E951A.roa (raw, json)
Hash identifier: mi43eGHUFOSFd9HxI03ItK1RjQsXRZY01rS7q3gaaxs=
Subject key identifier: 36:D2:28:15:B9:8C:22:6A:8B:24:5F:26:6A:A4:BF:36:B1:2E:BC:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0107EB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD400E3C9B7911EFACFF2879762E951A.roa
Signing time: Tue 05 Nov 2024 13:28:38 +0000
ROA not before: Tue 05 Nov 2024 13:28:34 +0000
ROA not after: Mon 13 Jan 2025 13:28:34 +0000
asID: 22773
IP address blocks: 154.219.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67563 (0x107eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 5 13:28:34 2024 GMT
Not After : Jan 13 13:28:34 2025 GMT
Subject: CN=672a1d86-6bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:42:84:54:0c:2c:e0:d0:03:50:d9:1c:84:90:
91:8d:7e:40:b6:62:e0:46:ee:a4:65:e7:b4:45:d6:
62:08:79:e8:21:a5:14:ef:a6:ef:c6:ae:89:6c:65:
96:df:40:bf:fd:6a:5e:e2:4a:6d:b4:83:2f:9a:53:
05:7d:eb:f6:62:76:cf:14:f4:23:2f:54:da:34:0d:
64:30:0d:07:81:44:6e:e3:83:cc:d7:f0:b6:6e:82:
e7:17:cb:46:77:7e:cb:cb:84:c0:c4:72:5b:b3:8c:
7f:3e:38:41:ed:88:1c:98:d1:9f:59:1f:5f:bf:07:
86:5b:cc:b1:06:71:c1:8c:ab:41:0c:6a:e9:2b:3c:
f0:9c:a2:d0:1d:d3:4f:83:de:f5:09:35:6c:9a:29:
a7:ce:49:76:0d:6a:90:83:fc:8a:fc:86:3a:43:e7:
51:8d:6e:25:3e:62:00:c7:86:7b:e9:3f:0f:f9:2e:
e2:ec:ef:47:8b:7a:dc:e6:e4:a0:00:e6:6d:b5:49:
70:f4:49:77:28:4f:41:03:9b:f8:1d:b1:2a:60:79:
42:36:78:47:dd:74:ec:d6:b3:16:2f:ca:39:a5:b1:
4f:ec:e4:9c:e3:52:1f:18:20:0c:61:76:47:14:cc:
78:81:ac:cd:3a:1a:ce:ca:8a:d3:2b:05:86:b1:d0:
ae:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D2:28:15:B9:8C:22:6A:8B:24:5F:26:6A:A4:BF:36:B1:2E:BC:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD400E3C9B7911EFACFF2879762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.8.0/21
Signature Algorithm: sha256WithRSAEncryption
43:47:93:95:5f:61:b0:18:43:d9:15:0f:6b:ca:6a:05:95:4c:
a0:56:6c:0a:7b:cd:97:df:47:5f:29:85:19:f0:2b:89:db:f6:
e7:ee:31:67:0f:90:a3:7c:c1:e6:ba:17:8f:35:2f:fa:06:35:
11:49:b4:56:46:27:ad:0e:c1:00:a3:7e:c3:3b:f0:43:a7:64:
5a:67:f1:17:65:5b:c4:5f:20:2b:ac:45:45:13:26:22:b6:c5:
9e:5a:5a:ec:29:a2:2b:4c:fd:de:04:c3:2c:8c:dd:51:e0:e3:
cc:91:e8:ba:b5:94:fa:2c:49:19:ed:2c:55:44:77:2a:c3:af:
a7:41:53:44:ef:d1:38:4e:9c:3d:a1:ff:ba:54:a9:fd:91:72:
ab:42:54:61:1a:16:2a:e9:c8:03:3d:58:25:c5:ff:49:4b:ee:
49:d5:c6:72:ac:49:b4:46:eb:02:db:12:6f:4c:b2:5b:06:b2:
83:c6:eb:49:58:45:b4:12:fa:c4:5e:33:65:15:1c:14:ee:0f:
bf:aa:4b:22:9f:bb:ca:56:55:de:25:04:68:f8:6e:b7:40:40:
48:c8:c1:81:19:ae:29:b1:0d:ad:bd:93:2f:ce:4f:a9:7b:5a:
87:3e:5e:9c:8e:78:20:e8:b9:cf:83:e1:1d:ef:6b:e6:21:b0:
62:eb:f6:e8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQfrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTMyODM0WhcNMjUwMTEzMTMyODM0WjAYMRYw
FAYDVQQDEw02NzJhMWQ4Ni02YmMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy0KEVAws4NADUNkchJCRjX5AtmLgRu6kZee0RdZiCHnoIaUU76bvxq6J
bGWW30C//Wpe4kpttIMvmlMFfev2YnbPFPQjL1TaNA1kMA0HgURu44PM1/C2boLn
F8tGd37Ly4TAxHJbs4x/PjhB7YgcmNGfWR9fvweGW8yxBnHBjKtBDGrpKzzwnKLQ
HdNPg971CTVsmimnzkl2DWqQg/yK/IY6Q+dRjW4lPmIAx4Z76T8P+S7i7O9Hi3rc
5uSgAOZttUlw9El3KE9BA5v4HbEqYHlCNnhH3XTs1rMWL8o5pbFP7OSc41IfGCAM
YXZHFMx4gazNOhrOyorTKwWGsdCuLQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDbS
KBW5jCJqiyRfJmqkvzaxLrz+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERDQwMEUzQzlCNzkxMUVGQUNGRjI4Nzk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtsIMA0GCSqGSIb3DQEB
CwUAA4IBAQBDR5OVX2GwGEPZFQ9rymoFlUygVmwKe82X30dfKYUZ8CuJ2/bn7jFn
D5CjfMHmuhePNS/6BjURSbRWRietDsEAo37DO/BDp2RaZ/EXZVvEXyArrEVFEyYi
tsWeWlrsKaIrTP3eBMMsjN1R4OPMkei6tZT6LEkZ7SxVRHcqw6+nQVNE79E4Tpw9
of+6VKn9kXKrQlRhGhYq6cgDPVglxf9JS+5J1cZyrEm0RusC2xJvTLJbBrKDxutJ
WEW0EvrEXjNlFRwU7g+/qksin7vKVlXeJQRo+G63QEBIyMGBGa4psQ2tvZMvzk+p
e1qHPl6cjngg6LnPg+Ed72vmIbBi6/bo
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:14 2025 by rpki-client