Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF6B1F74E46F11EE9E08985D775412E6.roa
File: DF6B1F74E46F11EE9E08985D775412E6.roa (raw, json)
Hash identifier: OWJPFdHUHQxyhsyg7d6yyT2sr/JyYG0DJB6X+G3WtXA=
Subject key identifier: FF:FE:65:2E:6D:3E:E3:10:3F:08:14:62:2F:61:8B:07:03:2F:31:DD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A215
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF6B1F74E46F11EE9E08985D775412E6.roa
Signing time: Sun 17 Mar 2024 15:06:04 +0000
ROA not before: Sun 17 Mar 2024 15:06:00 +0000
ROA not after: Tue 30 Apr 2024 15:06:00 +0000
asID: 63139
IP address blocks: 154.94.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41493 (0xa215)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 17 15:06:00 2024 GMT
Not After : Apr 30 15:06:00 2024 GMT
Subject: CN=65f706db-9cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fe:3b:c5:4a:81:14:32:ca:d0:02:30:f7:76:
d9:53:a9:48:12:8a:52:a4:64:00:83:83:5e:de:6a:
62:20:ce:06:26:76:d8:01:ca:65:ce:aa:e1:6c:3b:
fd:04:bd:d5:c5:d4:c2:55:b1:98:f7:7b:d3:92:85:
50:72:6f:45:a9:b6:9f:b4:65:c2:d2:62:1a:de:bf:
2c:df:cd:2e:0e:36:db:39:d2:63:8d:03:a5:c2:dd:
38:ff:f5:68:71:06:89:8e:0d:ab:ed:66:ea:34:21:
2a:8d:42:18:bf:b5:ae:78:bd:56:04:36:9a:10:89:
05:4f:27:9d:a8:19:b4:d6:34:7f:70:46:a2:df:eb:
13:cc:3f:58:06:70:b0:57:61:91:bf:8e:f8:9e:ea:
c6:41:11:12:22:45:79:b2:fa:b5:8d:d4:f3:a2:d4:
af:ef:79:e5:0d:b7:4d:97:72:58:42:36:b9:4c:ec:
fc:df:df:c6:d8:86:96:61:67:65:3a:82:a3:51:b8:
e0:bb:27:05:02:2a:09:6b:8f:a3:ae:8f:0f:ef:63:
3c:3e:0e:72:8f:a1:a3:6e:fb:36:1e:8a:66:55:35:
5f:38:7c:ac:e6:50:48:d2:50:2b:f2:be:d4:8a:11:
fb:a7:fd:8d:8f:56:83:10:cc:23:6a:4d:ad:22:b7:
fe:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:FE:65:2E:6D:3E:E3:10:3F:08:14:62:2F:61:8B:07:03:2F:31:DD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF6B1F74E46F11EE9E08985D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.89.0/24
Signature Algorithm: sha256WithRSAEncryption
74:91:9e:4c:0e:ab:c3:17:80:a0:0d:33:37:10:c6:08:aa:ee:
65:fa:c4:0d:a9:03:94:55:68:fc:cd:6b:7e:b2:70:0c:e6:92:
e7:47:c5:50:79:7c:ea:25:87:04:66:d0:a4:58:30:6b:0b:d5:
52:3f:eb:2f:54:c7:09:fc:c9:86:f1:8a:e8:01:73:fd:17:76:
8f:90:27:cf:ea:01:2e:39:11:7a:7e:a1:91:36:0d:57:05:8c:
c5:66:85:e5:04:dc:a2:c8:5c:c1:b0:f7:8a:23:9a:a2:74:a6:
65:99:ec:fc:0f:64:8e:20:19:77:16:30:f3:06:5e:69:2e:f1:
7f:8a:87:a8:aa:8a:14:ec:75:a2:a6:36:b5:08:34:be:ab:d7:
8a:fb:51:50:3d:a1:ae:4b:7c:ef:1a:69:ce:17:31:82:8e:6f:
f1:c0:ce:ed:79:8b:18:9e:c9:cc:d5:00:3a:8b:01:56:01:97:
37:ba:05:62:f1:cd:74:6b:d2:0b:2d:15:86:a0:06:17:18:5b:
0c:f4:03:60:91:88:73:c2:cc:f0:1f:63:5c:42:d5:ad:71:33:
46:6b:93:f9:bf:fc:55:23:3d:4f:77:90:95:80:d8:41:4e:af:
4d:04:c7:8c:a8:b2:3a:3e:00:45:36:f6:b6:73:0a:18:19:c9:
6f:2c:83:6a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKIVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzE3MTUwNjAwWhcNMjQwNDMwMTUwNjAwWjAYMRYw
FAYDVQQDEw02NWY3MDZkYi05Y2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvv47xUqBFDLK0AIw93bZU6lIEopSpGQAg4Ne3mpiIM4GJnbYAcplzqrh
bDv9BL3VxdTCVbGY93vTkoVQcm9FqbaftGXC0mIa3r8s380uDjbbOdJjjQOlwt04
//VocQaJjg2r7WbqNCEqjUIYv7WueL1WBDaaEIkFTyedqBm01jR/cEai3+sTzD9Y
BnCwV2GRv474nurGQRESIkV5svq1jdTzotSv73nlDbdNl3JYQja5TOz839/G2IaW
YWdlOoKjUbjguycFAioJa4+jro8P72M8Pg5yj6Gjbvs2HopmVTVfOHys5lBI0lAr
8r7UihH7p/2Nj1aDEMwjak2tIrf+QQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP/+
ZS5tPuMQPwgUYi9hiwcDLzHdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERjZCMUY3NEU0NkYxMUVFOUUwODk4NUQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml5ZMA0GCSqGSIb3DQEB
CwUAA4IBAQB0kZ5MDqvDF4CgDTM3EMYIqu5l+sQNqQOUVWj8zWt+snAM5pLnR8VQ
eXzqJYcEZtCkWDBrC9VSP+svVMcJ/MmG8YroAXP9F3aPkCfP6gEuORF6fqGRNg1X
BYzFZoXlBNyiyFzBsPeKI5qidKZlmez8D2SOIBl3FjDzBl5pLvF/ioeoqooU7HWi
pja1CDS+q9eK+1FQPaGuS3zvGmnOFzGCjm/xwM7teYsYnsnM1QA6iwFWAZc3ugVi
8c10a9ILLRWGoAYXGFsM9ANgkYhzwszwH2NcQtWtcTNGa5P5v/xVIz1Pd5CVgNhB
Tq9NBMeMqLI6PgBFNva2cwoYGclvLINq
-----END CERTIFICATE-----
Generated at Wed May 1 02:40:37 2024 by rpki-client on console-fra.rpki-client.org