Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF0BCE9AE78811EEAC2B2B4C775412E6.roa
File: DF0BCE9AE78811EEAC2B2B4C775412E6.roa (raw, json)
Hash identifier: zsiH3Nm6B173VMmKxzDVbZzs3dDGRHj/9PYQb1Rj9yg=
Subject key identifier: 8E:D5:52:D0:A7:23:3F:89:8A:D0:1C:55:D3:55:9C:F7:35:A1:26:B5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A5C1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF0BCE9AE78811EEAC2B2B4C775412E6.roa
Signing time: Thu 21 Mar 2024 13:42:34 +0000
ROA not before: Thu 21 Mar 2024 13:42:31 +0000
ROA not after: Thu 25 Apr 2024 13:42:31 +0000
asID: 5065
IP address blocks: 154.206.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42433 (0xa5c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 21 13:42:31 2024 GMT
Not After : Apr 25 13:42:31 2024 GMT
Subject: CN=65fc394a-f062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c4:fc:b6:e7:ac:89:5a:bb:21:8b:a8:09:be:
2b:4f:b1:f1:5e:6d:96:95:48:d3:cc:83:fd:ad:34:
a1:f9:c1:6d:76:09:ac:09:b4:41:94:a6:4c:73:37:
ae:a0:51:ea:c2:57:be:3e:d2:c5:42:37:40:90:13:
3e:a9:21:e1:de:9b:2b:73:60:24:26:99:87:5b:32:
79:6b:88:fe:72:d7:de:5d:40:61:33:55:97:66:91:
e9:87:b3:d7:0e:b7:08:49:b9:18:57:e7:1b:ff:9a:
e1:f1:c3:24:49:6c:30:18:b5:10:42:e8:3a:15:32:
2e:c6:0c:33:79:b9:e8:9f:95:68:f1:8c:c2:31:e8:
f8:6e:15:ac:0f:57:9a:5c:1d:2b:fb:e6:32:90:c5:
7f:13:a2:46:37:77:b9:ab:73:db:79:94:bf:92:3d:
8b:21:42:15:12:55:16:52:df:91:3b:8d:cb:5b:7c:
5e:98:f8:f2:e5:5b:6f:2e:8f:a6:cf:7d:02:18:55:
68:fb:a8:34:72:ee:56:64:0b:54:8b:87:d0:c6:f0:
c3:99:59:a9:86:d9:14:5d:f5:c2:bb:b9:c9:c4:57:
48:66:fb:64:c8:b1:ae:5e:4b:e5:50:36:89:ef:ea:
f5:b5:83:27:6a:e6:86:42:d3:ce:d9:7b:df:3d:ea:
c4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:D5:52:D0:A7:23:3F:89:8A:D0:1C:55:D3:55:9C:F7:35:A1:26:B5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF0BCE9AE78811EEAC2B2B4C775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.43.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:b2:6e:40:71:2c:59:5b:1b:64:33:86:d5:1e:a1:a9:24:51:
2a:82:fb:7f:f7:10:3b:4c:97:8b:de:57:e5:b8:a0:b3:4e:51:
2a:fc:af:f4:67:bc:c9:28:da:40:19:9d:5f:1f:38:be:c8:67:
df:34:7b:65:d1:14:48:39:c9:7f:ef:95:a1:df:e4:eb:ae:2f:
72:3e:97:ed:3b:ab:79:99:b8:f0:5c:8b:c0:ca:eb:ce:1f:99:
75:29:6f:d6:84:b8:03:3e:15:ad:b6:59:c2:bc:44:14:0f:96:
67:59:1f:f0:51:08:00:c3:0c:39:a0:08:e6:91:82:c3:7e:95:
08:21:f5:b0:ed:cb:77:da:50:ef:d0:0e:15:af:83:37:fa:1c:
c9:cc:dd:86:1f:a4:84:e3:19:39:23:db:f3:33:b6:90:b0:5f:
e3:37:8e:b5:f7:01:1e:76:5e:aa:4b:8b:d4:c8:08:96:fb:b3:
d4:2a:31:39:0d:ab:32:c6:4f:75:d6:9f:a2:79:9f:7b:0e:e4:
f5:25:16:4a:f2:54:ab:31:e4:19:89:37:f7:70:9f:a9:e6:df:
ce:81:bc:e7:6b:57:e5:7f:42:66:f9:64:bf:ed:16:5d:55:ec:
77:a5:8a:f1:e6:27:6b:0e:13:72:16:5e:77:46:8f:d7:68:f1:
6d:0e:5f:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKXBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzIxMTM0MjMxWhcNMjQwNDI1MTM0MjMxWjAYMRYw
FAYDVQQDEw02NWZjMzk0YS1mMDYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3MT8tuesiVq7IYuoCb4rT7HxXm2WlUjTzIP9rTSh+cFtdgmsCbRBlKZM
czeuoFHqwle+PtLFQjdAkBM+qSHh3psrc2AkJpmHWzJ5a4j+ctfeXUBhM1WXZpHp
h7PXDrcISbkYV+cb/5rh8cMkSWwwGLUQQug6FTIuxgwzebnon5Vo8YzCMej4bhWs
D1eaXB0r++YykMV/E6JGN3e5q3PbeZS/kj2LIUIVElUWUt+RO43LW3xemPjy5Vtv
Lo+mz30CGFVo+6g0cu5WZAtUi4fQxvDDmVmphtkUXfXCu7nJxFdIZvtkyLGuXkvl
UDaJ7+r1tYMnauaGQtPO2XvfPerEsQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI7V
UtCnIz+JitAcVdNVnPc1oSa1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERjBCQ0U5QUU3ODgxMUVFQUMyQjJCNEM3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4rMA0GCSqGSIb3DQEB
CwUAA4IBAQC1sm5AcSxZWxtkM4bVHqGpJFEqgvt/9xA7TJeL3lfluKCzTlEq/K/0
Z7zJKNpAGZ1fHzi+yGffNHtl0RRIOcl/75Wh3+Trri9yPpftO6t5mbjwXIvAyuvO
H5l1KW/WhLgDPhWttlnCvEQUD5ZnWR/wUQgAwww5oAjmkYLDfpUIIfWw7ct32lDv
0A4Vr4M3+hzJzN2GH6SE4xk5I9vzM7aQsF/jN4619wEedl6qS4vUyAiW+7PUKjE5
Dasyxk911p+ieZ97DuT1JRZK8lSrMeQZiTf3cJ+p5t/Ogbzna1flf0Jm+WS/7RZd
Vex3pYrx5idrDhNyFl53Ro/XaPFtDl8s
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:40 2024 by rpki-client on console-fra.rpki-client.org