Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5CB9434E014311EF8D038B2E017001B1.roa
File: 5CB9434E014311EF8D038B2E017001B1.roa (raw, json)
Hash identifier: kiUrXlckux6f8SIuoLhdMYhAEhRGAwSnbdoDqvjpUKo=
Subject key identifier: D6:A5:D5:95:EB:E5:A3:7A:FE:6E:EB:12:C9:9B:C2:BB:63:52:6E:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AEE5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5CB9434E014311EF8D038B2E017001B1.roa
Signing time: Tue 23 Apr 2024 07:30:30 +0000
ROA not before: Tue 23 Apr 2024 07:30:27 +0000
ROA not after: Sat 11 May 2024 07:30:27 +0000
asID: 399989
IP address blocks: 154.194.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44773 (0xaee5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 23 07:30:27 2024 GMT
Not After : May 11 07:30:27 2024 GMT
Subject: CN=66276396-c24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e0:62:a4:81:59:5b:48:47:60:d4:b7:52:5e:
8a:b6:50:97:b8:d0:2b:62:55:64:9a:5c:96:2e:bd:
e1:80:61:fe:26:2e:64:e9:b8:a9:42:53:f6:e6:b7:
e3:63:83:c4:dc:02:76:8f:6c:14:cc:e5:e8:84:17:
a5:f8:5e:1b:82:68:04:27:60:63:b9:88:95:8c:18:
8a:c0:bc:87:0c:44:12:04:7b:d9:ee:42:f4:28:e2:
58:77:08:d3:d7:c7:ff:19:9a:5e:2a:0a:1c:ec:f5:
73:96:b3:52:bb:16:24:c1:4f:3d:54:05:56:36:bd:
d4:6e:e9:c8:b7:83:9e:a1:39:d8:41:cf:fd:60:b3:
03:66:5b:58:93:88:c6:b4:67:ee:2c:33:a5:53:49:
7e:5b:b2:48:f8:df:d7:f5:14:ca:4a:92:75:3e:86:
51:ef:03:02:0b:ea:ca:92:9c:a8:08:bc:ad:35:63:
a1:c2:6c:10:eb:a4:0a:16:ba:bc:b8:a6:db:44:3f:
8a:82:11:68:88:a8:50:6b:39:b3:52:f6:48:af:82:
71:ba:ed:fc:8a:10:02:91:2c:32:b1:9a:b9:16:cf:
f7:29:71:18:50:d5:f4:ad:38:ef:ec:13:f6:95:5e:
71:7c:f6:f9:c7:ce:2a:f2:c7:91:e0:4a:f2:db:f8:
db:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A5:D5:95:EB:E5:A3:7A:FE:6E:EB:12:C9:9B:C2:BB:63:52:6E:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5CB9434E014311EF8D038B2E017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.24.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:ee:8d:c1:47:2f:3f:96:44:9d:c8:e1:d0:45:d8:12:21:5a:
64:75:74:72:67:0c:ff:d3:0f:1d:56:eb:ae:ed:c7:af:f2:b4:
ea:1d:dc:18:53:8e:cc:8c:b0:a7:b9:6d:69:f7:43:7d:a4:5f:
30:10:72:11:32:98:54:1c:7e:15:a1:66:92:40:4a:8d:ef:51:
b6:4c:bc:8d:d7:b0:0e:67:18:11:10:47:90:91:48:89:9b:55:
07:f9:10:39:ca:43:cb:4e:04:98:e4:50:0c:76:65:56:df:03:
a7:81:41:f6:f1:3f:44:39:0b:2e:7a:e6:7e:cf:50:b3:f0:04:
7c:9e:2e:eb:37:c4:26:52:98:c6:35:ca:7f:65:69:15:5e:b8:
8a:f0:76:5d:3c:1d:87:83:a3:b0:0f:3a:f1:b2:e2:f2:f6:43:
67:f6:06:dd:73:2b:07:e7:17:b6:7f:94:b2:db:a0:6c:34:7c:
90:b2:79:f3:81:24:a6:30:60:4b:2a:57:70:57:19:c7:92:df:
26:77:ff:b6:a3:6b:de:40:7f:8f:c1:c4:e3:55:41:93:93:3f:
70:92:06:a3:f2:c6:5d:c4:8d:ea:30:b9:a1:13:86:45:30:4e:
07:a2:d8:d5:48:7b:11:b4:3f:ed:47:ce:65:19:2a:22:aa:ec:
8e:7b:00:af
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK7lMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDIzMDczMDI3WhcNMjQwNTExMDczMDI3WjAYMRYw
FAYDVQQDEw02NjI3NjM5Ni1jMjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAueBipIFZW0hHYNS3Ul6KtlCXuNArYlVkmlyWLr3hgGH+Ji5k6bipQlP2
5rfjY4PE3AJ2j2wUzOXohBel+F4bgmgEJ2BjuYiVjBiKwLyHDEQSBHvZ7kL0KOJY
dwjT18f/GZpeKgoc7PVzlrNSuxYkwU89VAVWNr3UbunIt4OeoTnYQc/9YLMDZltY
k4jGtGfuLDOlU0l+W7JI+N/X9RTKSpJ1PoZR7wMCC+rKkpyoCLytNWOhwmwQ66QK
Frq8uKbbRD+KghFoiKhQazmzUvZIr4Jxuu38ihACkSwysZq5Fs/3KXEYUNX0rTjv
7BP2lV5xfPb5x84q8seR4Ery2/jbewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNal
1ZXr5aN6/m7rEsmbwrtjUm4zMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81Q0I5NDM0RTAxNDMxMUVGOEQwMzhCMkUwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsIYMA0GCSqGSIb3DQEB
CwUAA4IBAQDO7o3BRy8/lkSdyOHQRdgSIVpkdXRyZwz/0w8dVuuu7cev8rTqHdwY
U47MjLCnuW1p90N9pF8wEHIRMphUHH4VoWaSQEqN71G2TLyN17AOZxgREEeQkUiJ
m1UH+RA5ykPLTgSY5FAMdmVW3wOngUH28T9EOQsueuZ+z1Cz8AR8ni7rN8QmUpjG
Ncp/ZWkVXriK8HZdPB2Hg6OwDzrxsuLy9kNn9gbdcysH5xe2f5Sy26BsNHyQsnnz
gSSmMGBLKldwVxnHkt8md/+2o2veQH+PwcTjVUGTkz9wkgaj8sZdxI3qMLmhE4ZF
ME4HotjVSHsRtD/tR85lGSoiquyOewCv
-----END CERTIFICATE-----
Generated at Sun May 12 01:39:47 2024 by rpki-client on console-fra.rpki-client.org