Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FAFEF6E0C1211EFA26F3438017001B1.roa
File: 1FAFEF6E0C1211EFA26F3438017001B1.roa (raw, json)
Hash identifier: rsUAg3EjTgHxERThDgC2qFx983MgfkNVfbUM18o8iuY=
Subject key identifier: 70:A4:BA:D6:52:00:C5:6D:82:F1:A5:E3:88:46:74:EE:9C:01:46:D5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B561
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FAFEF6E0C1211EFA26F3438017001B1.roa
Signing time: Tue 07 May 2024 01:35:45 +0000
ROA not before: Tue 07 May 2024 01:35:42 +0000
ROA not after: Fri 17 May 2024 01:35:42 +0000
asID: 142062
IP address blocks: 154.203.96.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46433 (0xb561)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 7 01:35:42 2024 GMT
Not After : May 17 01:35:42 2024 GMT
Subject: CN=66398571-c9b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a5:60:61:f9:86:32:2b:2a:47:f9:57:66:54:
70:f2:16:0d:a6:17:f5:9f:88:7a:87:9a:e7:60:ad:
9a:47:da:b6:62:bd:24:0f:f0:65:d3:91:7d:8f:99:
22:a0:ca:ca:d3:af:12:6a:e9:84:24:53:9d:19:26:
4b:7b:5c:ac:79:1a:ca:d4:71:32:04:d7:4e:50:16:
63:6c:99:96:da:7b:0a:6f:30:e4:21:57:88:bb:c7:
0b:fd:63:ec:87:e1:37:63:5d:87:fa:36:e4:06:2c:
7c:b8:4a:13:55:eb:ee:bc:d1:87:49:9e:8e:ea:4a:
f6:c3:f2:71:b9:4f:db:f0:0b:ed:ec:67:b7:ba:f0:
f3:50:31:f9:12:fd:74:b1:bb:98:93:29:f3:26:37:
a8:e1:57:00:52:69:3c:2f:04:db:56:56:eb:cf:fd:
0d:af:d7:6a:d9:7e:0e:17:a6:17:60:45:32:73:47:
c3:32:db:06:32:25:6a:c9:eb:ea:2f:b0:b3:07:ca:
2b:92:95:d6:b5:9b:a9:86:de:20:8a:cd:c6:55:c1:
21:ac:63:c0:f6:6f:03:a2:ac:8e:d6:8d:bd:91:a0:
45:c6:cf:5c:ab:cf:b9:31:38:94:f2:4f:56:6d:01:
9e:3e:5b:b6:14:49:18:4d:90:62:c7:03:ef:af:6a:
0d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A4:BA:D6:52:00:C5:6D:82:F1:A5:E3:88:46:74:EE:9C:01:46:D5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FAFEF6E0C1211EFA26F3438017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.96.0/19
Signature Algorithm: sha256WithRSAEncryption
1e:df:cc:3e:21:8f:94:f3:fd:38:33:56:7e:03:c8:90:31:a6:
ae:08:ee:6a:16:9f:2a:db:48:4e:d6:9e:e3:4b:49:6e:2b:58:
db:63:47:16:dd:5e:d8:fa:21:5a:94:b4:ba:91:15:26:ee:e8:
ee:24:0e:06:b7:54:14:c1:28:47:28:b3:a0:d5:c5:69:b5:6c:
7f:fe:5d:23:92:29:52:b9:b7:bd:a9:e8:f0:25:a0:34:ea:86:
b3:b2:ea:17:5d:bf:47:de:91:f1:06:39:62:c8:99:82:93:1e:
2a:7b:56:06:1e:14:ea:99:3d:bb:e8:c3:d8:12:2c:b6:eb:74:
b3:b7:39:65:dd:d7:be:6c:e4:01:aa:c6:1b:6a:36:a6:ae:50:
ac:48:98:a3:c7:d8:e9:70:71:0b:f4:df:fb:75:07:a0:d1:d5:
dd:ab:07:53:48:4c:4e:aa:a3:ad:2e:b2:cb:db:08:5a:10:d0:
40:1c:70:4a:62:89:e4:fa:2b:0d:d7:81:7a:9b:2a:fb:78:fa:
7d:12:69:9c:3b:dd:de:c0:33:a3:0e:0a:d4:ae:9e:b1:7f:62:
7f:bf:43:a5:b4:42:40:ed:23:1d:f2:93:ca:3d:15:3e:49:e8:
08:37:3e:34:a6:28:c1:02:ec:ea:00:f3:da:b7:b6:90:c4:63:
c6:df:0f:06
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALVhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA3MDEzNTQyWhcNMjQwNTE3MDEzNTQyWjAYMRYw
FAYDVQQDEw02NjM5ODU3MS1jOWI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2KVgYfmGMisqR/lXZlRw8hYNphf1n4h6h5rnYK2aR9q2Yr0kD/Bl05F9
j5kioMrK068SaumEJFOdGSZLe1yseRrK1HEyBNdOUBZjbJmW2nsKbzDkIVeIu8cL
/WPsh+E3Y12H+jbkBix8uEoTVevuvNGHSZ6O6kr2w/JxuU/b8Avt7Ge3uvDzUDH5
Ev10sbuYkynzJjeo4VcAUmk8LwTbVlbrz/0Nr9dq2X4OF6YXYEUyc0fDMtsGMiVq
yevqL7CzB8orkpXWtZupht4gis3GVcEhrGPA9m8DoqyO1o29kaBFxs9cq8+5MTiU
8k9WbQGePlu2FEkYTZBixwPvr2oNAwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHCk
utZSAMVtgvGl44hGdO6cAUbVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRkFGRUY2RTBDMTIxMUVGQTI2RjM0MzgwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmstgMA0GCSqGSIb3DQEB
CwUAA4IBAQAe38w+IY+U8/04M1Z+A8iQMaauCO5qFp8q20hO1p7jS0luK1jbY0cW
3V7Y+iFalLS6kRUm7ujuJA4Gt1QUwShHKLOg1cVptWx//l0jkilSube9qejwJaA0
6oazsuoXXb9H3pHxBjliyJmCkx4qe1YGHhTqmT276MPYEiy263Sztzll3de+bOQB
qsYbajamrlCsSJijx9jpcHEL9N/7dQeg0dXdqwdTSExOqqOtLrLL2whaENBAHHBK
Yonk+isN14F6myr7ePp9EmmcO93ewDOjDgrUrp6xf2J/v0OltEJA7SMd8pPKPRU+
SegINz40pijBAuzqAPPat7aQxGPG3w8G
-----END CERTIFICATE-----
Generated at Fri May 17 10:15:51 2024 by rpki-client on console-ams.rpki-client.org