Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FD321BA0B7911EFAA1D9565017001B1.roa
File: 8FD321BA0B7911EFAA1D9565017001B1.roa (raw, json)
Hash identifier: oYex8SrYEiWm3i19muGSiatgyQd2+vi3XlQkIaIk6ak=
Subject key identifier: 9C:FA:95:C4:19:96:C7:AF:37:F0:68:C4:63:E0:E5:79:E6:71:6A:DB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B532
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FD321BA0B7911EFAA1D9565017001B1.roa
Signing time: Mon 06 May 2024 07:23:40 +0000
ROA not before: Mon 06 May 2024 07:23:37 +0000
ROA not after: Thu 16 May 2024 07:23:37 +0000
asID: 139646
IP address blocks: 154.216.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46386 (0xb532)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 6 07:23:37 2024 GMT
Not After : May 16 07:23:37 2024 GMT
Subject: CN=6638857c-34a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:59:a4:5a:03:8e:51:cf:84:c5:bc:c6:d3:d5:
93:29:e5:c1:96:58:54:5a:db:d3:a9:40:7f:bf:ed:
f2:87:56:90:72:c9:d6:97:e2:be:69:ef:28:9c:0f:
e6:0c:bf:b4:34:ab:19:9c:24:dd:09:50:b9:1d:ca:
17:11:30:a0:14:42:a6:e4:a3:27:22:33:f0:e9:49:
f0:9d:79:c7:1a:18:56:09:99:4f:df:5b:e8:dc:c9:
b5:57:d7:60:da:c7:33:b7:88:d7:f4:99:f8:f1:ab:
48:1a:a8:0f:db:78:fa:16:3e:22:2f:b3:c6:4a:69:
0d:0c:6c:f6:2d:35:fe:2f:6c:87:14:38:39:3b:0d:
9e:69:62:74:cd:3d:e9:11:11:8f:75:89:6a:d4:bb:
32:16:e5:62:81:bd:71:8e:ff:fc:36:1b:76:4e:d2:
e9:73:2d:6c:a0:1d:37:82:09:ee:a3:cb:35:d6:6f:
b9:5d:b6:56:64:5d:37:80:d5:d5:3e:ad:59:02:8c:
9c:b8:6f:f6:68:82:f7:63:6e:2f:9e:58:65:e9:47:
59:24:fb:39:b9:d7:98:ae:1c:6e:21:0f:ec:9d:4a:
b1:54:32:a9:ba:aa:4b:02:7d:bf:c6:1c:5a:c2:df:
12:b8:3e:63:6c:99:e6:33:43:36:9d:aa:9f:f2:30:
97:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:FA:95:C4:19:96:C7:AF:37:F0:68:C4:63:E0:E5:79:E6:71:6A:DB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FD321BA0B7911EFAA1D9565017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.128.0/18
Signature Algorithm: sha256WithRSAEncryption
47:f2:af:b9:61:51:08:5a:c6:1f:56:76:79:90:47:ae:1b:cb:
66:f9:a7:78:d5:ed:63:24:fc:f4:b1:5c:d9:85:5e:23:fb:19:
cc:40:de:d9:92:40:dc:80:c1:8e:b6:b1:b1:ac:24:b7:95:fb:
9c:b9:1a:32:82:76:ab:21:3f:af:9a:62:55:f9:40:ed:af:40:
f3:04:8f:7b:82:e4:ef:f3:fb:06:ca:ea:75:dc:3f:ba:a1:0d:
64:db:70:4e:cf:de:ca:cc:e8:48:d8:e4:67:ae:a2:d6:ed:ef:
c1:34:41:8a:4f:da:b6:f0:bb:c1:9b:5a:98:0d:57:27:0e:d3:
81:ba:6b:4a:00:06:e2:3d:34:e9:26:a5:76:98:90:2c:8c:d5:
e7:86:d0:cc:12:3b:3f:6f:d5:ed:8a:f9:5e:1d:86:eb:07:6e:
a9:e5:b6:e9:6e:b3:f5:6a:18:d2:11:0e:af:5f:df:8f:4d:4a:
59:ba:5b:d2:bb:64:32:d3:35:51:0d:51:66:17:7e:43:a9:36:
08:d2:64:da:2b:06:6f:72:3a:f8:6b:6f:f9:59:71:ea:37:9f:
3c:f2:64:a0:26:89:3a:c6:23:95:ec:53:79:f7:f4:d9:21:36:
91:6f:75:49:42:c5:73:da:ef:d9:4a:66:85:7f:ee:c1:09:46:
89:46:be:64
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALUyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA2MDcyMzM3WhcNMjQwNTE2MDcyMzM3WjAYMRYw
FAYDVQQDEw02NjM4ODU3Yy0zNGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArlmkWgOOUc+ExbzG09WTKeXBllhUWtvTqUB/v+3yh1aQcsnWl+K+ae8o
nA/mDL+0NKsZnCTdCVC5HcoXETCgFEKm5KMnIjPw6UnwnXnHGhhWCZlP31vo3Mm1
V9dg2sczt4jX9Jn48atIGqgP23j6Fj4iL7PGSmkNDGz2LTX+L2yHFDg5Ow2eaWJ0
zT3pERGPdYlq1LsyFuVigb1xjv/8Nht2TtLpcy1soB03ggnuo8s11m+5XbZWZF03
gNXVPq1ZAoycuG/2aIL3Y24vnlhl6UdZJPs5udeYrhxuIQ/snUqxVDKpuqpLAn2/
xhxawt8SuD5jbJnmM0M2naqf8jCXOwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJz6
lcQZlsevN/BoxGPg5XnmcWrbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RkQzMjFCQTBCNzkxMUVGQUExRDk1NjUwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmtiAMA0GCSqGSIb3DQEB
CwUAA4IBAQBH8q+5YVEIWsYfVnZ5kEeuG8tm+ad41e1jJPz0sVzZhV4j+xnMQN7Z
kkDcgMGOtrGxrCS3lfucuRoygnarIT+vmmJV+UDtr0DzBI97guTv8/sGyup13D+6
oQ1k23BOz97KzOhI2ORnrqLW7e/BNEGKT9q28LvBm1qYDVcnDtOBumtKAAbiPTTp
JqV2mJAsjNXnhtDMEjs/b9XtivleHYbrB26p5bbpbrP1ahjSEQ6vX9+PTUpZulvS
u2Qy0zVRDVFmF35DqTYI0mTaKwZvcjr4a2/5WXHqN5888mSgJok6xiOV7FN59/TZ
ITaRb3VJQsVz2u/ZSmaFf+7BCUaJRr5k
-----END CERTIFICATE-----
Generated at Fri May 17 02:04:04 2024 by rpki-client on console-fra.rpki-client.org