Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1852E6DC07A711EF8A55AE45017001B1.roa
File: 1852E6DC07A711EF8A55AE45017001B1.roa (raw, json)
Hash identifier: t170cLWBzHMAMgrctnYu5gyDxbpl/1LDrO0NltcgOLU=
Subject key identifier: A8:66:11:75:DD:F6:A9:21:E9:C8:C5:66:F8:A3:DC:09:FA:A1:E8:A5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B342
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1852E6DC07A711EF8A55AE45017001B1.roa
Signing time: Wed 01 May 2024 10:39:32 +0000
ROA not before: Wed 01 May 2024 10:39:29 +0000
ROA not after: Sat 11 May 2024 10:39:29 +0000
asID: 136950
IP address blocks: 154.206.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45890 (0xb342)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 10:39:29 2024 GMT
Not After : May 11 10:39:29 2024 GMT
Subject: CN=66321be4-694a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ef:24:06:85:7e:d6:7f:1d:10:61:d0:fd:03:
22:a6:c5:55:55:07:05:14:82:7d:e4:f1:87:cd:91:
18:7a:a7:8e:8c:eb:6e:48:3a:5d:7c:37:fe:48:b1:
5c:d4:fd:14:71:57:f6:ed:0a:97:aa:31:8e:2b:59:
7d:bf:6f:b2:40:27:37:2f:ee:64:ef:69:85:a3:26:
01:56:24:b6:ab:3f:f0:4a:b0:67:b8:23:c9:a7:29:
7e:66:03:7d:fc:ef:f6:46:9a:1a:fe:ad:70:69:ec:
76:ce:19:67:35:a7:f4:27:c2:5a:3b:07:a4:54:a8:
17:f3:56:f7:36:0d:1c:1d:a0:2e:46:01:cd:06:59:
63:dd:56:57:6e:17:5c:54:3f:d4:0d:9c:ff:82:00:
fd:7a:5f:d6:8a:f1:d5:6a:64:5b:bf:32:7d:19:ca:
8a:c3:07:9e:40:4c:2f:0c:fd:c7:cd:fd:2a:a1:c0:
ab:89:9c:18:8e:b1:d3:76:4c:b8:df:7e:d6:18:48:
f4:64:43:bc:58:6d:06:ca:9e:7b:61:b5:12:71:4c:
07:db:bc:11:67:00:40:97:26:fc:19:88:06:59:c1:
35:5f:95:30:82:41:d0:7c:7d:a9:78:50:9c:d5:07:
23:7c:61:69:e1:87:b4:60:35:88:b1:aa:a0:9b:ac:
a7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:66:11:75:DD:F6:A9:21:E9:C8:C5:66:F8:A3:DC:09:FA:A1:E8:A5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1852E6DC07A711EF8A55AE45017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.192.0/18
Signature Algorithm: sha256WithRSAEncryption
65:1e:02:03:51:ea:e9:70:43:64:26:42:0f:f5:6c:53:87:98:
97:00:75:f4:80:89:ce:d6:47:45:ba:0a:32:5a:69:56:b0:f0:
da:e6:73:48:eb:83:10:81:b8:00:1e:47:fd:c1:dc:2e:6d:bb:
48:73:7d:97:6f:00:aa:83:6f:f7:8d:80:5c:18:40:2e:d5:00:
96:5e:21:14:a3:35:1f:84:b4:5a:07:d8:99:a2:a0:2e:05:3d:
a5:eb:bf:2d:1a:75:d9:ac:8e:10:8f:93:29:4b:ac:71:ca:32:
88:62:6e:60:c9:38:18:0d:8b:25:73:5e:bf:b0:50:4c:8a:bf:
1b:fd:cf:3e:9e:93:0d:6d:54:2a:7a:ae:27:17:c2:2a:e2:f4:
62:92:65:0c:fb:cf:43:92:fb:ae:f9:06:2e:c1:d2:01:b0:4c:
d8:3d:98:ac:c1:3a:d0:01:2e:48:ab:c3:fe:b0:ff:1c:f4:f9:
56:c8:10:1b:1a:e1:14:5d:58:bf:5a:55:ca:10:2c:32:46:6c:
94:dc:fe:03:8f:f4:14:b0:9a:6f:da:bf:69:62:73:58:ca:46:
7a:44:00:1e:e1:07:e7:0d:9d:c0:d3:1e:cd:d1:ef:67:98:64:
fb:d0:84:6a:df:30:c5:2b:f4:75:e7:94:ad:6b:b9:d6:b2:35:
d3:c4:34:ee
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALNCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTAxMTAzOTI5WhcNMjQwNTExMTAzOTI5WjAYMRYw
FAYDVQQDEw02NjMyMWJlNC02OTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2O8kBoV+1n8dEGHQ/QMipsVVVQcFFIJ95PGHzZEYeqeOjOtuSDpdfDf+
SLFc1P0UcVf27QqXqjGOK1l9v2+yQCc3L+5k72mFoyYBViS2qz/wSrBnuCPJpyl+
ZgN9/O/2Rpoa/q1waex2zhlnNaf0J8JaOwekVKgX81b3Ng0cHaAuRgHNBllj3VZX
bhdcVD/UDZz/ggD9el/WivHVamRbvzJ9GcqKwweeQEwvDP3Hzf0qocCriZwYjrHT
dky4337WGEj0ZEO8WG0Gyp57YbUScUwH27wRZwBAlyb8GYgGWcE1X5UwgkHQfH2p
eFCc1QcjfGFp4Ye0YDWIsaqgm6yn4QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKhm
EXXd9qkh6cjFZvij3An6oeilMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xODUyRTZEQzA3QTcxMUVGOEE1NUFFNDUwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGms7AMA0GCSqGSIb3DQEB
CwUAA4IBAQBlHgIDUerpcENkJkIP9WxTh5iXAHX0gInO1kdFugoyWmlWsPDa5nNI
64MQgbgAHkf9wdwubbtIc32XbwCqg2/3jYBcGEAu1QCWXiEUozUfhLRaB9iZoqAu
BT2l678tGnXZrI4Qj5MpS6xxyjKIYm5gyTgYDYslc16/sFBMir8b/c8+npMNbVQq
eq4nF8Iq4vRikmUM+89Dkvuu+QYuwdIBsEzYPZiswTrQAS5Iq8P+sP8c9PlWyBAb
GuEUXVi/WlXKECwyRmyU3P4Dj/QUsJpv2r9pYnNYykZ6RAAe4QfnDZ3A0x7N0e9n
mGT70IRq3zDFK/R155Sta7nWsjXTxDTu
-----END CERTIFICATE-----
Generated at Sun May 12 01:39:46 2024 by rpki-client on console-fra.rpki-client.org