Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B8D84000C1011EFB6D74A26017001B1.roa
File: 3B8D84000C1011EFB6D74A26017001B1.roa (raw, json)
Hash identifier: rj4DCl1+WMFrBKhSeerGFRwQ7vnOZfmHQLG5IXsbi4k=
Subject key identifier: 42:E2:37:BC:5A:5D:3A:A7:61:EC:4E:50:43:86:1D:DD:BF:96:21:8C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B551
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B8D84000C1011EFB6D74A26017001B1.roa
Signing time: Tue 07 May 2024 01:22:13 +0000
ROA not before: Tue 07 May 2024 01:22:10 +0000
ROA not after: Wed 15 May 2024 01:22:10 +0000
asID: 140227
IP address blocks: 154.86.20.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46417 (0xb551)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 7 01:22:10 2024 GMT
Not After : May 15 01:22:10 2024 GMT
Subject: CN=66398245-7c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fc:9c:bc:5f:ae:df:b7:3c:a4:4a:70:70:5d:
5a:d3:cd:bc:c7:25:d1:e9:fc:33:91:94:b5:4f:89:
3f:0e:37:bd:c5:dd:55:82:a3:62:fd:05:8f:e8:94:
88:e1:fa:23:3e:fd:bb:75:cf:70:f8:ac:f5:27:83:
ff:eb:a0:30:b1:57:26:b1:26:f0:f5:24:24:0c:9a:
f8:25:1f:61:7a:54:f2:b2:f1:89:3a:1d:15:59:de:
f8:31:cb:1e:f2:2d:7a:66:03:e4:8b:ea:0f:37:1a:
6c:b7:fe:a9:42:1d:04:95:6d:10:d9:b8:9d:e5:10:
9b:c8:3c:bb:05:12:85:46:77:53:f8:bd:85:62:49:
75:1b:c4:08:e8:9d:8c:52:e4:89:f0:85:e0:7a:6c:
cb:67:57:01:f5:ed:d8:c6:81:61:fc:a3:64:98:6f:
46:2a:0c:cc:7f:4d:6f:5e:c6:d9:b1:4f:68:30:42:
57:34:6f:3f:31:bc:4f:58:09:4a:22:d2:fe:ae:69:
12:c4:49:c2:16:9c:9d:0f:19:f9:ed:b8:8f:fd:e6:
53:bf:da:94:2b:72:d6:fe:a3:c5:73:72:3f:d0:15:
56:93:28:d2:d0:05:76:81:fd:bb:fe:8f:b7:0b:d0:
b8:1f:71:8f:84:3b:a4:fa:66:8d:74:18:63:9a:f7:
10:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E2:37:BC:5A:5D:3A:A7:61:EC:4E:50:43:86:1D:DD:BF:96:21:8C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3B8D84000C1011EFB6D74A26017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.20.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:9d:5c:d5:8e:80:e5:53:72:0e:a4:5c:6f:7c:f5:13:69:c5:
d4:8e:35:40:b9:72:cc:c9:c0:7c:2c:1a:e5:72:b0:b8:67:42:
8d:33:51:ae:d0:12:30:42:a8:85:a4:63:28:8a:f0:92:b8:f8:
bf:a6:4a:55:04:f4:fc:e4:8b:f9:e8:b5:2e:16:23:a2:ca:b9:
37:35:82:6c:11:03:28:c1:f4:ba:90:27:00:d3:bb:30:6e:55:
c9:a4:6c:01:f9:35:65:3a:2f:4d:5e:6d:7a:0a:d0:0a:2f:05:
d6:dd:4a:0f:08:62:22:ed:13:9e:01:02:f5:4f:70:41:44:c1:
7b:5e:d7:7f:1e:0b:e7:c6:03:fe:54:88:ba:18:bb:e0:61:18:
f1:53:6b:63:ec:ff:0a:57:49:84:c2:38:1d:01:39:45:60:33:
13:a2:75:b4:d2:be:8b:dc:a0:bb:42:bb:e5:fd:22:eb:9c:85:
cd:ad:db:fe:5b:48:14:9e:0f:b8:eb:f0:9c:f8:cb:69:35:36:
0b:59:57:b5:1c:bf:4d:63:48:92:11:42:eb:f4:3e:56:c5:7e:
8e:a3:f6:48:90:a8:3c:f1:fc:64:d5:34:c0:2c:3d:61:6e:25:
e7:0d:6c:ca:66:b9:e7:03:f5:9f:1d:fd:87:fe:2c:1a:03:96:
5f:dd:8e:71
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALVRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA3MDEyMjEwWhcNMjQwNTE1MDEyMjEwWjAYMRYw
FAYDVQQDEw02NjM5ODI0NS03YzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnfycvF+u37c8pEpwcF1a0828xyXR6fwzkZS1T4k/Dje9xd1VgqNi/QWP
6JSI4fojPv27dc9w+Kz1J4P/66AwsVcmsSbw9SQkDJr4JR9helTysvGJOh0VWd74
Mcse8i16ZgPki+oPNxpst/6pQh0ElW0Q2bid5RCbyDy7BRKFRndT+L2FYkl1G8QI
6J2MUuSJ8IXgemzLZ1cB9e3YxoFh/KNkmG9GKgzMf01vXsbZsU9oMEJXNG8/MbxP
WAlKItL+rmkSxEnCFpydDxn57biP/eZTv9qUK3LW/qPFc3I/0BVWkyjS0AV2gf27
/o+3C9C4H3GPhDuk+maNdBhjmvcQGwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFELi
N7xaXTqnYexOUEOGHd2/liGMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQjhEODQwMDBDMTAxMUVGQjZENzRBMjYwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlYUMA0GCSqGSIb3DQEB
CwUAA4IBAQA/nVzVjoDlU3IOpFxvfPUTacXUjjVAuXLMycB8LBrlcrC4Z0KNM1Gu
0BIwQqiFpGMoivCSuPi/pkpVBPT85Iv56LUuFiOiyrk3NYJsEQMowfS6kCcA07sw
blXJpGwB+TVlOi9NXm16CtAKLwXW3UoPCGIi7ROeAQL1T3BBRMF7Xtd/HgvnxgP+
VIi6GLvgYRjxU2tj7P8KV0mEwjgdATlFYDMTonW00r6L3KC7Qrvl/SLrnIXNrdv+
W0gUng+46/Cc+MtpNTYLWVe1HL9NY0iSEULr9D5WxX6Oo/ZIkKg88fxk1TTALD1h
biXnDWzKZrnnA/WfHf2H/iwaA5Zf3Y5x
-----END CERTIFICATE-----
Generated at Wed May 15 03:10:47 2024 by rpki-client on console-ams.rpki-client.org