Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6CF94A9C037D11EF94D14E57017001B1.roa
File: 6CF94A9C037D11EF94D14E57017001B1.roa (raw, json)
Hash identifier: 0MxT3c0cJdxksBbMGf63Axy3HUGU8dLkf81NjUwiT2g=
Subject key identifier: 63:3E:BA:B3:3A:1C:0A:A3:5E:DC:38:7D:FA:BD:A0:35:B8:D7:B9:07
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B136
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6CF94A9C037D11EF94D14E57017001B1.roa
Signing time: Fri 26 Apr 2024 03:31:11 +0000
ROA not before: Fri 26 Apr 2024 03:31:07 +0000
ROA not after: Sun 26 May 2024 03:31:07 +0000
asID: 62240
IP address blocks: 154.196.16.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45366 (0xb136)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 26 03:31:07 2024 GMT
Not After : May 26 03:31:07 2024 GMT
Subject: CN=662b1ffe-88ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0a:a4:c2:e2:c2:2e:ce:69:e4:6d:ce:f9:ab:
a0:04:55:a1:7b:fb:24:bd:cd:4f:41:cf:ac:48:09:
d3:bf:d2:eb:99:4f:75:ad:9f:f3:17:7a:2d:fd:97:
29:c3:88:ce:3f:37:ad:bd:4e:86:a3:bb:fb:6a:1a:
a6:18:94:ed:77:fd:f2:19:b5:3e:88:08:de:0d:92:
db:39:66:1f:99:cf:03:aa:f2:e2:5d:5c:69:43:10:
c8:50:fa:57:94:8e:b3:42:86:92:2e:3a:bb:14:76:
3b:30:da:d0:2f:09:b7:81:0f:9c:f4:a4:7d:f9:bf:
c1:f8:fb:fa:d5:5e:86:3c:f0:7c:76:8c:df:90:3a:
aa:28:ff:b3:8b:3e:d2:68:04:07:7f:90:56:41:d6:
ff:84:56:19:d6:83:16:5f:b8:f9:43:3d:41:6f:8b:
a7:8b:89:40:a5:c7:ca:a6:d5:4a:39:fb:6a:49:80:
1a:de:83:17:38:61:cd:29:59:4d:7e:15:e1:61:87:
d2:2f:9d:e9:fa:e6:a7:ce:a2:f8:2a:77:bc:10:3d:
b0:1d:0c:d6:cd:c7:bf:13:27:f2:88:f7:47:e4:63:
9e:ed:68:fa:fd:fc:9f:a2:d9:21:12:e0:e3:bd:af:
db:01:98:11:05:0e:31:e8:66:9c:26:85:d3:4e:70:
7a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:3E:BA:B3:3A:1C:0A:A3:5E:DC:38:7D:FA:BD:A0:35:B8:D7:B9:07
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6CF94A9C037D11EF94D14E57017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.16.0/20
Signature Algorithm: sha256WithRSAEncryption
77:ee:bd:55:b8:07:83:55:3c:2f:f2:b8:a3:18:76:ef:8e:63:
0d:c6:bb:9d:72:a0:32:27:55:96:28:98:3e:5b:e2:66:b0:9b:
eb:8b:7e:a4:7d:2d:dc:ee:e1:87:b7:c9:e7:0e:21:28:4f:81:
31:08:d2:51:6b:1d:ff:be:b2:89:48:2c:21:0a:90:dd:ad:00:
8d:b3:e3:bb:2c:42:4a:6b:a3:d2:e7:a6:26:0f:3f:09:45:96:
58:ab:e2:cc:26:b2:c7:3b:44:ba:16:69:16:ec:e5:19:e5:dd:
c1:f5:11:62:7b:2e:4b:0a:e4:c5:bf:5c:ab:98:e5:9e:2b:cb:
c5:36:78:fb:32:3b:cd:89:66:0d:1c:ae:66:20:bb:02:1b:f4:
aa:4e:98:e5:07:44:ea:46:b1:79:8d:e8:0e:c7:27:67:a1:9d:
ca:74:87:a9:e2:3d:b5:ef:3b:3d:89:e4:21:e5:f5:02:35:78:
bd:15:31:6b:c2:1e:6f:07:6f:c3:a6:17:04:a3:a0:fe:c5:89:
79:45:cf:49:80:6c:de:4a:db:a4:be:1d:d1:21:f9:e5:bf:e9:
e6:1c:2c:4f:5d:3b:80:51:c1:be:61:73:0b:57:c4:48:92:40:
cb:40:f4:62:91:8a:ef:45:93:4f:0c:2f:ae:ce:a5:f2:af:62:
2b:c7:98:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALE2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDI2MDMzMTA3WhcNMjQwNTI2MDMzMTA3WjAYMRYw
FAYDVQQDEw02NjJiMWZmZS04OGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwgqkwuLCLs5p5G3O+augBFWhe/skvc1PQc+sSAnTv9LrmU91rZ/zF3ot
/Zcpw4jOPzetvU6Go7v7ahqmGJTtd/3yGbU+iAjeDZLbOWYfmc8DqvLiXVxpQxDI
UPpXlI6zQoaSLjq7FHY7MNrQLwm3gQ+c9KR9+b/B+Pv61V6GPPB8dozfkDqqKP+z
iz7SaAQHf5BWQdb/hFYZ1oMWX7j5Qz1Bb4uni4lApcfKptVKOftqSYAa3oMXOGHN
KVlNfhXhYYfSL53p+uanzqL4Kne8ED2wHQzWzce/EyfyiPdH5GOe7Wj6/fyfotkh
EuDjva/bAZgRBQ4x6GacJoXTTnB6KQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGM+
urM6HAqjXtw4ffq9oDW417kHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82Q0Y5NEE5QzAzN0QxMUVGOTREMTRFNTcwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsQQMA0GCSqGSIb3DQEB
CwUAA4IBAQB37r1VuAeDVTwv8rijGHbvjmMNxrudcqAyJ1WWKJg+W+JmsJvri36k
fS3c7uGHt8nnDiEoT4ExCNJRax3/vrKJSCwhCpDdrQCNs+O7LEJKa6PS56YmDz8J
RZZYq+LMJrLHO0S6FmkW7OUZ5d3B9RFiey5LCuTFv1yrmOWeK8vFNnj7MjvNiWYN
HK5mILsCG/SqTpjlB0TqRrF5jegOxydnoZ3KdIep4j217zs9ieQh5fUCNXi9FTFr
wh5vB2/DphcEo6D+xYl5Rc9JgGzeStukvh3RIfnlv+nmHCxPXTuAUcG+YXMLV8RI
kkDLQPRikYrvRZNPDC+uzqXyr2Irx5jT
-----END CERTIFICATE-----
Generated at Mon May 27 03:45:16 2024 by rpki-client on console-ams.rpki-client.org