Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D0C2BD006D011EFA942DB6F017001B1.roa
File: 5D0C2BD006D011EFA942DB6F017001B1.roa (raw, json)
Hash identifier: Q27b1jSzvva6FEPlQegIHV1pKddc6Ch7VAuSQwXCUP0=
Subject key identifier: 5D:55:4A:95:29:89:B9:AC:1C:9E:05:B7:C1:EC:8B:E9:1B:74:9D:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B2A7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D0C2BD006D011EFA942DB6F017001B1.roa
Signing time: Tue 30 Apr 2024 09:02:26 +0000
ROA not before: Tue 30 Apr 2024 09:02:22 +0000
ROA not after: Sat 25 May 2024 09:02:22 +0000
asID: 7018
IP address blocks: 154.206.48.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45735 (0xb2a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 09:02:22 2024 GMT
Not After : May 25 09:02:22 2024 GMT
Subject: CN=6630b3a1-1aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:36:61:e7:1b:33:ac:d1:27:dc:4d:9a:fa:6b:
2d:af:6c:30:15:83:6b:55:ba:19:f8:a5:0a:6b:8e:
ab:82:f4:d6:91:78:60:77:e4:9b:b4:ce:70:de:ad:
99:a4:c9:04:f2:08:46:28:4b:0d:87:22:f7:dc:81:
5f:fd:d5:1f:9e:9a:46:d9:24:a3:9c:dd:b5:22:3c:
09:4a:fe:fa:aa:24:be:4a:71:ed:67:1b:8e:e5:65:
e3:65:36:ef:9a:c4:7a:0b:69:ba:83:75:21:67:85:
f8:5d:49:02:f3:b2:a4:04:49:99:ac:3a:1d:60:40:
10:b5:da:97:72:2d:30:ba:fc:28:92:9f:84:54:55:
60:17:86:87:ae:6b:50:0d:ba:8e:c6:5a:f6:5f:4f:
c3:67:e4:3d:43:a1:ff:4f:ca:8d:8f:26:bc:2c:60:
ac:d6:15:9e:97:a1:86:42:33:f4:cc:db:44:e5:7f:
3d:49:d7:47:f3:b0:59:ab:68:3a:28:20:4e:7d:95:
0e:6d:43:0f:93:1f:9d:26:cd:58:22:84:71:e3:68:
f5:fe:ef:31:1d:21:fc:9a:11:cf:d9:59:6a:84:a6:
fc:5f:92:f5:f0:58:45:d9:aa:7e:a8:cb:bf:f6:3b:
87:fd:e3:d5:ce:62:c9:07:21:28:39:1d:69:cb:0f:
76:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:55:4A:95:29:89:B9:AC:1C:9E:05:B7:C1:EC:8B:E9:1B:74:9D:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D0C2BD006D011EFA942DB6F017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.48.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:ba:da:8d:c5:f2:19:2b:29:53:e1:f6:13:87:aa:16:6d:6d:
a4:a1:23:c2:e0:55:4a:a8:7b:c9:89:96:be:4e:40:11:57:68:
11:78:72:d3:61:89:d2:a7:4f:30:e7:5f:1f:97:52:0b:e6:23:
65:0b:c6:a0:d4:b1:e1:f9:0f:8e:1f:c5:9f:12:a5:61:91:19:
f8:58:2a:3c:03:a1:65:5e:14:bf:d2:a5:37:44:22:5c:35:dc:
0a:cf:34:2f:b6:eb:ad:fa:4e:d3:f2:f3:75:c8:a4:7c:3e:34:
f6:19:2f:df:eb:51:90:18:d8:94:13:18:45:58:5c:42:aa:ff:
2d:1d:bc:c5:90:14:21:02:9d:92:d8:51:53:7f:89:c9:6d:03:
35:17:b4:65:e6:c7:c6:b7:51:04:68:92:f7:76:8a:ea:98:e1:
89:c7:94:81:48:14:00:ea:0f:05:c9:75:c2:f0:48:43:b9:3f:
9f:3a:b3:93:d7:3d:79:84:e5:fd:82:57:9b:22:c8:88:17:81:
ba:f8:79:35:fa:dc:37:b7:69:da:4f:2e:c5:56:8a:17:ae:5a:
71:7c:e1:ae:fa:94:20:d8:87:dc:cf:fd:be:69:92:c5:2f:ed:
2e:57:ba:12:36:56:31:ef:a8:29:be:e5:5b:e4:da:f2:97:a5:
0c:39:75:bc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALKnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDMwMDkwMjIyWhcNMjQwNTI1MDkwMjIyWjAYMRYw
FAYDVQQDEw02NjMwYjNhMS0xYWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApTZh5xszrNEn3E2a+mstr2wwFYNrVboZ+KUKa46rgvTWkXhgd+SbtM5w
3q2ZpMkE8ghGKEsNhyL33IFf/dUfnppG2SSjnN21IjwJSv76qiS+SnHtZxuO5WXj
ZTbvmsR6C2m6g3UhZ4X4XUkC87KkBEmZrDodYEAQtdqXci0wuvwokp+EVFVgF4aH
rmtQDbqOxlr2X0/DZ+Q9Q6H/T8qNjya8LGCs1hWel6GGQjP0zNtE5X89SddH87BZ
q2g6KCBOfZUObUMPkx+dJs1YIoRx42j1/u8xHSH8mhHP2VlqhKb8X5L18FhF2ap+
qMu/9juH/ePVzmLJByEoOR1pyw92RQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF1V
SpUpibmsHJ4Ft8Hsi+kbdJ0zMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RDBDMkJEMDA2RDAxMUVGQTk0MkRCNkYwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCms4wMA0GCSqGSIb3DQEB
CwUAA4IBAQAKutqNxfIZKylT4fYTh6oWbW2koSPC4FVKqHvJiZa+TkARV2gReHLT
YYnSp08w518fl1IL5iNlC8ag1LHh+Q+OH8WfEqVhkRn4WCo8A6FlXhS/0qU3RCJc
NdwKzzQvtuut+k7T8vN1yKR8PjT2GS/f61GQGNiUExhFWFxCqv8tHbzFkBQhAp2S
2FFTf4nJbQM1F7Rl5sfGt1EEaJL3dorqmOGJx5SBSBQA6g8FyXXC8EhDuT+fOrOT
1z15hOX9glebIsiIF4G6+Hk1+tw3t2naTy7FVooXrlpxfOGu+pQg2Ifcz/2+aZLF
L+0uV7oSNlYx76gpvuVb5Nryl6UMOXW8
-----END CERTIFICATE-----
Generated at Sun May 26 02:14:34 2024 by rpki-client on console-ams.rpki-client.org