Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDCF96ACF0C211EEA3DE4C82775412E6.roa
File: FDCF96ACF0C211EEA3DE4C82775412E6.roa (raw, json)
Hash identifier: 7Q90JfusRJl81WNKUFtTiDPNRwwilyP/cqFdDpj7zyg=
Subject key identifier: 09:16:64:6D:0B:F0:AE:5B:78:E5:83:CE:61:A9:A4:2E:74:FE:97:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A8C1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDCF96ACF0C211EEA3DE4C82775412E6.roa
Signing time: Tue 02 Apr 2024 07:31:17 +0000
ROA not before: Tue 02 Apr 2024 07:31:13 +0000
ROA not after: Mon 29 Apr 2024 07:31:13 +0000
asID: 139646
IP address blocks: 154.208.20.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43201 (0xa8c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 07:31:13 2024 GMT
Not After : Apr 29 07:31:13 2024 GMT
Subject: CN=660bb445-004d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:86:92:d0:52:1d:85:7a:d6:3e:dd:b2:f0:fc:
30:9f:a5:4b:de:39:77:cb:bd:03:76:3a:c0:b3:91:
a8:6f:b0:f7:57:07:df:55:3f:e3:1c:b9:9c:0c:f9:
15:9e:41:fa:9e:74:7d:17:84:72:b1:96:1b:03:9d:
f5:29:f1:6a:e0:53:a4:a0:37:c1:9a:b9:71:d9:a3:
50:43:56:5a:2f:c6:13:8d:47:da:63:64:4c:55:47:
92:be:5b:af:52:58:78:07:e6:50:a9:39:9a:03:f0:
6a:e4:90:b0:c0:3c:bf:53:80:af:c9:78:d3:e6:8a:
44:d2:b4:67:0e:e9:b6:a9:9d:83:7e:1d:86:49:03:
4f:40:62:7d:47:67:09:fd:99:dc:b1:0c:0b:c4:84:
fc:cc:80:4d:45:96:35:78:fc:d7:e1:11:72:d0:3b:
74:7d:ad:95:e2:b0:5f:1f:25:b3:c2:ea:b8:03:0a:
d6:20:cd:63:cc:de:c3:7d:7a:23:f5:b1:d7:d0:eb:
2d:86:0b:61:69:aa:94:dd:79:ec:8d:80:a2:5e:30:
d7:09:f3:92:5b:07:fa:c4:c1:1a:91:0a:3d:aa:b7:
a2:11:e9:3d:c5:54:15:5c:80:62:c1:6c:14:af:a1:
b4:aa:35:8c:75:b2:3b:17:8d:11:60:12:e5:94:fc:
b3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:16:64:6D:0B:F0:AE:5B:78:E5:83:CE:61:A9:A4:2E:74:FE:97:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FDCF96ACF0C211EEA3DE4C82775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.20.0/23
Signature Algorithm: sha256WithRSAEncryption
91:2a:95:f0:3b:93:57:66:d4:a6:f2:ee:1d:ff:ea:f8:ac:eb:
e4:10:41:bf:7a:7a:32:17:04:67:f7:dd:fb:a7:85:2e:d1:ff:
0a:89:3a:d3:ba:b9:a5:1a:6b:27:ac:93:23:c2:f4:7a:59:d9:
10:5e:f2:d9:d0:42:db:d0:18:b7:03:88:bb:7c:b9:fc:d3:18:
9c:ae:de:ca:35:c6:3f:db:f9:97:6a:ce:6b:85:8e:40:b1:e1:
72:c4:32:ea:17:78:81:5d:cf:70:9d:3d:c9:ae:47:99:3e:11:
61:e8:1d:28:77:9f:ec:9b:e2:b6:f7:d0:fa:70:fe:7b:cd:54:
af:c9:63:99:55:d4:17:73:05:06:b7:f0:e0:63:14:4e:c8:2d:
05:65:0e:09:8d:34:91:3d:b9:13:75:f7:a7:38:f6:ab:a9:24:
d2:f0:2f:0b:88:33:aa:c2:29:ad:cd:4e:ed:17:3f:a9:33:29:
f3:91:8a:f0:16:f8:68:29:af:c7:5d:de:68:60:eb:c1:87:68:
97:ed:8f:4a:4b:3f:20:82:e8:ef:72:fc:b3:3b:ab:f2:f9:d1:
09:e5:6e:36:e0:25:3e:71:c5:a8:32:bd:6b:d6:6e:04:54:da:
ae:71:c4:4b:0b:a4:c2:4f:14:9c:c6:f5:9b:bc:31:5f:f3:fe:
63:92:7c:fc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKjBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAyMDczMTEzWhcNMjQwNDI5MDczMTEzWjAYMRYw
FAYDVQQDEw02NjBiYjQ0NS0wMDRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuIaS0FIdhXrWPt2y8Pwwn6VL3jl3y70DdjrAs5Gob7D3VwffVT/jHLmc
DPkVnkH6nnR9F4RysZYbA531KfFq4FOkoDfBmrlx2aNQQ1ZaL8YTjUfaY2RMVUeS
vluvUlh4B+ZQqTmaA/Bq5JCwwDy/U4CvyXjT5opE0rRnDum2qZ2Dfh2GSQNPQGJ9
R2cJ/ZncsQwLxIT8zIBNRZY1ePzX4RFy0Dt0fa2V4rBfHyWzwuq4AwrWIM1jzN7D
fXoj9bHX0OsthgthaaqU3XnsjYCiXjDXCfOSWwf6xMEakQo9qreiEek9xVQVXIBi
wWwUr6G0qjWMdbI7F40RYBLllPyz1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAkW
ZG0L8K5beOWDzmGppC50/pfRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRENGOTZBQ0YwQzIxMUVFQTNERTRDODI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtAUMA0GCSqGSIb3DQEB
CwUAA4IBAQCRKpXwO5NXZtSm8u4d/+r4rOvkEEG/enoyFwRn9937p4Uu0f8KiTrT
urmlGmsnrJMjwvR6WdkQXvLZ0ELb0Bi3A4i7fLn80xicrt7KNcY/2/mXas5rhY5A
seFyxDLqF3iBXc9wnT3JrkeZPhFh6B0od5/sm+K299D6cP57zVSvyWOZVdQXcwUG
t/DgYxROyC0FZQ4JjTSRPbkTdfenOParqSTS8C8LiDOqwimtzU7tFz+pMynzkYrw
FvhoKa/HXd5oYOvBh2iX7Y9KSz8ggujvcvyzO6vy+dEJ5W424CU+ccWoMr1r1m4E
VNquccRLC6TCTxScxvWbvDFf8/5jknz8
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:03:25 2024 by rpki-client on console-fra.rpki-client.org