Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5450A8960DBE11EF85EB0B64017001B1.roa
File: 5450A8960DBE11EF85EB0B64017001B1.roa (raw, json)
Hash identifier: 0LFpAF+TTqwv7ujVPQSS+RNUAjpJtX0uSYKIHJu0tTw=
Subject key identifier: B2:DB:76:52:BC:53:5F:D2:45:4F:6B:75:D2:56:A3:65:F8:AF:BF:A5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B5E3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5450A8960DBE11EF85EB0B64017001B1.roa
Signing time: Thu 09 May 2024 04:40:58 +0000
ROA not before: Thu 09 May 2024 04:40:55 +0000
ROA not after: Sun 19 May 2024 04:40:55 +0000
asID: 5065
IP address blocks: 154.94.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46563 (0xb5e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 04:40:55 2024 GMT
Not After : May 19 04:40:55 2024 GMT
Subject: CN=663c53da-2308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1d:7e:37:5c:33:23:60:52:1f:2e:28:8c:8c:
bd:08:2f:2e:bd:77:8c:33:23:5c:39:e7:cd:91:5c:
ad:cd:a0:5d:5d:82:68:64:09:8e:8c:44:66:e5:a0:
ad:84:b1:9d:3d:51:0b:45:0c:75:a1:62:5b:cc:cb:
37:f2:b8:4b:ae:2a:b0:16:0f:9f:d6:82:78:63:19:
0e:af:68:fb:77:14:77:e1:9a:f9:fe:79:47:d0:e1:
79:7f:cd:52:31:1a:91:b9:ab:7a:cc:7a:92:02:2e:
3e:04:b7:53:df:88:fb:5c:e7:70:a1:85:a9:06:74:
27:e3:7c:e8:19:a4:e6:97:d1:ff:32:da:05:c2:d2:
0e:9e:fb:b1:46:0d:96:0c:99:ab:a2:10:6d:50:b3:
5e:82:a2:30:5d:1d:58:54:4c:c6:c2:4e:50:b0:1c:
36:bd:0a:02:50:68:7b:61:7c:66:f0:49:17:63:72:
24:46:a2:ee:f5:62:48:9d:20:a6:a8:8a:24:c6:14:
f3:ae:dc:a2:ec:ef:5d:fb:9c:45:c8:d3:26:93:7e:
88:d4:09:2c:86:07:2c:e6:ce:01:03:2e:d4:d3:7b:
dd:5b:1e:85:8f:f0:ec:d0:12:89:8c:e3:8b:df:58:
ea:52:86:cb:17:27:36:11:dd:55:24:fe:92:b5:19:
4b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DB:76:52:BC:53:5F:D2:45:4F:6B:75:D2:56:A3:65:F8:AF:BF:A5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5450A8960DBE11EF85EB0B64017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.47.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:4e:6b:8e:89:d0:46:a2:1b:55:78:0b:69:c1:39:a9:f6:15:
a0:b3:dc:e7:9f:fa:d3:d6:cf:ab:13:b7:f6:a6:f0:9a:0a:5e:
6a:31:3e:4e:a5:a2:0d:f4:9d:c2:21:24:3e:9a:57:5c:49:b7:
32:75:69:03:71:bc:76:b1:0d:93:7b:85:bd:2d:d0:9e:14:97:
bc:4f:28:d4:60:50:5f:90:d4:f2:8a:99:31:46:c2:3d:58:f0:
7b:96:50:17:63:7c:42:89:c6:8c:75:d6:b9:7f:80:12:7a:f5:
86:33:7a:6b:ef:ea:c9:5f:37:bc:16:b8:fa:b4:48:30:27:cc:
c5:dd:b0:ba:bb:a3:35:b1:e9:e6:25:0c:b6:cb:59:4d:e0:de:
e7:1e:96:ae:2e:2f:da:7a:95:b5:09:bb:d4:30:5d:5e:6b:73:
79:9b:ed:c1:21:78:b1:c5:43:19:09:cf:c6:76:81:5d:8e:b9:
60:8c:6a:e4:b2:3e:bb:21:77:a8:1d:77:84:f7:a1:76:dc:95:
56:c3:86:94:25:be:d3:28:ee:44:a6:81:e0:31:6a:5b:38:71:
ce:8d:3f:6b:bd:79:5b:ee:48:3e:80:1c:2a:ec:41:ba:ca:16:
97:49:62:74:e1:e6:0e:89:a6:9d:5f:26:ea:3f:a3:f1:ee:ab:
e1:3d:29:db
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALXjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA5MDQ0MDU1WhcNMjQwNTE5MDQ0MDU1WjAYMRYw
FAYDVQQDEw02NjNjNTNkYS0yMzA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtR1+N1wzI2BSHy4ojIy9CC8uvXeMMyNcOefNkVytzaBdXYJoZAmOjERm
5aCthLGdPVELRQx1oWJbzMs38rhLriqwFg+f1oJ4YxkOr2j7dxR34Zr5/nlH0OF5
f81SMRqRuat6zHqSAi4+BLdT34j7XOdwoYWpBnQn43zoGaTml9H/MtoFwtIOnvux
Rg2WDJmrohBtULNegqIwXR1YVEzGwk5QsBw2vQoCUGh7YXxm8EkXY3IkRqLu9WJI
nSCmqIokxhTzrtyi7O9d+5xFyNMmk36I1Akshgcs5s4BAy7U03vdWx6Fj/Ds0BKJ
jOOL31jqUobLFyc2Ed1VJP6StRlLXwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLLb
dlK8U1/SRU9rddJWo2X4r7+lMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NDUwQTg5NjBEQkUxMUVGODVFQjBCNjQwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4vMA0GCSqGSIb3DQEB
CwUAA4IBAQAcTmuOidBGohtVeAtpwTmp9hWgs9znn/rT1s+rE7f2pvCaCl5qMT5O
paIN9J3CISQ+mldcSbcydWkDcbx2sQ2Te4W9LdCeFJe8TyjUYFBfkNTyipkxRsI9
WPB7llAXY3xCicaMdda5f4ASevWGM3pr7+rJXze8Frj6tEgwJ8zF3bC6u6M1senm
JQy2y1lN4N7nHpauLi/aepW1CbvUMF1ea3N5m+3BIXixxUMZCc/GdoFdjrlgjGrk
sj67IXeoHXeE96F23JVWw4aUJb7TKO5EpoHgMWpbOHHOjT9rvXlb7kg+gBwq7EG6
yhaXSWJ04eYOiaadXybqP6Px7qvhPSnb
-----END CERTIFICATE-----
Generated at Mon May 20 01:57:48 2024 by rpki-client on console-fra.rpki-client.org