Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42E34A52D25611EF9AEE8B8D762E951A.roa
File: 42E34A52D25611EF9AEE8B8D762E951A.roa (raw, json)
Hash identifier: yqWmZYukNaF9gixzJyzVdy3osF28AHqqprba2Ofr6k0=
Subject key identifier: 93:8C:CE:E7:A7:AF:32:20:54:0A:75:CC:A3:93:F9:21:59:5E:76:E3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013B07
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42E34A52D25611EF9AEE8B8D762E951A.roa
Signing time: Tue 14 Jan 2025 09:02:20 +0000
ROA not before: Tue 14 Jan 2025 09:02:17 +0000
ROA not after: Sun 26 Jan 2025 09:02:17 +0000
asID: 215240
IP address blocks: 154.216.18.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80647 (0x13b07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 14 09:02:17 2025 GMT
Not After : Jan 26 09:02:17 2025 GMT
Subject: CN=6786281c-a974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:89:e1:60:ce:06:6a:37:d9:62:a9:b2:98:75:
81:9e:6a:75:aa:4d:12:d7:d8:22:27:a1:83:d5:25:
ac:36:62:e6:48:a3:0f:71:12:39:27:50:5e:e8:61:
f5:ca:59:e5:b7:bb:6e:b8:4a:be:e5:3f:52:85:02:
f7:12:2b:e8:19:61:74:3b:2c:7f:ce:49:bc:cf:14:
6c:91:f5:60:3c:55:21:45:d3:61:a7:7b:68:bd:cc:
aa:af:b3:f7:1e:0e:93:70:01:e3:ea:7b:18:f8:8b:
a6:73:45:2d:84:70:77:44:82:b6:80:36:6a:0f:4f:
aa:5c:34:fd:68:ee:a0:ff:8d:5e:0d:9c:3f:e0:cc:
d3:45:e1:a9:24:fa:df:f1:8e:bd:7b:89:2c:7f:ba:
e2:48:93:18:f3:95:9c:02:25:09:a1:e3:23:79:85:
bb:6e:c3:60:6f:38:cd:9a:fa:45:b2:d8:c3:be:bd:
bc:d7:ca:ba:f1:0e:b5:bb:19:fa:5d:be:5d:76:95:
db:03:27:6f:f6:d6:04:79:3b:77:42:64:67:c7:99:
ab:a8:83:b8:8a:45:7c:5d:06:d2:9b:7b:0d:0f:3a:
73:66:b3:56:7f:93:63:0b:88:3d:16:ae:5b:69:38:
b6:d1:22:ac:d2:ca:ea:b1:84:7f:a8:36:cc:ff:35:
78:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:8C:CE:E7:A7:AF:32:20:54:0A:75:CC:A3:93:F9:21:59:5E:76:E3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42E34A52D25611EF9AEE8B8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.18.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:4a:f0:95:46:17:e3:5f:f9:42:f1:d0:d6:cd:2a:e9:ea:aa:
a5:3a:67:d0:51:6a:26:1c:3d:56:03:cd:e6:56:5b:da:ec:0d:
d2:ef:f8:d0:ce:cf:5e:20:53:76:8c:78:1a:93:31:29:42:f3:
18:41:57:87:fd:5e:d0:46:b8:2b:21:6b:15:e7:c9:c2:08:11:
88:42:16:00:7c:87:87:a4:1d:ec:82:6d:4b:41:4a:10:dd:fb:
18:00:cf:fb:8f:9b:b9:0e:38:7a:ff:fe:a2:68:08:12:c5:1a:
52:f9:4b:3b:25:87:9b:c1:28:b9:80:cb:cd:5c:30:2a:6c:1d:
64:10:13:0b:34:d6:4b:07:e4:1f:26:90:43:85:1d:86:61:ad:
fc:f8:80:55:8b:d5:d0:da:17:63:57:31:71:fa:41:e7:ba:80:
7d:80:84:a2:8a:0c:14:cb:46:76:ec:c5:26:81:44:12:4e:e5:
74:c7:5b:4d:dd:0b:13:9c:e4:0e:3e:dc:ba:a9:48:db:b4:ab:
8f:59:1f:db:93:68:e7:2d:fa:d2:b7:36:c3:98:8a:b1:cf:15:
14:59:ea:31:bd:e3:28:bc:dd:21:74:82:43:23:10:f4:4b:a6:
64:e3:14:81:61:44:f9:4c:e3:a9:d8:ad:ef:a0:84:47:f1:0b:
43:fa:47:d8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATsHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE0MDkwMjE3WhcNMjUwMTI2MDkwMjE3WjAYMRYw
FAYDVQQDEw02Nzg2MjgxYy1hOTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyYnhYM4GajfZYqmymHWBnmp1qk0S19giJ6GD1SWsNmLmSKMPcRI5J1Be
6GH1ylnlt7tuuEq+5T9ShQL3EivoGWF0Oyx/zkm8zxRskfVgPFUhRdNhp3tovcyq
r7P3Hg6TcAHj6nsY+Iumc0UthHB3RIK2gDZqD0+qXDT9aO6g/41eDZw/4MzTReGp
JPrf8Y69e4ksf7riSJMY85WcAiUJoeMjeYW7bsNgbzjNmvpFstjDvr2818q68Q61
uxn6Xb5ddpXbAydv9tYEeTt3QmRnx5mrqIO4ikV8XQbSm3sNDzpzZrNWf5NjC4g9
Fq5baTi20SKs0srqsYR/qDbM/zV4CwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJOM
zuenrzIgVAp1zKOT+SFZXnbjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MkUzNEE1MkQyNTYxMUVGOUFFRThCOEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtgSMA0GCSqGSIb3DQEB
CwUAA4IBAQC6SvCVRhfjX/lC8dDWzSrp6qqlOmfQUWomHD1WA83mVlva7A3S7/jQ
zs9eIFN2jHgakzEpQvMYQVeH/V7QRrgrIWsV58nCCBGIQhYAfIeHpB3sgm1LQUoQ
3fsYAM/7j5u5Djh6//6iaAgSxRpS+Us7JYebwSi5gMvNXDAqbB1kEBMLNNZLB+Qf
JpBDhR2GYa38+IBVi9XQ2hdjVzFx+kHnuoB9gISiigwUy0Z27MUmgUQSTuV0x1tN
3QsTnOQOPty6qUjbtKuPWR/bk2jnLfrStzbDmIqxzxUUWeoxveMovN0hdIJDIxD0
S6Zk4xSBYUT5TOOp2K3voIRH8QtD+kfY
-----END CERTIFICATE-----
Generated at Sun Jan 26 20:44:31 2025 by rpki-client on console.sobornost.net