Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E0D20E34A0E611EFBC6C1DA2762E951A.roa
File: E0D20E34A0E611EFBC6C1DA2762E951A.roa (raw, json)
Hash identifier: Jnw+7GJgX5FVWJriFJ6FoINOvorJ2agwIdBX580qQ6k=
Subject key identifier: 26:C4:C4:C9:AC:C8:55:21:CC:4F:B3:39:5B:D6:8F:09:14:51:11:A3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010C64
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E0D20E34A0E611EFBC6C1DA2762E951A.roa
Signing time: Tue 12 Nov 2024 11:11:35 +0000
ROA not before: Tue 12 Nov 2024 11:11:31 +0000
ROA not after: Fri 22 Nov 2024 11:11:31 +0000
asID: 215240
IP address blocks: 154.216.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68708 (0x10c64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 12 11:11:31 2024 GMT
Not After : Nov 22 11:11:31 2024 GMT
Subject: CN=673337e7-2382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:71:9d:70:cd:77:2f:e5:21:8e:6d:9c:00:68:
0f:fa:14:0a:33:46:cd:59:a2:86:19:65:1f:65:18:
34:24:1e:ff:92:dc:60:5a:5b:c8:d4:80:a7:e3:43:
eb:61:26:9f:78:04:dc:a2:02:53:f4:cc:e7:e7:a0:
37:0b:31:92:ce:4d:f2:f1:7b:be:1d:d7:25:3c:e9:
79:f3:69:74:8d:fe:46:40:c5:ee:dc:67:f9:3f:df:
2e:ca:c9:7a:b6:81:ff:2c:c7:77:bc:77:83:44:8a:
d8:b4:8e:2d:d1:56:b1:8c:e9:f7:aa:48:ed:3e:e0:
6f:75:59:64:57:e2:66:00:07:a2:34:83:85:2e:f8:
5f:27:79:e6:e5:9e:59:b2:14:85:cb:d1:ba:ce:09:
03:4d:f4:fb:fe:d0:63:a3:64:df:9e:c7:13:44:75:
f6:00:2c:ab:fe:d4:d2:5b:8f:07:3d:00:9a:3a:fc:
2f:86:f5:fe:cd:79:c0:a8:21:96:43:6f:10:1b:45:
8d:11:07:c5:66:02:66:7d:a3:f0:45:9b:86:e1:90:
40:7a:aa:be:23:60:ed:1d:fb:a8:68:07:60:eb:70:
5a:5d:96:4a:03:e8:b6:33:2c:a5:2a:c1:c3:06:01:
da:5c:2a:4e:31:84:49:01:73:ba:b2:9c:6c:ac:86:
c9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:C4:C4:C9:AC:C8:55:21:CC:4F:B3:39:5B:D6:8F:09:14:51:11:A3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E0D20E34A0E611EFBC6C1DA2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.20.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:be:ef:ea:e1:f6:21:c6:3e:d0:c7:b9:10:9c:9f:e0:de:dc:
5f:d1:f7:15:23:a0:0c:eb:48:6d:eb:91:1a:fe:6a:bd:bb:47:
fc:49:6c:a1:f5:5b:46:2d:ec:8b:67:13:24:f7:9f:d1:64:1d:
71:e7:2d:1c:80:9c:63:24:7f:a0:d3:b1:59:63:71:a4:fc:9b:
61:35:b1:f6:0f:ea:a7:4e:4d:c2:1a:69:62:1d:85:7e:79:0d:
ba:4f:0d:ae:59:ee:80:ac:e7:73:e2:f6:c1:79:67:9c:78:4a:
06:53:b8:2b:94:d3:70:d9:fc:0d:48:89:23:d0:a1:e7:9f:e3:
c0:ad:8b:04:33:f1:5e:4a:e7:2c:3d:29:16:0f:fc:61:d6:78:
27:f0:11:35:5e:7a:bb:8d:d1:75:b6:58:29:ef:e3:8e:55:57:
c5:ab:4e:3c:eb:01:55:fb:f8:e2:b6:65:75:f4:02:9c:1b:4a:
3a:27:d2:52:16:04:36:1e:b5:39:10:ab:1e:3a:ad:a8:c1:90:
d4:a8:5d:78:70:b9:52:5e:ed:5b:9b:51:5d:52:4a:07:56:63:
7a:ee:05:58:a6:cf:77:46:03:64:aa:a0:32:23:3a:54:42:a7:
70:e5:03:41:0a:7b:4e:a1:36:b3:c8:85:5e:73:6e:f1:02:7e:
ff:33:e4:6d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQxkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTEyMTExMTMxWhcNMjQxMTIyMTExMTMxWjAYMRYw
FAYDVQQDEw02NzMzMzdlNy0yMzgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApHGdcM13L+Uhjm2cAGgP+hQKM0bNWaKGGWUfZRg0JB7/ktxgWlvI1ICn
40PrYSafeATcogJT9Mzn56A3CzGSzk3y8Xu+HdclPOl582l0jf5GQMXu3Gf5P98u
ysl6toH/LMd3vHeDRIrYtI4t0VaxjOn3qkjtPuBvdVlkV+JmAAeiNIOFLvhfJ3nm
5Z5ZshSFy9G6zgkDTfT7/tBjo2TfnscTRHX2ACyr/tTSW48HPQCaOvwvhvX+zXnA
qCGWQ28QG0WNEQfFZgJmfaPwRZuG4ZBAeqq+I2DtHfuoaAdg63BaXZZKA+i2Myyl
KsHDBgHaXCpOMYRJAXO6spxsrIbJAQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCbE
xMmsyFUhzE+zOVvWjwkUURGjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMEQyMEUzNEEwRTYxMUVGQkM2QzFEQTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtgUMA0GCSqGSIb3DQEB
CwUAA4IBAQCovu/q4fYhxj7Qx7kQnJ/g3txf0fcVI6AM60ht65Ea/mq9u0f8SWyh
9VtGLeyLZxMk95/RZB1x5y0cgJxjJH+g07FZY3Gk/JthNbH2D+qnTk3CGmliHYV+
eQ26Tw2uWe6ArOdz4vbBeWeceEoGU7grlNNw2fwNSIkj0KHnn+PArYsEM/FeSucs
PSkWD/xh1ngn8BE1Xnq7jdF1tlgp7+OOVVfFq0486wFV+/jitmV19AKcG0o6J9JS
FgQ2HrU5EKseOq2owZDUqF14cLlSXu1bm1FdUkoHVmN67gVYps93RgNkqqAyIzpU
Qqdw5QNBCntOoTazyIVec27xAn7/M+Rt
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:46:41 2024 by rpki-client on console-ams.rpki-client.org