Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B88AC6C07AF11EFB8118C0A017001B1.roa
File: 6B88AC6C07AF11EFB8118C0A017001B1.roa (raw, json)
Hash identifier: vdySLISGRUS3nzLVtYs5TyrUsMuGFCvOq0SZG57adFw=
Subject key identifier: 33:ED:FE:D4:39:C5:A5:C2:89:FC:DE:1C:4F:7B:36:21:BE:74:81:D7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B397
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B88AC6C07AF11EFB8118C0A017001B1.roa
Signing time: Wed 01 May 2024 11:39:08 +0000
ROA not before: Wed 01 May 2024 11:39:04 +0000
ROA not after: Fri 17 May 2024 11:39:04 +0000
asID: 151800
IP address blocks: 154.197.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45975 (0xb397)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 11:39:04 2024 GMT
Not After : May 17 11:39:04 2024 GMT
Subject: CN=663229dc-b811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:50:25:98:e5:be:60:fe:f0:90:76:e2:15:1e:
8e:90:62:0d:50:f1:e4:17:4d:c7:27:5f:a4:5b:b8:
55:85:39:c0:52:46:6a:2f:bd:9d:36:3a:7e:92:d4:
22:81:8c:c5:00:2b:b7:a9:26:1e:ee:e7:5e:bd:2e:
b6:64:bc:af:a2:9b:cc:e6:04:b2:49:c8:fd:7e:7b:
7b:1a:34:e7:54:7e:cc:15:80:7a:89:90:30:92:f6:
bf:a4:6f:6b:69:13:57:0a:20:86:65:5c:c5:24:70:
db:96:60:e0:5f:1d:97:94:d2:b3:80:5f:e1:7b:28:
04:e5:aa:58:3e:aa:25:4e:d8:8d:09:49:ed:93:65:
1d:a6:e4:ca:3d:48:ee:5e:e7:c9:fa:fd:b5:1a:90:
91:c4:6b:0e:00:41:f3:c7:89:5f:79:12:23:7f:22:
11:23:32:e7:fb:9f:fb:c4:e9:f9:18:c2:94:10:05:
a9:4f:a2:d1:f3:41:f1:3e:64:1b:20:67:9d:60:60:
34:93:f2:0c:76:ad:ec:5d:24:c7:23:0a:7e:6d:6c:
24:48:dd:bd:83:ee:64:04:1f:72:c5:5e:76:9c:d6:
21:12:9d:22:ac:e9:07:d0:4f:5c:46:44:d5:a0:79:
76:e3:85:d3:1e:35:c3:7b:a2:60:c1:35:3a:dd:bd:
b4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:ED:FE:D4:39:C5:A5:C2:89:FC:DE:1C:4F:7B:36:21:BE:74:81:D7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6B88AC6C07AF11EFB8118C0A017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.96.0/24
Signature Algorithm: sha256WithRSAEncryption
85:08:16:9c:c3:2c:b8:8c:7a:49:95:78:d4:e2:99:f8:d7:fb:
c2:5d:90:fc:d7:e5:27:58:dc:0d:37:90:75:02:ac:77:b3:25:
5b:4c:a6:f6:44:a3:56:d3:eb:13:13:13:a7:b0:6f:57:86:01:
47:38:c0:8d:ac:f1:17:b5:6b:d7:84:53:5c:cf:55:4a:c9:08:
67:d6:25:e1:ea:01:b3:a7:b6:c3:ef:7a:a6:ee:15:61:24:8d:
a4:3e:aa:75:68:92:99:af:09:cb:95:0d:49:41:0a:b5:74:0c:
bb:ba:4f:a7:4d:b5:89:34:23:7d:30:06:96:4e:a4:f0:6a:45:
27:97:3a:d6:26:a5:1b:1d:1b:f5:c2:c0:a2:49:6c:ba:3f:f7:
e0:9d:27:bf:cd:37:bc:1d:e2:69:ae:ec:a1:c1:29:4e:88:ba:
9e:64:c4:f0:fb:12:84:58:d2:8b:52:92:10:28:8d:47:fb:60:
ba:77:ad:ef:bf:9f:14:6b:c2:56:96:db:7b:65:c6:a1:20:36:
ad:6e:36:e7:7d:2f:f9:2b:a5:ec:7b:f3:43:85:2c:2f:fd:6f:
c8:87:de:0c:6a:f3:45:15:0e:e1:6f:33:06:f4:6f:89:82:81:
b2:c2:42:3b:1d:be:d6:af:9a:48:cb:7d:3b:ff:bf:ba:10:70:
27:7d:ea:82
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALOXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTAxMTEzOTA0WhcNMjQwNTE3MTEzOTA0WjAYMRYw
FAYDVQQDEw02NjMyMjlkYy1iODExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw1AlmOW+YP7wkHbiFR6OkGINUPHkF03HJ1+kW7hVhTnAUkZqL72dNjp+
ktQigYzFACu3qSYe7udevS62ZLyvopvM5gSyScj9fnt7GjTnVH7MFYB6iZAwkva/
pG9raRNXCiCGZVzFJHDblmDgXx2XlNKzgF/heygE5apYPqolTtiNCUntk2UdpuTK
PUjuXufJ+v21GpCRxGsOAEHzx4lfeRIjfyIRIzLn+5/7xOn5GMKUEAWpT6LR80Hx
PmQbIGedYGA0k/IMdq3sXSTHIwp+bWwkSN29g+5kBB9yxV52nNYhEp0irOkH0E9c
RkTVoHl244XTHjXDe6JgwTU63b20cQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDPt
/tQ5xaXCifzeHE97NiG+dIHXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82Qjg4QUM2QzA3QUYxMUVGQjgxMThDMEEwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVgMA0GCSqGSIb3DQEB
CwUAA4IBAQCFCBacwyy4jHpJlXjU4pn41/vCXZD81+UnWNwNN5B1Aqx3syVbTKb2
RKNW0+sTExOnsG9XhgFHOMCNrPEXtWvXhFNcz1VKyQhn1iXh6gGzp7bD73qm7hVh
JI2kPqp1aJKZrwnLlQ1JQQq1dAy7uk+nTbWJNCN9MAaWTqTwakUnlzrWJqUbHRv1
wsCiSWy6P/fgnSe/zTe8HeJpruyhwSlOiLqeZMTw+xKEWNKLUpIQKI1H+2C6d63v
v58Ua8JWltt7ZcahIDatbjbnfS/5K6Xse/NDhSwv/W/Ih94MavNFFQ7hbzMG9G+J
goGywkI7Hb7Wr5pIy307/7+6EHAnfeqC
-----END CERTIFICATE-----
Generated at Fri May 17 17:36:44 2024 by rpki-client on console-fra.rpki-client.org