Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08947F040DB911EFAFA1053C017001B1.roa
File: 08947F040DB911EFAFA1053C017001B1.roa (raw, json)
Hash identifier: wdyNa2S0onBOywBRExc7oc6+464mbglKzotWmogu0ps=
Subject key identifier: B0:93:86:95:F7:25:D7:19:59:E9:F2:D3:B5:8B:6A:27:19:65:7F:8B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B5BD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08947F040DB911EFAFA1053C017001B1.roa
Signing time: Thu 09 May 2024 04:03:04 +0000
ROA not before: Thu 09 May 2024 04:03:00 +0000
ROA not after: Sat 18 May 2024 04:03:00 +0000
asID: 39600
IP address blocks: 154.207.208.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46525 (0xb5bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 04:03:00 2024 GMT
Not After : May 18 04:03:00 2024 GMT
Subject: CN=663c4af7-7e3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:fe:85:a9:b6:b0:8f:40:29:ee:e0:ad:a5:4d:
c8:28:ff:12:a3:3b:13:ad:b5:a8:43:b8:5e:41:40:
64:b8:96:55:c3:94:6c:d2:ba:e3:b2:f4:fd:14:29:
1a:7c:6a:49:a9:e0:48:89:f1:7b:40:a9:17:83:97:
92:f9:0a:36:f3:d8:cb:c6:8a:35:a8:cf:11:0f:b0:
e5:1a:ea:8f:7a:5e:30:e2:2e:e3:dd:64:5d:c9:57:
62:0f:72:fe:5b:d1:64:b5:9c:be:ed:36:6b:64:6a:
53:d5:72:b4:e5:ef:a3:f5:45:cb:14:b7:c5:13:61:
0f:ea:7f:95:21:f9:5f:ac:07:5e:ed:e1:94:ff:5f:
a0:f2:95:44:e1:6a:56:bd:41:44:3f:c9:3e:e2:2f:
4c:31:88:6a:47:6b:38:10:c4:3d:7a:1b:3d:bd:be:
e4:74:ee:21:9c:2c:66:90:be:fd:f5:ec:59:4b:35:
21:f7:b0:63:4e:76:6c:06:40:07:a6:6c:b1:d8:5a:
15:89:db:f4:1f:ca:43:c1:1a:55:87:76:10:92:f8:
20:dc:e8:ef:50:11:36:5c:e5:49:09:22:b2:32:76:
7b:91:57:09:10:e1:94:95:3b:a3:4d:f3:d5:eb:31:
56:54:72:96:02:f2:fb:52:62:95:a1:5c:4b:2b:38:
7c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:93:86:95:F7:25:D7:19:59:E9:F2:D3:B5:8B:6A:27:19:65:7F:8B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08947F040DB911EFAFA1053C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.208.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:0b:b8:a6:db:8f:16:c2:0e:98:58:2f:5b:44:fd:d6:ef:53:
ae:6b:e2:51:40:72:c5:13:c5:7b:8c:f4:97:8a:05:06:5a:00:
42:a0:04:c1:36:94:08:39:c4:3d:7d:a3:b6:fa:d2:ed:aa:9c:
6b:fe:f5:08:41:ae:8a:18:2c:9f:ee:c6:46:a7:c7:53:69:72:
39:6a:86:cc:92:bc:cd:56:b9:35:23:d5:c0:79:14:72:3f:a0:
85:a0:ee:24:96:c7:0a:83:d2:ff:41:4c:d6:97:4e:2c:d7:9c:
af:91:86:51:86:a3:3a:27:ca:9c:9f:0f:5f:98:e6:1f:e4:45:
d1:68:bf:5b:4b:89:c9:9e:13:bc:f0:79:85:22:a1:25:b9:6c:
e0:26:32:21:99:20:a2:9a:9c:56:f3:35:c2:b0:9d:72:83:40:
ab:eb:1e:89:af:fd:0c:44:66:65:ff:c1:d7:ea:83:67:08:60:
5e:28:13:41:bd:33:ff:42:28:64:54:1c:ba:bd:ca:21:3f:17:
cc:34:1a:19:07:6a:10:13:58:be:35:b6:40:4a:fb:13:e1:8a:
3d:b2:97:73:a8:f8:e8:c8:aa:83:b7:7c:06:7c:e9:4c:04:d7:
07:f2:03:a7:d7:1d:a6:d9:92:e0:73:01:16:94:91:23:55:fd:
9d:39:e7:c4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALW9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA5MDQwMzAwWhcNMjQwNTE4MDQwMzAwWjAYMRYw
FAYDVQQDEw02NjNjNGFmNy03ZTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxP6Fqbawj0Ap7uCtpU3IKP8SozsTrbWoQ7heQUBkuJZVw5Rs0rrjsvT9
FCkafGpJqeBIifF7QKkXg5eS+Qo289jLxoo1qM8RD7DlGuqPel4w4i7j3WRdyVdi
D3L+W9FktZy+7TZrZGpT1XK05e+j9UXLFLfFE2EP6n+VIflfrAde7eGU/1+g8pVE
4WpWvUFEP8k+4i9MMYhqR2s4EMQ9ehs9vb7kdO4hnCxmkL799exZSzUh97BjTnZs
BkAHpmyx2FoVidv0H8pDwRpVh3YQkvgg3OjvUBE2XOVJCSKyMnZ7kVcJEOGUlTuj
TfPV6zFWVHKWAvL7UmKVoVxLKzh8AQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLCT
hpX3JdcZWeny07WLaicZZX+LMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wODk0N0YwNDBEQjkxMUVGQUZBMTA1M0MwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDms/QMA0GCSqGSIb3DQEB
CwUAA4IBAQAdC7im248Wwg6YWC9bRP3W71Oua+JRQHLFE8V7jPSXigUGWgBCoATB
NpQIOcQ9faO2+tLtqpxr/vUIQa6KGCyf7sZGp8dTaXI5aobMkrzNVrk1I9XAeRRy
P6CFoO4klscKg9L/QUzWl04s15yvkYZRhqM6J8qcnw9fmOYf5EXRaL9bS4nJnhO8
8HmFIqEluWzgJjIhmSCimpxW8zXCsJ1yg0Cr6x6Jr/0MRGZl/8HX6oNnCGBeKBNB
vTP/QihkVBy6vcohPxfMNBoZB2oQE1i+NbZASvsT4Yo9spdzqPjoyKqDt3wGfOlM
BNcH8gOn1x2m2ZLgcwEWlJEjVf2dOefE
-----END CERTIFICATE-----
Generated at Sun May 19 02:03:33 2024 by rpki-client on console-fra.rpki-client.org