Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DDF8DAA06D211EFABC36E01017001B1.roa
File: 2DDF8DAA06D211EFABC36E01017001B1.roa (raw, json)
Hash identifier: LL7q4MAfZ63FKyxxVM13P2bm1KUzaR2aC8/LaJ8TPx8=
Subject key identifier: D6:8E:3E:67:4B:3B:AF:92:E7:6F:14:33:E9:BA:12:96:4D:CC:96:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B2B5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DDF8DAA06D211EFABC36E01017001B1.roa
Signing time: Tue 30 Apr 2024 09:15:25 +0000
ROA not before: Tue 30 Apr 2024 09:15:22 +0000
ROA not after: Mon 20 May 2024 09:15:22 +0000
asID: 39600
IP address blocks: 154.91.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45749 (0xb2b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 09:15:22 2024 GMT
Not After : May 20 09:15:22 2024 GMT
Subject: CN=6630b6ad-00ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d8:3d:33:77:99:c4:3b:e1:32:4d:9f:8a:7d:
ae:15:49:7f:99:8c:fb:94:7a:83:89:f8:50:5f:76:
5f:d0:37:e0:74:10:bd:0d:43:08:7a:ee:5f:11:ea:
ca:90:a7:49:c5:c2:59:c4:2a:da:2e:4c:15:e9:2e:
ee:eb:a3:c8:e0:a4:4b:8f:48:b5:92:b1:c0:fc:04:
0d:d9:13:22:01:2a:b5:93:4e:ad:d3:a2:0e:9a:e8:
dd:cb:7e:db:55:9c:7b:97:cc:b5:8d:43:82:4f:a1:
42:b5:3b:10:f7:47:f9:2b:7f:44:19:ee:ed:a4:17:
d7:2c:60:73:51:01:d1:19:22:3d:82:7f:21:11:aa:
11:7d:49:4e:65:f7:1d:37:df:bc:bb:ff:a4:21:15:
e2:73:6b:5f:70:f3:5e:69:a5:9f:c5:ea:ec:a2:e1:
7a:9c:64:44:40:cc:54:64:81:70:ad:90:80:7b:d0:
3f:0d:2c:8a:08:73:86:ce:b4:91:72:99:1a:c8:50:
f2:67:da:8c:27:b3:ba:d4:8a:53:cc:94:25:5c:b8:
f4:86:ca:ed:b9:8d:64:7e:17:3b:fe:f0:d3:b1:b3:
2f:87:a3:b5:d7:93:b4:3e:31:f1:c4:76:89:82:9a:
d8:46:56:0c:53:2e:4b:6e:10:b4:3d:60:3c:d6:91:
de:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:8E:3E:67:4B:3B:AF:92:E7:6F:14:33:E9:BA:12:96:4D:CC:96:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DDF8DAA06D211EFABC36E01017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.128.0/21
Signature Algorithm: sha256WithRSAEncryption
c5:8e:2e:b0:e4:c2:3a:2e:f5:e8:de:f2:d2:9d:bb:f7:e0:ac:
0d:77:b8:f3:4f:cf:5b:41:a4:b0:a1:51:59:db:63:8d:7a:df:
1a:1d:79:d5:f5:40:3e:7b:fa:c6:d5:2e:df:42:84:60:d9:87:
dc:99:3d:dd:a3:88:e2:e9:8b:3c:85:ab:4f:71:0c:3c:fe:82:
c5:7b:b4:71:28:63:0e:97:10:c1:4c:31:2d:f5:1f:42:96:72:
c5:0f:da:16:a8:9c:21:25:c7:e8:5c:bb:06:67:48:60:ef:71:
7f:1e:d4:d3:69:18:ea:46:ea:08:a4:7b:ef:4f:0d:02:2f:f5:
79:80:f5:7d:65:27:a8:01:de:15:3e:ab:0b:ae:e7:04:bd:23:
52:e8:d0:06:75:6e:d2:16:54:6e:72:10:83:fe:10:2d:48:95:
f1:39:07:b1:03:50:67:94:81:a2:5a:73:7d:d6:3e:01:fc:5c:
41:2e:ae:94:54:bb:1d:ae:da:4a:3f:e5:b6:d9:14:13:69:1d:
5c:3f:6d:b0:78:0d:1e:ca:13:cd:01:0a:e8:18:5a:62:83:cf:
96:4d:2e:9e:2b:68:04:c8:51:ec:7a:4e:3c:93:11:76:e8:a2:
44:03:68:39:cb:24:d2:86:9a:8a:7b:09:a6:69:d1:ab:d8:3f:
56:b7:5a:52
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALK1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDMwMDkxNTIyWhcNMjQwNTIwMDkxNTIyWjAYMRYw
FAYDVQQDEw02NjMwYjZhZC0wMGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2dg9M3eZxDvhMk2fin2uFUl/mYz7lHqDifhQX3Zf0DfgdBC9DUMIeu5f
EerKkKdJxcJZxCraLkwV6S7u66PI4KRLj0i1krHA/AQN2RMiASq1k06t06IOmujd
y37bVZx7l8y1jUOCT6FCtTsQ90f5K39EGe7tpBfXLGBzUQHRGSI9gn8hEaoRfUlO
ZfcdN9+8u/+kIRXic2tfcPNeaaWfxersouF6nGREQMxUZIFwrZCAe9A/DSyKCHOG
zrSRcpkayFDyZ9qMJ7O61IpTzJQlXLj0hsrtuY1kfhc7/vDTsbMvh6O115O0PjHx
xHaJgprYRlYMUy5LbhC0PWA81pHeBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNaO
PmdLO6+S528UM+m6EpZNzJarMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRERGOERBQTA2RDIxMUVGQUJDMzZFMDEwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmluAMA0GCSqGSIb3DQEB
CwUAA4IBAQDFji6w5MI6LvXo3vLSnbv34KwNd7jzT89bQaSwoVFZ22ONet8aHXnV
9UA+e/rG1S7fQoRg2YfcmT3do4ji6Ys8hatPcQw8/oLFe7RxKGMOlxDBTDEt9R9C
lnLFD9oWqJwhJcfoXLsGZ0hg73F/HtTTaRjqRuoIpHvvTw0CL/V5gPV9ZSeoAd4V
PqsLrucEvSNS6NAGdW7SFlRuchCD/hAtSJXxOQexA1BnlIGiWnN91j4B/FxBLq6U
VLsdrtpKP+W22RQTaR1cP22weA0eyhPNAQroGFpig8+WTS6eK2gEyFHsek48kxF2
6KJEA2g5yyTShpqKewmmadGr2D9Wt1pS
-----END CERTIFICATE-----
Generated at Tue May 21 02:40:32 2024 by rpki-client on console-ams.rpki-client.org