Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/252E046C090111EFA128C94D017001B1.roa
File: 252E046C090111EFA128C94D017001B1.roa (raw, json)
Hash identifier: Fo+VMwhdBcCsomzutUvnEUND+Cp8eemqIBisSiny9Qc=
Subject key identifier: C4:4C:54:E0:2E:5E:D8:A1:CD:BD:D9:6F:4F:0B:F3:FE:08:8A:CF:87
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B41F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/252E046C090111EFA128C94D017001B1.roa
Signing time: Fri 03 May 2024 03:56:39 +0000
ROA not before: Fri 03 May 2024 03:56:36 +0000
ROA not after: Sat 11 May 2024 03:56:36 +0000
asID: 39600
IP address blocks: 154.203.72.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46111 (0xb41f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 3 03:56:36 2024 GMT
Not After : May 11 03:56:36 2024 GMT
Subject: CN=66346077-278a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:db:fb:96:0d:2c:fd:f1:29:b7:e2:b6:47:71:
f7:4a:03:46:93:9b:8e:6c:16:e0:9c:16:39:c7:9b:
99:f8:75:f1:77:39:50:76:f5:c5:80:84:4b:11:de:
cc:6b:d9:21:a1:c6:f2:78:f1:62:b6:28:89:01:c8:
7d:88:9b:f5:49:44:a1:d4:7a:b7:8e:34:d4:3c:54:
c7:c4:25:2b:f7:ce:3d:0f:ed:d1:91:3d:03:5b:ca:
3e:f6:86:3e:10:53:96:d3:57:43:b4:d5:a0:a2:34:
41:ec:48:2b:ed:f5:12:c3:db:60:1d:20:ee:9e:e3:
d0:a6:58:e7:f4:00:7e:9e:99:ee:f5:79:3e:ab:5d:
ac:11:db:e0:d8:1a:21:95:19:51:fb:02:c7:44:d6:
1e:eb:db:32:2b:2a:34:66:1d:98:e5:e9:14:24:3d:
bf:d3:66:68:a2:7b:2e:f3:01:f0:02:68:75:02:0a:
11:32:8c:8b:eb:2f:ef:aa:33:95:85:ae:24:6f:06:
e7:f5:16:48:61:a6:40:7d:c9:d4:3c:e8:a1:03:f0:
fa:13:ff:a4:e4:f4:02:ba:08:77:14:48:d0:55:95:
e0:ae:7d:6e:d3:15:54:b2:f3:4d:7d:2d:5a:db:b3:
53:f4:77:98:82:41:0b:cb:6a:8f:f3:b0:dc:a3:4b:
65:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4C:54:E0:2E:5E:D8:A1:CD:BD:D9:6F:4F:0B:F3:FE:08:8A:CF:87
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/252E046C090111EFA128C94D017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.72.0/21
Signature Algorithm: sha256WithRSAEncryption
98:d4:6d:d2:2f:cc:17:99:bd:9e:3e:f2:32:06:dd:50:5d:98:
19:fb:4c:d2:88:68:e5:06:37:6d:5d:62:aa:e0:14:89:1f:cc:
98:d8:5f:6a:a0:23:4e:ad:e7:ff:19:6a:bc:e8:76:76:b6:32:
c4:4d:d0:7d:49:87:bf:2e:b8:30:5d:f3:d1:06:03:cc:82:00:
7c:67:3e:8d:24:ef:61:49:8c:96:9a:c2:3c:c1:4c:97:f9:6b:
a2:bb:72:63:91:1e:12:af:6d:b0:b1:b0:fe:50:59:13:ca:52:
93:cf:86:f0:ac:b7:a3:0d:0d:6b:a4:fe:94:23:a3:fb:88:d1:
70:4e:d8:50:80:2e:fb:3e:63:3c:5e:65:3e:a1:9a:d0:ec:ea:
c1:8f:a8:cb:b4:bf:d0:91:55:f2:c5:47:2f:b1:8b:73:0e:99:
1f:d8:30:50:a3:a9:c4:cf:49:f2:3c:57:ff:6f:21:d1:f2:1d:
2a:13:c8:bb:20:aa:ee:5a:59:90:7b:80:27:12:5a:8c:4b:93:
53:03:d8:7f:1d:8d:fd:fc:29:fa:ec:f4:1c:0b:f0:ea:8b:ed:
d3:09:49:f6:61:52:85:c3:76:eb:b9:45:a2:91:e4:3a:9c:ad:
a9:02:50:59:f4:75:41:83:7e:7d:6d:b3:db:ca:63:25:02:d9:
da:c8:21:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALQfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTAzMDM1NjM2WhcNMjQwNTExMDM1NjM2WjAYMRYw
FAYDVQQDEw02NjM0NjA3Ny0yNzhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq9v7lg0s/fEpt+K2R3H3SgNGk5uObBbgnBY5x5uZ+HXxdzlQdvXFgIRL
Ed7Ma9khocbyePFitiiJAch9iJv1SUSh1Hq3jjTUPFTHxCUr9849D+3RkT0DW8o+
9oY+EFOW01dDtNWgojRB7Egr7fUSw9tgHSDunuPQpljn9AB+npnu9Xk+q12sEdvg
2BohlRlR+wLHRNYe69syKyo0Zh2Y5ekUJD2/02Zoonsu8wHwAmh1AgoRMoyL6y/v
qjOVha4kbwbn9RZIYaZAfcnUPOihA/D6E/+k5PQCugh3FEjQVZXgrn1u0xVUsvNN
fS1a27NT9HeYgkELy2qP87Dco0tl0wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMRM
VOAuXtihzb3Zb08L8/4Iis+HMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNTJFMDQ2QzA5MDExMUVGQTEyOEM5NEQwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmstIMA0GCSqGSIb3DQEB
CwUAA4IBAQCY1G3SL8wXmb2ePvIyBt1QXZgZ+0zSiGjlBjdtXWKq4BSJH8yY2F9q
oCNOref/GWq86HZ2tjLETdB9SYe/LrgwXfPRBgPMggB8Zz6NJO9hSYyWmsI8wUyX
+Wuiu3JjkR4Sr22wsbD+UFkTylKTz4bwrLejDQ1rpP6UI6P7iNFwTthQgC77PmM8
XmU+oZrQ7OrBj6jLtL/QkVXyxUcvsYtzDpkf2DBQo6nEz0nyPFf/byHR8h0qE8i7
IKruWlmQe4AnElqMS5NTA9h/HY39/Cn67PQcC/Dqi+3TCUn2YVKFw3bruUWikeQ6
nK2pAlBZ9HVBg359bbPbymMlAtnayCEI
-----END CERTIFICATE-----
Generated at Sun May 12 02:36:20 2024 by rpki-client on console-ams.rpki-client.org