Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF5589E6E47111EE8EB6A86A775412E6.roa
File: DF5589E6E47111EE8EB6A86A775412E6.roa (raw, json)
Hash identifier: ipLhzM/C4z/+fVaSqa2D//ECDV2PCxdMZlNFM9G9Il0=
Subject key identifier: 2B:B1:EC:53:5B:34:B5:CE:D5:40:82:A9:84:C5:39:E3:59:D3:D9:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A229
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF5589E6E47111EE8EB6A86A775412E6.roa
Signing time: Sun 17 Mar 2024 15:20:22 +0000
ROA not before: Sun 17 Mar 2024 15:20:19 +0000
ROA not after: Tue 30 Apr 2024 15:20:19 +0000
asID: 63139
IP address blocks: 154.94.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41513 (0xa229)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 17 15:20:19 2024 GMT
Not After : Apr 30 15:20:19 2024 GMT
Subject: CN=65f70a36-7340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:38:5e:07:fa:fc:7a:a1:b2:39:1d:b1:5a:88:
72:46:c9:3d:ba:aa:17:9a:fd:65:7e:62:90:d2:c0:
0d:28:3b:22:b5:36:f4:fb:ac:aa:29:d0:09:ba:d4:
4f:67:e2:c6:e1:96:54:37:83:0e:45:54:c9:ba:18:
63:54:13:0f:bc:f5:40:d0:7f:2b:32:1c:8b:5a:e3:
dd:cd:3c:7e:98:aa:ac:61:ab:20:c1:e7:00:c7:20:
82:64:e3:0d:da:e4:c2:cb:36:6f:df:1a:b4:ef:1b:
8f:bc:66:25:08:7a:ee:c4:5b:b3:4f:8f:76:b6:06:
6c:56:11:48:91:d5:6a:08:d6:31:67:35:1f:0f:82:
6e:cb:8c:d0:9f:c9:0d:41:3e:ba:9e:ea:39:16:15:
ed:a5:b3:3e:c9:1a:f6:cf:16:2f:e1:5e:24:b4:73:
38:a8:15:c5:d6:a9:05:67:48:6c:69:1a:3f:e3:c7:
c7:db:25:dd:f1:34:66:51:8d:93:cc:f8:2d:d9:1a:
c1:71:9e:5b:2d:cc:bd:8e:9c:09:10:56:b9:a2:d6:
4f:27:8e:f5:99:7f:95:1d:a3:9b:ba:df:7f:a2:a9:
d6:01:7d:4d:4a:e5:16:f4:96:04:2d:a9:e0:26:c5:
db:0f:9a:f1:3e:98:bb:b2:19:2c:73:de:89:48:a0:
15:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B1:EC:53:5B:34:B5:CE:D5:40:82:A9:84:C5:39:E3:59:D3:D9:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF5589E6E47111EE8EB6A86A775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.76.0/24
Signature Algorithm: sha256WithRSAEncryption
46:fd:0b:79:a0:b5:27:cc:d3:56:5a:d8:cd:8d:79:7d:82:d8:
fd:33:ce:1e:a6:a9:57:74:bd:0f:bb:7a:2a:e3:ee:6c:a3:af:
fa:bd:b3:78:f2:1c:55:71:ab:c4:24:c5:d4:2c:ae:c8:3d:8e:
8a:73:8f:80:8c:1e:7a:83:e4:46:b9:09:13:1a:a4:e7:63:b5:
b8:0e:c9:9e:72:07:1d:ae:37:6d:46:84:88:04:a9:61:47:0b:
61:df:77:ba:5f:72:97:99:5d:ec:00:71:17:62:c8:a0:74:b2:
97:ed:72:39:75:8f:a1:34:61:cc:c5:9f:7c:1a:6a:e4:72:11:
2b:29:71:1d:01:ab:b4:d3:f2:30:90:9e:75:ad:0c:d7:38:0d:
c4:4a:b5:38:5a:54:58:92:1c:d9:9b:2c:41:1a:e1:37:3f:c7:
a5:aa:b3:ea:81:b5:f2:a0:f8:23:1a:2d:0c:09:f5:ae:a8:9e:
28:f6:92:0d:00:c6:a6:ae:67:cc:9f:c3:fd:f7:36:dc:63:a4:
e8:43:7b:d3:28:8c:1d:59:5c:65:e6:8c:7f:b5:f7:ff:05:79:
af:08:c6:61:9f:48:0b:5c:0e:e4:2f:9a:bb:58:84:b9:7f:33:
41:2c:eb:fa:78:11:b4:38:4b:0b:8a:96:b9:ba:ac:96:24:b6:
5c:fd:78:13
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKIpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzE3MTUyMDE5WhcNMjQwNDMwMTUyMDE5WjAYMRYw
FAYDVQQDEw02NWY3MGEzNi03MzQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArTheB/r8eqGyOR2xWohyRsk9uqoXmv1lfmKQ0sANKDsitTb0+6yqKdAJ
utRPZ+LG4ZZUN4MORVTJuhhjVBMPvPVA0H8rMhyLWuPdzTx+mKqsYasgwecAxyCC
ZOMN2uTCyzZv3xq07xuPvGYlCHruxFuzT492tgZsVhFIkdVqCNYxZzUfD4Juy4zQ
n8kNQT66nuo5FhXtpbM+yRr2zxYv4V4ktHM4qBXF1qkFZ0hsaRo/48fH2yXd8TRm
UY2TzPgt2RrBcZ5bLcy9jpwJEFa5otZPJ471mX+VHaObut9/oqnWAX1NSuUW9JYE
LangJsXbD5rxPpi7shksc96JSKAV5QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCux
7FNbNLXO1UCCqYTFOeNZ09kAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERjU1ODlFNkU0NzExMUVFOEVCNkE4NkE3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml5MMA0GCSqGSIb3DQEB
CwUAA4IBAQBG/Qt5oLUnzNNWWtjNjXl9gtj9M84epqlXdL0Pu3oq4+5so6/6vbN4
8hxVcavEJMXULK7IPY6Kc4+AjB56g+RGuQkTGqTnY7W4DsmecgcdrjdtRoSIBKlh
Rwth33e6X3KXmV3sAHEXYsigdLKX7XI5dY+hNGHMxZ98GmrkchErKXEdAau00/Iw
kJ51rQzXOA3ESrU4WlRYkhzZmyxBGuE3P8elqrPqgbXyoPgjGi0MCfWuqJ4o9pIN
AMamrmfMn8P99zbcY6ToQ3vTKIwdWVxl5ox/tff/BXmvCMZhn0gLXA7kL5q7WIS5
fzNBLOv6eBG0OEsLipa5uqyWJLZc/XgT
-----END CERTIFICATE-----
Generated at Wed May 1 02:03:19 2024 by rpki-client on console-ams.rpki-client.org