Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86852D84088A11EFA0FDD5FE007001B1.roa
File: 86852D84088A11EFA0FDD5FE007001B1.roa (raw, json)
Hash identifier: 1QiXF6OAEq7Vn6XspJYjlsTiuQJSbO0sixnvwo//Sv8=
Subject key identifier: 5A:47:51:1F:62:1A:9A:F1:00:90:08:83:38:AD:08:EE:8A:3F:75:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B3F6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86852D84088A11EFA0FDD5FE007001B1.roa
Signing time: Thu 02 May 2024 13:47:33 +0000
ROA not before: Thu 02 May 2024 13:47:29 +0000
ROA not after: Sun 12 May 2024 13:47:29 +0000
asID: 39600
IP address blocks: 154.94.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46070 (0xb3f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 2 13:47:29 2024 GMT
Not After : May 12 13:47:29 2024 GMT
Subject: CN=66339975-bc89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a6:ea:89:0b:72:07:37:dc:b8:d9:ec:6d:58:
00:76:21:88:74:fc:b7:35:97:20:d2:9b:32:68:cc:
ab:6a:91:33:a9:21:f3:42:49:31:bc:4d:7a:e8:c0:
d4:ca:ba:33:bc:35:b4:84:0d:21:23:55:36:62:1a:
94:f4:8b:99:93:9f:f3:bf:b6:31:cc:07:ea:e1:e0:
4d:86:98:f7:8d:74:1f:08:c2:44:67:1d:ec:41:78:
dc:8a:57:ff:ec:b8:f8:06:db:d5:7d:6d:29:cb:4b:
09:4a:dd:47:a2:dc:be:58:7b:ff:b9:4a:2f:4d:05:
41:df:a5:bc:20:50:75:78:8e:72:1c:e1:b0:f6:c4:
0d:4c:3b:89:68:8c:a7:5a:e1:dc:95:c2:d2:1e:66:
2b:7c:f2:0b:4b:9c:f1:fe:ab:b0:1d:c9:b7:54:6c:
88:8b:07:77:a4:a4:d3:eb:7d:b9:6a:a7:6e:da:7f:
f1:4b:35:cd:c0:92:0c:9e:6f:ca:b9:90:fb:e0:c1:
a8:28:c5:ce:d6:0f:b9:34:a9:fc:77:da:ec:f5:f3:
75:60:26:f9:17:ca:bf:b0:c9:ce:bd:5b:20:c7:8b:
92:1b:71:68:0d:b9:3c:61:77:53:42:24:0f:0c:ce:
e6:ab:b4:cd:1b:24:b4:b5:aa:b2:31:0a:0c:b6:dd:
a4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:47:51:1F:62:1A:9A:F1:00:90:08:83:38:AD:08:EE:8A:3F:75:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86852D84088A11EFA0FDD5FE007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.59.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:8b:59:bc:2f:ac:1b:8a:0a:f9:53:14:27:7f:62:2a:82:a5:
0f:39:aa:62:2f:7c:2f:36:34:7e:2f:f6:2d:65:1d:de:b0:bd:
9e:2e:74:dc:49:e4:9c:e1:9d:b9:30:63:d4:ae:40:7f:57:ee:
a4:dc:a6:54:50:01:48:ea:34:d9:02:2a:58:36:86:4c:bf:20:
a0:93:fb:6b:f5:f9:15:de:3e:5e:e6:d5:82:c2:2d:34:16:2f:
85:c7:4e:2d:69:62:35:54:f8:25:d8:58:9b:ee:39:63:9c:39:
fc:bf:a0:80:01:bb:12:9f:67:4a:a0:7d:c5:99:a5:f4:2d:a3:
17:55:f0:9e:9e:e6:f5:e7:0c:47:4b:82:a6:79:c1:18:ab:40:
58:92:d8:30:a3:79:dc:d7:d2:67:d1:b1:1f:b3:11:7b:c4:30:
c5:c1:97:92:b8:96:e5:96:fe:ce:af:8c:0f:18:e4:43:9c:40:
e5:77:0e:60:3d:9b:89:a7:76:b4:6a:76:97:04:20:29:51:7b:
3d:a2:6e:c4:dc:93:6b:4f:29:a0:91:45:95:7c:52:1b:e8:02:
cc:d2:1e:b7:1e:ac:41:4e:1a:5a:af:84:83:6e:30:60:d9:d2:
e1:85:96:99:3b:8e:a1:ab:5b:0d:d9:01:c4:f9:43:53:df:58:
fd:a8:1f:3a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALP2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTAyMTM0NzI5WhcNMjQwNTEyMTM0NzI5WjAYMRYw
FAYDVQQDEw02NjMzOTk3NS1iYzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2KbqiQtyBzfcuNnsbVgAdiGIdPy3NZcg0psyaMyrapEzqSHzQkkxvE16
6MDUyrozvDW0hA0hI1U2YhqU9IuZk5/zv7YxzAfq4eBNhpj3jXQfCMJEZx3sQXjc
ilf/7Lj4BtvVfW0py0sJSt1Hoty+WHv/uUovTQVB36W8IFB1eI5yHOGw9sQNTDuJ
aIynWuHclcLSHmYrfPILS5zx/quwHcm3VGyIiwd3pKTT6325aqdu2n/xSzXNwJIM
nm/KuZD74MGoKMXO1g+5NKn8d9rs9fN1YCb5F8q/sMnOvVsgx4uSG3FoDbk8YXdT
QiQPDM7mq7TNGyS0taqyMQoMtt2k3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFpH
UR9iGprxAJAIgzitCO6KP3U+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84Njg1MkQ4NDA4OEExMUVGQTBGREQ1RkUwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml47MA0GCSqGSIb3DQEB
CwUAA4IBAQCLi1m8L6wbigr5UxQnf2IqgqUPOapiL3wvNjR+L/YtZR3esL2eLnTc
SeSc4Z25MGPUrkB/V+6k3KZUUAFI6jTZAipYNoZMvyCgk/tr9fkV3j5e5tWCwi00
Fi+Fx04taWI1VPgl2Fib7jljnDn8v6CAAbsSn2dKoH3FmaX0LaMXVfCenub15wxH
S4KmecEYq0BYktgwo3nc19Jn0bEfsxF7xDDFwZeSuJbllv7Or4wPGORDnEDldw5g
PZuJp3a0anaXBCApUXs9om7E3JNrTymgkUWVfFIb6ALM0h63HqxBThpar4SDbjBg
2dLhhZaZO46hq1sN2QHE+UNT31j9qB86
-----END CERTIFICATE-----
Generated at Mon May 13 01:46:22 2024 by rpki-client on console-ams.rpki-client.org