Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A4838F006DF11EF92D9596C017001B1.roa
File: 8A4838F006DF11EF92D9596C017001B1.roa (raw, json)
Hash identifier: 53qUdGLm5yS9m54JFEOPeYvHCToiB052ZCaCqExj1xw=
Subject key identifier: F6:1D:20:7D:5A:C1:69:02:98:B5:2F:3D:99:D6:C8:B5:C3:36:7E:80
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B2F9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A4838F006DF11EF92D9596C017001B1.roa
Signing time: Tue 30 Apr 2024 10:51:04 +0000
ROA not before: Tue 30 Apr 2024 10:51:01 +0000
ROA not after: Sat 11 May 2024 10:51:01 +0000
asID: 63888
IP address blocks: 154.209.64.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45817 (0xb2f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 10:51:01 2024 GMT
Not After : May 11 10:51:01 2024 GMT
Subject: CN=6630cd18-0632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:48:a3:12:db:33:cb:b5:87:53:7e:4e:de:db:
c0:65:74:eb:5a:ad:2e:e4:ea:26:67:a8:f2:25:57:
41:df:de:58:ac:5b:74:26:de:f0:63:d7:c0:21:25:
62:4c:5c:c0:8d:00:3f:af:0e:a8:5a:0a:c5:ba:8d:
37:00:36:43:1a:3e:0f:ac:00:bc:47:3c:3f:7c:5b:
60:19:ff:60:da:c2:98:81:fd:5e:7d:9d:fb:f9:e4:
51:eb:ed:73:67:34:b5:ed:ce:57:15:c9:66:23:9f:
9a:28:c5:43:bd:72:3e:13:9b:44:0b:2c:35:01:8a:
0a:53:85:ed:6f:06:f3:f5:06:96:62:f8:9c:06:27:
74:58:a6:16:be:2a:c0:0f:54:fe:fa:07:3b:60:a1:
da:98:61:6c:a4:42:c3:e1:60:1b:38:ac:b8:6c:b5:
e9:cc:90:d2:7b:d1:95:32:32:5f:36:ca:62:43:d4:
43:a5:d6:cb:1a:ae:c4:3b:bd:13:dc:8a:51:d6:a6:
fc:c4:03:b2:36:4f:bc:51:00:d2:03:c2:c0:c7:70:
7b:11:4e:8a:10:7b:ec:8d:ee:9c:21:67:3a:4d:3d:
dd:84:45:94:d8:ae:98:3a:95:6a:f0:2e:0b:d9:67:
82:f1:3a:d2:32:51:71:5d:6a:c4:da:e6:00:08:a5:
7e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:1D:20:7D:5A:C1:69:02:98:B5:2F:3D:99:D6:C8:B5:C3:36:7E:80
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A4838F006DF11EF92D9596C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.64.0/21
Signature Algorithm: sha256WithRSAEncryption
76:52:1c:bc:ef:81:fb:f8:23:53:a3:cd:2b:dd:ff:c8:fa:93:
4e:67:17:36:dc:d6:53:98:8a:45:23:ae:3b:ba:fb:e0:26:6f:
63:9d:ba:55:98:e5:2b:bd:e1:43:94:af:15:b5:4e:90:4d:b2:
94:4d:6c:e3:13:d0:31:cb:0f:cd:01:82:8b:c6:3c:7d:c3:86:
fc:bb:d9:f9:11:56:c8:da:cf:2c:57:74:d3:e7:13:28:72:a7:
1d:11:c7:08:63:ab:a3:b0:2e:ec:da:33:13:7d:e2:11:8b:04:
10:a4:eb:84:e8:d0:80:e2:36:ac:d6:5c:fa:37:4a:72:33:ad:
09:71:50:da:73:72:c3:cf:6a:83:37:d1:66:ac:bc:4f:ae:cb:
f6:a3:81:78:9e:ca:e3:2e:6d:20:3f:f0:e5:e2:59:aa:fa:ae:
90:0b:93:a8:7c:2d:7f:7f:72:b3:cc:34:a7:06:ee:4e:a0:6f:
b4:7f:a6:16:e6:31:66:02:ba:af:24:96:ac:ed:8d:f0:23:d0:
f9:77:9b:64:f9:c0:46:84:38:f4:dd:87:60:24:3b:13:ca:e5:
3d:31:4b:ab:c2:88:2e:9e:e8:b7:3f:d2:44:9b:ea:f5:52:15:
32:d1:cd:cb:27:3f:65:3f:04:dd:37:ef:e3:44:4c:40:a5:27:
78:a1:b7:65
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALL5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDMwMTA1MTAxWhcNMjQwNTExMTA1MTAxWjAYMRYw
FAYDVQQDEw02NjMwY2QxOC0wNjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAykijEtszy7WHU35O3tvAZXTrWq0u5OomZ6jyJVdB395YrFt0Jt7wY9fA
ISViTFzAjQA/rw6oWgrFuo03ADZDGj4PrAC8Rzw/fFtgGf9g2sKYgf1efZ37+eRR
6+1zZzS17c5XFclmI5+aKMVDvXI+E5tECyw1AYoKU4Xtbwbz9QaWYvicBid0WKYW
virAD1T++gc7YKHamGFspELD4WAbOKy4bLXpzJDSe9GVMjJfNspiQ9RDpdbLGq7E
O70T3IpR1qb8xAOyNk+8UQDSA8LAx3B7EU6KEHvsje6cIWc6TT3dhEWU2K6YOpVq
8C4L2WeC8TrSMlFxXWrE2uYACKV+hQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPYd
IH1awWkCmLUvPZnWyLXDNn6AMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QTQ4MzhGMDA2REYxMUVGOTJEOTU5NkMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtFAMA0GCSqGSIb3DQEB
CwUAA4IBAQB2Uhy874H7+CNTo80r3f/I+pNOZxc23NZTmIpFI647uvvgJm9jnbpV
mOUrveFDlK8VtU6QTbKUTWzjE9Axyw/NAYKLxjx9w4b8u9n5EVbI2s8sV3TT5xMo
cqcdEccIY6ujsC7s2jMTfeIRiwQQpOuE6NCA4jas1lz6N0pyM60JcVDac3LDz2qD
N9FmrLxPrsv2o4F4nsrjLm0gP/Dl4lmq+q6QC5OofC1/f3KzzDSnBu5OoG+0f6YW
5jFmArqvJJas7Y3wI9D5d5tk+cBGhDj03YdgJDsTyuU9MUurwogunui3P9JEm+r1
UhUy0c3LJz9lPwTdN+/jRExApSd4obdl
-----END CERTIFICATE-----
Generated at Sun May 12 02:36:21 2024 by rpki-client on console-ams.rpki-client.org