Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/63C38680060D11EFBE35503D017001B1.roa
File: 63C38680060D11EFBE35503D017001B1.roa (raw, json)
Hash identifier: S53W2cTHN2FoY3mJbBI+J66GF/xu5hlyq+XbH7jVyN8=
Subject key identifier: D9:8F:B6:DF:A5:62:31:B0:FF:52:ED:C0:2C:FA:A6:08:51:69:B5:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B20E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/63C38680060D11EFBE35503D017001B1.roa
Signing time: Mon 29 Apr 2024 09:46:45 +0000
ROA not before: Mon 29 Apr 2024 09:46:42 +0000
ROA not after: Wed 15 May 2024 09:46:42 +0000
asID: 5065
IP address blocks: 154.85.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45582 (0xb20e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 29 09:46:42 2024 GMT
Not After : May 15 09:46:42 2024 GMT
Subject: CN=662f6c85-0bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:12:d7:6c:31:c7:c5:ad:10:9e:c8:36:f0:e9:
db:e4:1a:38:4d:0c:5e:8c:e8:32:9a:a3:44:9d:e2:
e3:c2:cb:32:6e:31:44:e6:17:85:b7:9f:04:be:47:
9f:54:f2:8a:bd:35:16:2e:1f:98:a9:f2:19:fa:67:
3b:91:e1:02:77:11:67:ed:c5:ba:75:2f:3d:d1:73:
25:da:10:21:a0:f0:02:96:de:38:69:74:6a:1e:19:
c4:39:ea:cd:55:76:22:a8:0a:cf:1f:a8:cc:e1:a6:
ea:b6:cd:cf:4a:40:ee:50:ba:85:07:d6:cc:2f:10:
b8:91:d1:0f:cb:31:18:f7:3b:eb:41:36:81:5a:3c:
40:33:84:63:cf:d6:ef:39:f3:40:21:de:9e:31:57:
39:55:c9:f8:2e:c3:21:4c:56:e7:8c:ad:a3:47:e4:
b3:d1:ba:45:ec:e8:9b:ab:df:9f:72:ac:1a:b0:8a:
87:6b:eb:31:a3:1e:54:59:eb:33:75:22:63:38:89:
84:4f:9d:d2:13:9c:23:60:4e:f0:8f:41:19:af:35:
62:9c:14:25:97:c7:c3:7d:d3:f6:8c:63:46:8a:8f:
91:ad:bf:be:5f:0f:41:73:29:72:24:f3:0f:f4:12:
3d:fb:39:81:8a:58:07:e7:73:03:0c:6a:85:08:fa:
4b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:8F:B6:DF:A5:62:31:B0:FF:52:ED:C0:2C:FA:A6:08:51:69:B5:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/63C38680060D11EFBE35503D017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.20.0/22
Signature Algorithm: sha256WithRSAEncryption
31:59:6e:e2:48:46:01:53:4d:93:d3:c1:7f:e6:5d:83:2a:b5:
03:cd:7c:1e:9c:1a:cf:5c:61:9b:8b:aa:46:47:4e:cd:f6:19:
1e:c0:f0:99:7a:1e:ce:59:3d:2c:c0:57:10:d7:b7:ae:63:17:
e0:2e:1f:a8:6f:82:39:dc:8c:1b:11:80:c7:02:0a:17:8c:cb:
a4:f8:61:7d:8d:c2:69:15:a5:60:31:18:b8:0a:51:ba:28:e5:
9e:4a:f2:74:27:2b:b0:89:49:62:ed:5f:ce:9d:cc:88:d8:12:
1a:d8:f2:46:95:a0:0e:26:ae:0d:af:74:22:6d:42:ab:50:09:
9e:4e:dd:32:2b:26:db:15:a9:2a:1c:b0:04:bd:ce:4c:ba:51:
07:0e:ff:8b:24:95:47:7f:ad:a3:04:60:ba:1e:3f:17:ec:7f:
77:d4:3d:2b:86:58:69:5b:0a:15:93:ad:44:19:38:15:f5:af:
19:74:60:c1:ef:da:12:77:09:c9:e9:f6:26:e8:a2:4c:fb:c7:
33:2e:0a:b4:c3:26:29:87:c8:da:71:e0:a8:d5:16:d4:e6:8a:
d7:9d:7d:58:4b:41:38:c1:04:47:07:fe:f8:7a:28:cd:90:da:
fa:06:16:bb:12:d3:ca:15:a9:19:e7:d3:96:35:b0:8e:4a:65:
6f:e2:7d:0e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALIOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDI5MDk0NjQyWhcNMjQwNTE1MDk0NjQyWjAYMRYw
FAYDVQQDEw02NjJmNmM4NS0wYmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtRLXbDHHxa0Qnsg28Onb5Bo4TQxejOgymqNEneLjwssybjFE5heFt58E
vkefVPKKvTUWLh+YqfIZ+mc7keECdxFn7cW6dS890XMl2hAhoPAClt44aXRqHhnE
OerNVXYiqArPH6jM4abqts3PSkDuULqFB9bMLxC4kdEPyzEY9zvrQTaBWjxAM4Rj
z9bvOfNAId6eMVc5Vcn4LsMhTFbnjK2jR+Sz0bpF7Oibq9+fcqwasIqHa+sxox5U
WeszdSJjOImET53SE5wjYE7wj0EZrzVinBQll8fDfdP2jGNGio+Rrb++Xw9Bcyly
JPMP9BI9+zmBilgH53MDDGqFCPpLJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNmP
tt+lYjGw/1LtwCz6pghRabUeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82M0MzODY4MDA2MEQxMUVGQkUzNTUwM0QwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlUUMA0GCSqGSIb3DQEB
CwUAA4IBAQAxWW7iSEYBU02T08F/5l2DKrUDzXwenBrPXGGbi6pGR07N9hkewPCZ
eh7OWT0swFcQ17euYxfgLh+ob4I53IwbEYDHAgoXjMuk+GF9jcJpFaVgMRi4ClG6
KOWeSvJ0JyuwiUli7V/OncyI2BIa2PJGlaAOJq4Nr3QibUKrUAmeTt0yKybbFakq
HLAEvc5MulEHDv+LJJVHf62jBGC6Hj8X7H931D0rhlhpWwoVk61EGTgV9a8ZdGDB
79oSdwnJ6fYm6KJM+8czLgq0wyYph8jaceCo1RbU5orXnX1YS0E4wQRHB/74eijN
kNr6Bha7EtPKFakZ59OWNbCOSmVv4n0O
-----END CERTIFICATE-----
Generated at Thu May 16 01:35:16 2024 by rpki-client on console-fra.rpki-client.org