Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/834BDD3406CD11EF80836959017001B1.roa
File: 834BDD3406CD11EF80836959017001B1.roa (raw, json)
Hash identifier: 4f4TagA8P7emrT22RuzWDm+gnmZKKR9dVjWEcq4BSh8=
Subject key identifier: F7:B0:3E:07:09:18:C1:06:DD:A7:E9:D5:D7:9B:FA:7E:A8:1A:F5:9B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B28D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/834BDD3406CD11EF80836959017001B1.roa
Signing time: Tue 30 Apr 2024 08:42:01 +0000
ROA not before: Tue 30 Apr 2024 08:41:58 +0000
ROA not after: Sun 26 May 2024 08:41:58 +0000
asID: 133180
IP address blocks: 154.206.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45709 (0xb28d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 08:41:58 2024 GMT
Not After : May 26 08:41:58 2024 GMT
Subject: CN=6630aed9-779d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:86:b2:79:04:e8:59:a3:45:c0:48:ee:97:0d:
cd:34:9f:04:4b:84:7b:61:39:9b:60:80:a7:eb:83:
1a:b8:b5:ac:c0:41:93:3c:c7:85:94:5b:18:47:27:
f5:5c:f7:da:e0:fd:d8:64:d7:e1:11:3d:a4:47:f5:
1e:b9:f8:44:28:a7:83:62:d5:fe:65:b7:e5:c1:19:
b4:c7:d5:39:26:60:ad:76:69:06:17:3d:56:cf:31:
e2:45:32:be:d4:98:55:cc:6f:6b:29:ad:3e:9c:23:
7e:6d:d8:e1:c3:2f:c2:d6:76:16:bd:93:36:87:56:
d9:36:df:09:8a:ef:10:52:7e:c3:c7:bb:37:e6:81:
14:ab:3f:4e:26:df:46:5c:0c:55:b2:f0:c0:56:1b:
4c:01:54:59:17:78:ca:64:8e:b2:03:1b:e7:cc:3a:
0c:6b:41:3e:7f:4e:2b:55:48:1d:14:bb:51:03:a5:
56:47:a3:a0:f7:47:ce:86:1f:c0:8b:e3:9d:e8:d4:
48:7c:14:8f:5e:f0:2d:79:bd:ff:3b:d2:6e:70:8c:
ee:c6:20:e1:aa:2c:ff:9b:43:59:9a:01:b1:2c:31:
7d:96:8d:2f:1f:b0:f1:83:3f:02:7b:32:b1:8e:9f:
b9:9e:f9:26:69:ea:55:93:df:56:62:7f:4e:0f:cc:
a3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B0:3E:07:09:18:C1:06:DD:A7:E9:D5:D7:9B:FA:7E:A8:1A:F5:9B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/834BDD3406CD11EF80836959017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.128.0/18
Signature Algorithm: sha256WithRSAEncryption
a1:ba:04:d3:3f:f7:8b:5b:52:87:cd:2d:e9:1f:c4:db:29:50:
16:b9:06:04:49:82:bb:8c:ea:6c:bf:74:e5:ea:42:22:61:da:
dd:67:a7:56:d7:bf:e3:38:c1:12:62:e5:a7:fd:a9:d3:39:ad:
e9:fd:eb:39:ec:6e:44:05:76:2b:46:c2:99:cd:9a:c8:4f:d5:
c3:d2:ff:23:5c:64:a6:15:89:ef:6e:b4:25:4a:04:f3:09:c6:
45:5d:8c:af:94:95:49:ca:b6:c0:e0:e2:96:fd:18:9e:f8:0c:
9b:24:29:e4:9a:bd:5c:17:b0:eb:e4:36:b6:47:0e:a0:78:5e:
c4:e3:bd:ae:a5:af:05:e5:9f:b6:c6:28:5f:76:2e:ac:0f:8f:
a0:7b:b3:9c:c6:00:44:bf:a8:21:31:94:1c:ad:88:19:0c:b7:
3a:81:12:31:af:52:04:9a:59:92:fa:92:5a:37:5a:24:9c:13:
e1:a3:44:fa:06:04:67:13:4e:e7:8f:75:c3:e5:be:c6:d9:62:
17:bc:6c:7d:1b:25:c6:4c:78:04:01:77:9a:84:00:aa:cc:38:
f8:eb:98:4a:9a:79:40:61:aa:03:18:0d:4b:7f:04:7e:c8:13:
3e:de:6b:5d:a8:1e:48:a3:9c:a8:83:32:85:b8:59:0f:dc:0f:
c7:23:df:e4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALKNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDMwMDg0MTU4WhcNMjQwNTI2MDg0MTU4WjAYMRYw
FAYDVQQDEw02NjMwYWVkOS03NzlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3IayeQToWaNFwEjulw3NNJ8ES4R7YTmbYICn64MauLWswEGTPMeFlFsY
Ryf1XPfa4P3YZNfhET2kR/UeufhEKKeDYtX+ZbflwRm0x9U5JmCtdmkGFz1WzzHi
RTK+1JhVzG9rKa0+nCN+bdjhwy/C1nYWvZM2h1bZNt8Jiu8QUn7Dx7s35oEUqz9O
Jt9GXAxVsvDAVhtMAVRZF3jKZI6yAxvnzDoMa0E+f04rVUgdFLtRA6VWR6Og90fO
hh/Ai+Od6NRIfBSPXvAteb3/O9JucIzuxiDhqiz/m0NZmgGxLDF9lo0vH7Dxgz8C
ezKxjp+5nvkmaepVk99WYn9OD8yjEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPew
PgcJGMEG3afp1deb+n6oGvWbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MzRCREQzNDA2Q0QxMUVGODA4MzY5NTkwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGms6AMA0GCSqGSIb3DQEB
CwUAA4IBAQChugTTP/eLW1KHzS3pH8TbKVAWuQYESYK7jOpsv3Tl6kIiYdrdZ6dW
17/jOMESYuWn/anTOa3p/es57G5EBXYrRsKZzZrIT9XD0v8jXGSmFYnvbrQlSgTz
CcZFXYyvlJVJyrbA4OKW/Rie+AybJCnkmr1cF7Dr5Da2Rw6geF7E472upa8F5Z+2
xihfdi6sD4+ge7OcxgBEv6ghMZQcrYgZDLc6gRIxr1IEmlmS+pJaN1oknBPho0T6
BgRnE07nj3XD5b7G2WIXvGx9GyXGTHgEAXeahACqzDj465hKmnlAYaoDGA1LfwR+
yBM+3mtdqB5Io5yogzKFuFkP3A/HI9/k
-----END CERTIFICATE-----
Generated at Mon May 27 02:19:00 2024 by rpki-client on console-fra.rpki-client.org