Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FE0E73E0DBB11EF9CC6FF4C017001B1.roa
File: 3FE0E73E0DBB11EF9CC6FF4C017001B1.roa (raw, json)
Hash identifier: em5RwNunBG2L1C2YiWY9EEdwENxsHygR+LcK4EJyKIA=
Subject key identifier: 0B:7A:FD:FB:A9:C1:29:1E:9C:D1:D2:79:26:97:DB:D3:A5:40:AA:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B5C7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FE0E73E0DBB11EF9CC6FF4C017001B1.roa
Signing time: Thu 09 May 2024 04:18:55 +0000
ROA not before: Thu 09 May 2024 04:18:52 +0000
ROA not after: Sat 18 May 2024 04:18:52 +0000
asID: 39600
IP address blocks: 154.95.56.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46535 (0xb5c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 04:18:52 2024 GMT
Not After : May 18 04:18:52 2024 GMT
Subject: CN=663c4eaf-e6bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:34:59:49:d8:2b:26:d5:bd:df:f9:5c:94:7f:
4a:2e:23:9e:33:b1:bf:2e:4d:2c:5d:18:ef:d2:f0:
42:a4:42:9f:bf:84:88:c4:ca:e5:f6:e0:e8:87:7b:
87:a3:1f:44:c8:b1:b9:a1:b8:bd:6e:56:87:2c:46:
56:2f:03:f5:ca:56:45:d1:e8:a0:20:bc:e5:3f:32:
aa:42:17:ad:f3:d5:4d:fa:76:f5:ac:82:b2:06:c1:
62:a3:d1:da:72:3f:53:36:74:01:48:2d:65:14:d8:
15:5b:2f:1c:05:4d:af:ff:91:15:95:da:a8:d9:53:
0d:dc:49:00:02:f0:c3:59:ce:ef:95:cd:ca:ee:ce:
50:d9:c3:79:8c:a8:1e:b5:80:40:9d:e0:06:d9:fe:
f0:21:11:72:fd:7f:d8:b8:83:20:51:50:52:2d:02:
60:c6:f0:87:2d:76:d7:2b:fe:f9:59:43:41:60:cf:
0a:b3:43:c0:38:db:30:02:0c:8a:19:d8:73:9f:d5:
62:e8:8e:9b:ca:05:54:61:f3:fb:df:69:34:2e:4f:
b0:ae:a9:8f:06:b3:fe:d3:3b:86:27:2d:6d:36:ae:
f7:21:70:fe:57:4a:f8:56:c0:84:aa:1d:a0:15:a1:
73:3d:e3:68:9a:6c:80:29:f3:70:4b:9d:94:2b:f2:
36:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:7A:FD:FB:A9:C1:29:1E:9C:D1:D2:79:26:97:DB:D3:A5:40:AA:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FE0E73E0DBB11EF9CC6FF4C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.56.0/21
Signature Algorithm: sha256WithRSAEncryption
8b:68:49:6a:23:de:01:f0:db:0d:49:c8:dc:b7:9b:37:f5:da:
aa:bd:9a:88:50:d8:72:1f:6f:3e:f4:80:dd:78:39:bd:92:9d:
22:a7:b1:66:29:8d:ac:90:6f:7e:9b:33:fc:e4:b1:73:92:0d:
30:25:97:d1:02:f7:d6:d8:48:75:e3:dd:ba:36:0b:cb:9f:60:
a2:5e:61:b0:ea:b1:ed:04:a0:e4:6c:fe:43:55:23:41:ee:f4:
c2:c8:ad:8f:6e:ef:1c:3d:73:01:46:3e:28:6e:df:6d:2b:0b:
f9:d7:0b:12:51:c8:87:d5:03:f0:33:e9:27:b0:29:56:23:77:
a8:5d:e0:78:ea:d4:27:fc:3e:2c:82:b6:9b:b0:b0:a7:3b:cb:
15:68:c9:e0:00:40:54:65:5a:50:77:4b:25:5f:f0:f3:02:e1:
60:44:d6:2a:e6:8b:0b:0d:56:a8:32:03:82:07:fa:94:5e:7f:
e7:4e:52:f6:c2:66:37:97:95:26:87:d0:74:37:48:75:fa:c2:
2d:11:e0:ad:a6:d8:03:92:6f:bd:21:5b:eb:2f:2a:50:e9:7c:
13:79:55:21:fd:49:54:a2:aa:45:0d:49:03:74:e5:77:6c:a5:
00:31:d2:8b:db:11:5a:07:da:ec:93:3c:de:52:e4:f8:14:98:
15:19:aa:38
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALXHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA5MDQxODUyWhcNMjQwNTE4MDQxODUyWjAYMRYw
FAYDVQQDEw02NjNjNGVhZi1lNmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtDRZSdgrJtW93/lclH9KLiOeM7G/Lk0sXRjv0vBCpEKfv4SIxMrl9uDo
h3uHox9EyLG5obi9blaHLEZWLwP1ylZF0eigILzlPzKqQhet89VN+nb1rIKyBsFi
o9Hacj9TNnQBSC1lFNgVWy8cBU2v/5EVldqo2VMN3EkAAvDDWc7vlc3K7s5Q2cN5
jKgetYBAneAG2f7wIRFy/X/YuIMgUVBSLQJgxvCHLXbXK/75WUNBYM8Ks0PAONsw
AgyKGdhzn9Vi6I6bygVUYfP732k0Lk+wrqmPBrP+0zuGJy1tNq73IXD+V0r4VsCE
qh2gFaFzPeNommyAKfNwS52UK/I2IwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAt6
/fupwSkenNHSeSaX29OlQKoAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRkUwRTczRTBEQkIxMUVGOUNDNkZGNEMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDml84MA0GCSqGSIb3DQEB
CwUAA4IBAQCLaElqI94B8NsNScjct5s39dqqvZqIUNhyH28+9IDdeDm9kp0ip7Fm
KY2skG9+mzP85LFzkg0wJZfRAvfW2Eh14926NgvLn2CiXmGw6rHtBKDkbP5DVSNB
7vTCyK2Pbu8cPXMBRj4obt9tKwv51wsSUciH1QPwM+knsClWI3eoXeB46tQn/D4s
grabsLCnO8sVaMngAEBUZVpQd0slX/DzAuFgRNYq5osLDVaoMgOCB/qUXn/nTlL2
wmY3l5Umh9B0N0h1+sItEeCtptgDkm+9IVvrLypQ6XwTeVUh/UlUoqpFDUkDdOV3
bKUAMdKL2xFaB9rskzzeUuT4FJgVGao4
-----END CERTIFICATE-----
Generated at Sun May 19 02:08:29 2024 by rpki-client on console-ams.rpki-client.org