Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14C8F8C40DBC11EFA8E9EB52017001B1.roa
File: 14C8F8C40DBC11EFA8E9EB52017001B1.roa (raw, json)
Hash identifier: EXTFU6jDY/1FrrxzLeU1nIMRpzCjDZsxKbUlUc7flSA=
Subject key identifier: 2D:93:3B:11:97:EB:82:B4:CE:0E:4C:7E:4A:63:28:83:83:00:98:EC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B5CD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14C8F8C40DBC11EFA8E9EB52017001B1.roa
Signing time: Thu 09 May 2024 04:24:53 +0000
ROA not before: Thu 09 May 2024 04:24:49 +0000
ROA not after: Sat 18 May 2024 04:24:49 +0000
asID: 39600
IP address blocks: 154.205.160.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46541 (0xb5cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 04:24:49 2024 GMT
Not After : May 18 04:24:49 2024 GMT
Subject: CN=663c5014-c3cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:66:5d:c1:24:f0:42:8f:21:1a:bd:ac:00:9d:
f4:f5:6e:8e:69:d9:cd:e5:a5:38:34:7d:e0:d0:ea:
5a:80:af:ed:28:7b:89:e6:7a:20:4b:9d:a7:0e:da:
87:84:f8:51:fb:d2:0a:3e:62:fa:2a:b0:26:f7:d2:
41:79:c7:01:59:d7:93:8c:a0:7d:71:5b:24:a9:68:
55:be:93:ea:88:b8:b0:df:c7:7f:fd:a6:b1:8f:f5:
c1:b4:a6:e7:62:dc:3c:7a:c7:17:19:95:17:83:05:
01:1d:00:a0:5c:b4:34:23:8d:da:56:ad:13:f6:eb:
63:bb:09:4c:f8:6a:38:1e:96:ef:6d:cd:a4:43:fe:
44:34:30:c8:fe:51:cd:39:11:95:ba:0b:b3:77:ec:
53:17:2b:2b:d5:94:d9:34:dc:ff:4e:05:d1:a1:08:
96:8b:40:59:11:22:9a:28:28:16:b0:92:a8:a7:48:
20:d7:bc:4c:85:ea:62:88:87:d3:08:15:ee:a9:b2:
c3:8d:bd:6c:b1:4b:b9:81:88:3b:f2:c9:d1:4c:f5:
35:e5:d4:a8:a3:e4:3e:f1:77:b1:46:1d:64:72:b9:
52:03:24:7b:23:7e:bb:61:88:4d:2e:d4:38:90:96:
88:24:31:00:83:b0:a9:23:a2:e9:e1:9f:f6:da:16:
74:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:93:3B:11:97:EB:82:B4:CE:0E:4C:7E:4A:63:28:83:83:00:98:EC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14C8F8C40DBC11EFA8E9EB52017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.160.0/21
Signature Algorithm: sha256WithRSAEncryption
24:e5:04:e5:7a:9e:75:01:9b:09:57:cf:43:16:7f:ff:78:a2:
dc:9c:f1:0d:5d:59:6f:1f:92:09:4d:94:c1:ea:72:c3:8c:be:
27:3d:e9:ca:98:72:5a:19:d0:67:5a:8a:9a:54:c3:4d:b7:f5:
34:97:52:15:e1:a9:17:fc:e1:16:4e:6b:37:1c:60:1a:42:e3:
6c:80:14:f9:4a:da:a8:be:59:9c:b0:45:5a:08:a5:1c:c8:aa:
39:13:1b:03:3e:7c:a0:12:ae:9e:3a:8e:ae:02:2d:27:a2:33:
ce:18:d9:72:f3:8f:9c:ad:82:21:de:8a:41:3a:cd:d0:9c:2e:
24:1d:42:a3:e1:14:db:e7:7d:2f:56:91:16:45:aa:43:c7:ad:
40:d5:a4:e6:4a:eb:71:12:10:89:e2:5b:31:0d:27:c7:93:fe:
11:eb:97:f7:84:0e:9d:ea:32:97:af:6e:2e:87:81:e8:d1:5f:
6a:ac:b0:a0:74:9a:e0:f0:40:97:de:49:f5:8b:25:ea:e5:f1:
cf:58:57:16:91:f5:36:5c:3e:8e:67:3f:f2:4f:f3:cf:7a:22:
7b:95:e4:3c:45:bc:26:e9:d2:bd:2f:b3:d3:53:e2:8a:65:a9:
33:b0:3d:80:12:b4:4c:84:08:e4:ca:86:b3:ee:73:85:80:cc:
0c:61:78:55
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALXNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA5MDQyNDQ5WhcNMjQwNTE4MDQyNDQ5WjAYMRYw
FAYDVQQDEw02NjNjNTAxNC1jM2NmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtmZdwSTwQo8hGr2sAJ309W6OadnN5aU4NH3g0OpagK/tKHuJ5nogS52n
DtqHhPhR+9IKPmL6KrAm99JBeccBWdeTjKB9cVskqWhVvpPqiLiw38d//aaxj/XB
tKbnYtw8escXGZUXgwUBHQCgXLQ0I43aVq0T9utjuwlM+Go4Hpbvbc2kQ/5ENDDI
/lHNORGVuguzd+xTFysr1ZTZNNz/TgXRoQiWi0BZESKaKCgWsJKop0gg17xMhepi
iIfTCBXuqbLDjb1ssUu5gYg78snRTPU15dSoo+Q+8XexRh1kcrlSAyR7I367YYhN
LtQ4kJaIJDEAg7CpI6Lp4Z/22hZ0IQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC2T
OxGX64K0zg5MfkpjKIODAJjsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNEM4RjhDNDBEQkMxMUVGQThFOUVCNTIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDms2gMA0GCSqGSIb3DQEB
CwUAA4IBAQAk5QTlep51AZsJV89DFn//eKLcnPENXVlvH5IJTZTB6nLDjL4nPenK
mHJaGdBnWoqaVMNNt/U0l1IV4akX/OEWTms3HGAaQuNsgBT5StqovlmcsEVaCKUc
yKo5ExsDPnygEq6eOo6uAi0nojPOGNly84+crYIh3opBOs3QnC4kHUKj4RTb530v
VpEWRapDx61A1aTmSutxEhCJ4lsxDSfHk/4R65f3hA6d6jKXr24uh4Ho0V9qrLCg
dJrg8ECX3kn1iyXq5fHPWFcWkfU2XD6OZz/yT/PPeiJ7leQ8Rbwm6dK9L7PTU+KK
ZakzsD2AErRMhAjkyoaz7nOFgMwMYXhV
-----END CERTIFICATE-----
Generated at Sun May 19 02:03:33 2024 by rpki-client on console-fra.rpki-client.org