Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F5294CE4E7EB11EE847B764B775412E6.roa
File: F5294CE4E7EB11EE847B764B775412E6.roa (raw, json)
Hash identifier: jQbCxEJgBiRVYPIpWjgn9c4xFOUIbndNBf8mStL1jro=
Subject key identifier: 0B:0E:91:CA:4D:6F:FC:FE:0F:54:C8:CC:CC:69:32:AB:51:3C:8E:E2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A5F8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F5294CE4E7EB11EE847B764B775412E6.roa
Signing time: Fri 22 Mar 2024 01:31:51 +0000
ROA not before: Fri 22 Mar 2024 01:31:48 +0000
ROA not after: Wed 24 Apr 2024 01:31:48 +0000
asID: 18779
IP address blocks: 154.203.42.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42488 (0xa5f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 22 01:31:48 2024 GMT
Not After : Apr 24 01:31:48 2024 GMT
Subject: CN=65fcdf87-a055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9f:3b:aa:05:a2:bb:af:f2:7c:8a:d9:31:ab:
82:1f:92:6c:17:5d:3e:07:04:b4:ad:02:a1:b3:fd:
2b:d8:88:16:00:95:93:f6:f4:f3:60:81:17:8f:df:
4c:bd:63:26:75:8b:9c:28:8e:d0:98:ad:b8:f0:8a:
94:02:98:fd:3a:4f:04:7c:fb:c1:50:e9:08:53:62:
95:ae:3b:99:5b:71:af:1e:93:8e:6f:58:c0:63:78:
1a:59:68:24:ac:4d:60:4f:75:5e:88:36:b1:4f:6a:
eb:e9:49:7f:3b:80:4e:4d:94:5c:63:54:f0:d8:ca:
0c:19:5f:e8:d4:c9:c0:96:47:ca:0a:bc:2e:fa:2f:
07:0c:3b:f7:a8:ba:b5:62:09:2f:ea:20:7a:5e:20:
20:ab:fa:9c:e5:e8:40:f8:ba:e4:f4:3e:c6:cb:40:
d5:80:b6:05:30:c2:6a:bc:62:53:a5:69:72:8f:db:
91:1c:86:52:43:22:d3:00:4d:78:30:1c:3d:c2:11:
28:37:03:8c:c0:44:d9:e0:51:f8:2a:06:c4:01:ca:
c2:0f:05:a3:56:03:d4:f8:ad:01:6d:fb:67:8a:03:
63:b1:fc:b8:9c:66:8f:e9:1a:8e:a3:51:c6:b0:29:
ee:16:43:8b:8a:19:fc:f6:19:c3:85:ce:57:d0:c6:
6e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0E:91:CA:4D:6F:FC:FE:0F:54:C8:CC:CC:69:32:AB:51:3C:8E:E2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F5294CE4E7EB11EE847B764B775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.42.0/23
Signature Algorithm: sha256WithRSAEncryption
67:d8:b4:a6:af:d5:b6:26:a8:c6:43:c6:b0:17:d6:e8:d8:45:
2b:f0:51:45:ab:43:13:f0:df:e9:09:cb:ad:10:ac:25:24:52:
f2:cb:e6:a6:9a:0a:0f:49:ac:7c:b1:00:1f:03:8e:af:75:35:
35:c7:10:bb:98:cf:ea:9c:76:98:29:be:db:50:12:29:ff:aa:
8a:0a:7a:37:e9:97:91:90:0c:8e:a7:9f:54:0b:3d:a4:7b:c0:
9f:cb:8f:fc:98:94:8a:93:3c:5b:d8:cc:3b:64:be:f7:6d:e5:
79:51:88:9a:22:f8:f4:08:6b:a6:14:20:5d:8a:cc:75:88:8a:
87:67:79:68:be:b7:60:25:f2:ee:3f:17:ba:eb:5f:3b:03:d2:
54:93:18:f4:16:00:50:52:c4:38:57:2e:fa:68:9b:28:c1:f4:
18:26:63:2d:cd:73:e9:6e:96:15:b5:31:a8:56:7a:a4:7d:95:
e7:af:01:17:6c:6e:99:a6:61:f3:04:e0:16:f2:ce:28:5c:62:
fd:1a:36:2c:94:2b:35:16:b8:a1:56:88:ab:0e:9a:5e:2a:fe:
bf:04:62:c4:cc:74:ab:02:1e:35:5e:67:90:a1:67:43:09:95:
5e:cd:75:ba:3a:75:a8:b7:e9:bf:2c:da:91:7f:bd:ea:eb:bf:
c5:6f:dd:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKX4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzIyMDEzMTQ4WhcNMjQwNDI0MDEzMTQ4WjAYMRYw
FAYDVQQDEw02NWZjZGY4Ny1hMDU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnJ87qgWiu6/yfIrZMauCH5JsF10+BwS0rQKhs/0r2IgWAJWT9vTzYIEX
j99MvWMmdYucKI7QmK248IqUApj9Ok8EfPvBUOkIU2KVrjuZW3GvHpOOb1jAY3ga
WWgkrE1gT3VeiDaxT2rr6Ul/O4BOTZRcY1Tw2MoMGV/o1MnAlkfKCrwu+i8HDDv3
qLq1Ygkv6iB6XiAgq/qc5ehA+Lrk9D7Gy0DVgLYFMMJqvGJTpWlyj9uRHIZSQyLT
AE14MBw9whEoNwOMwETZ4FH4KgbEAcrCDwWjVgPU+K0BbftnigNjsfy4nGaP6RqO
o1HGsCnuFkOLihn89hnDhc5X0MZu5wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAsO
kcpNb/z+D1TIzMxpMqtRPI7iMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNTI5NENFNEU3RUIxMUVFODQ3Qjc2NEI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmssqMA0GCSqGSIb3DQEB
CwUAA4IBAQBn2LSmr9W2JqjGQ8awF9bo2EUr8FFFq0MT8N/pCcutEKwlJFLyy+am
mgoPSax8sQAfA46vdTU1xxC7mM/qnHaYKb7bUBIp/6qKCno36ZeRkAyOp59UCz2k
e8Cfy4/8mJSKkzxb2Mw7ZL73beV5UYiaIvj0CGumFCBdisx1iIqHZ3lovrdgJfLu
Pxe66187A9JUkxj0FgBQUsQ4Vy76aJsowfQYJmMtzXPpbpYVtTGoVnqkfZXnrwEX
bG6ZpmHzBOAW8s4oXGL9GjYslCs1FrihVoirDppeKv6/BGLEzHSrAh41XmeQoWdD
CZVezXW6OnWot+m/LNqRf73q67/Fb92G
-----END CERTIFICATE-----
Generated at Wed Apr 24 04:12:04 2024 by rpki-client on console-fra.rpki-client.org