Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1B8FD0EC0CEA11EF89939D20017001B1.roa
File: 1B8FD0EC0CEA11EF89939D20017001B1.roa (raw, json)
Hash identifier: HsKOqi5rB1n96wXaVgv4cY974L/8t+21S39sdtZRUww=
Subject key identifier: B2:16:70:05:F0:C3:EC:8D:8C:B3:1F:06:29:6A:32:22:6B:DA:B0:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B57A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1B8FD0EC0CEA11EF89939D20017001B1.roa
Signing time: Wed 08 May 2024 03:21:50 +0000
ROA not before: Wed 08 May 2024 03:21:46 +0000
ROA not after: Sat 18 May 2024 03:21:46 +0000
asID: 39600
IP address blocks: 154.90.16.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46458 (0xb57a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 03:21:46 2024 GMT
Not After : May 18 03:21:46 2024 GMT
Subject: CN=663aefcd-bcdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e1:ce:1a:91:2b:0f:d9:19:6a:01:ed:a1:13:
8a:78:7a:a3:e3:d4:6a:55:76:3e:06:4a:bc:24:67:
4e:9b:a4:33:6f:c7:62:87:9d:f0:e8:ce:75:bd:a4:
5f:92:e3:e5:ea:61:00:68:59:56:97:92:4a:26:d9:
4d:91:ef:be:c5:44:af:4c:ba:c2:f0:57:89:89:3d:
3d:1e:c4:9e:e8:e3:c6:cc:e8:7b:67:95:55:93:1e:
a2:88:92:9e:7d:c9:97:6f:f3:c2:ad:98:b7:51:ec:
f8:74:6e:df:f4:15:51:70:1c:b5:25:ff:a0:e0:e4:
55:cf:20:79:9f:11:f8:d3:5e:b7:67:bd:dc:4b:cc:
47:0c:60:b5:20:e0:7f:5e:67:cb:4f:13:6a:ac:23:
d3:3a:21:17:73:9b:6b:43:57:da:13:db:08:b9:df:
18:ff:6a:82:be:00:50:d3:8e:01:71:70:cc:90:81:
92:ef:47:dd:d1:ab:ef:e0:9b:17:9b:85:bc:f3:6f:
1f:c7:f4:8c:16:18:a7:0e:13:04:ae:9d:f4:76:a5:
df:06:41:f7:83:d8:36:fd:85:28:93:2d:21:ed:0c:
82:8b:bc:71:e9:ec:4e:57:6e:8a:23:e7:e9:39:75:
c3:ec:88:9a:96:ad:6d:8c:98:05:1f:e0:d4:ed:31:
f6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:16:70:05:F0:C3:EC:8D:8C:B3:1F:06:29:6A:32:22:6B:DA:B0:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1B8FD0EC0CEA11EF89939D20017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.16.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:a7:ca:ef:34:49:b9:cc:09:fc:62:41:46:46:a6:18:f8:a0:
af:2b:e9:17:e1:c5:bc:86:26:9a:38:5d:26:af:a2:c7:e5:aa:
3e:b4:a6:a4:4c:a6:76:10:31:b7:10:94:b0:34:1f:17:4c:d7:
ff:f3:80:22:86:ad:fe:4d:25:0e:1e:25:d3:08:bd:0b:d9:d8:
b2:02:84:34:f6:4d:0d:cb:32:d6:b1:06:3f:b3:c6:ff:a9:b4:
52:8e:21:26:fc:e9:9b:f1:c9:3c:23:b1:f2:11:af:05:93:d8:
22:50:10:d8:85:4d:ec:27:24:04:96:23:a6:05:1b:f0:1e:52:
9c:8c:d1:26:eb:cd:6b:b8:67:e4:f8:0d:51:5f:2a:e6:2c:4f:
2c:a5:d3:f0:5e:cc:45:9e:a7:d1:03:df:85:a5:ac:76:06:08:
a0:5f:ce:79:9f:b2:90:fa:a4:6e:30:a2:dd:c9:3a:98:28:23:
6f:40:b8:85:bc:d4:d9:29:4c:ca:33:b8:97:07:73:c4:3b:e9:
08:e9:f0:06:90:35:ec:9b:f7:e2:f1:60:97:c7:04:ce:b6:ae:
44:e8:f4:47:93:27:3c:10:d3:88:08:dc:f9:75:3c:59:3d:7b:
fe:99:2e:2e:35:1b:3f:36:85:5a:3d:a2:38:37:f1:19:c2:9d:
34:be:d5:79
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALV6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA4MDMyMTQ2WhcNMjQwNTE4MDMyMTQ2WjAYMRYw
FAYDVQQDEw02NjNhZWZjZC1iY2RiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsuHOGpErD9kZagHtoROKeHqj49RqVXY+Bkq8JGdOm6Qzb8dih53w6M51
vaRfkuPl6mEAaFlWl5JKJtlNke++xUSvTLrC8FeJiT09HsSe6OPGzOh7Z5VVkx6i
iJKefcmXb/PCrZi3Uez4dG7f9BVRcBy1Jf+g4ORVzyB5nxH40163Z73cS8xHDGC1
IOB/XmfLTxNqrCPTOiEXc5trQ1faE9sIud8Y/2qCvgBQ044BcXDMkIGS70fd0avv
4JsXm4W8828fx/SMFhinDhMErp30dqXfBkH3g9g2/YUoky0h7QyCi7xx6exOV26K
I+fpOXXD7Iialq1tjJgFH+DU7TH2rQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLIW
cAXww+yNjLMfBilqMiJr2rBXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQjhGRDBFQzBDRUExMUVGODk5MzlEMjAwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmloQMA0GCSqGSIb3DQEB
CwUAA4IBAQA7p8rvNEm5zAn8YkFGRqYY+KCvK+kX4cW8hiaaOF0mr6LH5ao+tKak
TKZ2EDG3EJSwNB8XTNf/84Aihq3+TSUOHiXTCL0L2diyAoQ09k0NyzLWsQY/s8b/
qbRSjiEm/Omb8ck8I7HyEa8Fk9giUBDYhU3sJyQEliOmBRvwHlKcjNEm681ruGfk
+A1RXyrmLE8spdPwXsxFnqfRA9+Fpax2BgigX855n7KQ+qRuMKLdyTqYKCNvQLiF
vNTZKUzKM7iXB3PEO+kI6fAGkDXsm/fi8WCXxwTOtq5E6PRHkyc8ENOICNz5dTxZ
PXv+mS4uNRs/NoVaPaI4N/EZwp00vtV5
-----END CERTIFICATE-----
Generated at Sun May 19 02:03:33 2024 by rpki-client on console-fra.rpki-client.org