Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CDBE50E0DBD11EF87A66C5E017001B1.roa
File: 9CDBE50E0DBD11EF87A66C5E017001B1.roa (raw, json)
Hash identifier: nDnGI4hJz3YChew9gwAFZZmLd108wpsDgib6qxEKqr4=
Subject key identifier: CE:05:9D:F8:E3:2F:CE:BB:50:1A:CF:FA:72:7E:3A:B3:8F:7D:93:6D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B5D9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CDBE50E0DBD11EF87A66C5E017001B1.roa
Signing time: Thu 09 May 2024 04:35:50 +0000
ROA not before: Thu 09 May 2024 04:35:47 +0000
ROA not after: Sun 19 May 2024 04:35:47 +0000
asID: 5065
IP address blocks: 154.94.56.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46553 (0xb5d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 04:35:47 2024 GMT
Not After : May 19 04:35:47 2024 GMT
Subject: CN=663c52a6-ce93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2e:70:d7:ff:8a:cf:ae:09:e4:95:c6:7c:ee:
09:8a:c3:ac:01:64:45:e3:ae:e3:ed:ca:78:67:1e:
07:b6:16:72:80:44:6b:f3:0f:fc:01:f3:aa:6b:04:
a9:91:a9:eb:74:24:fd:a9:26:a2:07:23:7b:fa:a6:
6f:87:fa:ed:11:d5:17:24:8d:81:95:cf:1b:ae:5b:
e3:a8:99:e0:73:f5:63:e0:64:99:ab:8c:b4:63:d6:
d3:c0:64:09:c8:78:ce:6b:60:b8:04:52:9b:3c:f1:
e2:0a:c6:18:00:c1:0a:31:61:e2:54:a0:e5:0e:75:
53:4e:e0:f2:a2:9b:d3:26:63:ae:65:8d:0a:a7:bd:
fb:73:0b:a8:bf:f6:d7:b4:57:e8:ed:95:bb:af:0d:
53:34:5f:64:f5:6b:6b:f2:63:63:7e:ce:36:d5:88:
2b:af:f8:5a:e0:98:b1:90:5e:3c:8c:36:9e:2d:a2:
cf:86:c0:af:b3:78:35:e4:26:ca:15:fa:19:1c:ae:
84:0d:ff:a3:27:ba:c4:7c:24:cb:79:16:38:3c:62:
96:58:6c:bd:fa:8a:aa:ea:5f:6c:9e:4c:b0:da:c6:
e0:fe:04:7e:ed:8c:5b:70:c5:4b:fe:fb:df:a4:9e:
17:f8:b0:d4:c9:ae:0f:f2:60:d0:28:12:ee:e9:a9:
a9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:05:9D:F8:E3:2F:CE:BB:50:1A:CF:FA:72:7E:3A:B3:8F:7D:93:6D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CDBE50E0DBD11EF87A66C5E017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.56.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:6e:56:4c:db:52:f0:b9:d4:0d:a7:ea:a5:a7:85:92:c4:eb:
dc:7f:cf:3a:b1:36:de:31:98:bb:62:57:6d:fb:74:69:0f:37:
d8:54:c6:f8:0e:c7:36:92:54:4d:11:4e:41:9d:c8:e0:88:df:
f6:57:97:38:63:f0:38:26:08:f7:48:99:0a:3b:de:e0:26:68:
49:ed:6a:ba:f6:28:25:04:6b:da:fc:fe:7d:9d:68:09:6e:60:
c0:ce:23:b3:15:6a:d2:49:26:1b:65:71:ac:5b:b5:76:4b:8e:
63:3c:62:d9:29:af:29:90:f4:7f:e7:71:a7:b6:84:1e:66:32:
0d:6d:9f:48:ff:b0:f6:33:a6:84:c1:0b:56:11:a9:1f:60:44:
64:44:b6:56:fc:00:dc:fe:16:f2:9c:54:c0:de:b2:1d:ea:b0:
5c:d5:68:65:ad:88:59:ac:e3:3b:41:d0:e2:7a:03:b0:91:e3:
31:44:ff:af:c0:db:e6:3e:04:7a:5f:6e:09:c0:be:23:7b:fd:
25:18:ec:5a:94:c1:78:58:c7:4e:6c:a5:af:da:6a:b0:f4:4b:
22:d6:c9:38:df:a9:23:b7:30:0f:2a:51:60:3b:e6:07:0b:e9:
12:0d:fb:4e:e6:43:c3:e0:f3:d7:bc:aa:b2:1c:f2:ef:cf:ec:
a1:92:6f:e6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALXZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA5MDQzNTQ3WhcNMjQwNTE5MDQzNTQ3WjAYMRYw
FAYDVQQDEw02NjNjNTJhNi1jZTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAui5w1/+Kz64J5JXGfO4JisOsAWRF467j7cp4Zx4HthZygERr8w/8AfOq
awSpkanrdCT9qSaiByN7+qZvh/rtEdUXJI2Blc8brlvjqJngc/Vj4GSZq4y0Y9bT
wGQJyHjOa2C4BFKbPPHiCsYYAMEKMWHiVKDlDnVTTuDyopvTJmOuZY0Kp737cwuo
v/bXtFfo7ZW7rw1TNF9k9Wtr8mNjfs421Ygrr/ha4JixkF48jDaeLaLPhsCvs3g1
5CbKFfoZHK6EDf+jJ7rEfCTLeRY4PGKWWGy9+oqq6l9snkyw2sbg/gR+7YxbcMVL
/vvfpJ4X+LDUya4P8mDQKBLu6amp9QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM4F
nfjjL867UBrP+nJ+OrOPfZNtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85Q0RCRTUwRTBEQkQxMUVGODdBNjZDNUUwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml44MA0GCSqGSIb3DQEB
CwUAA4IBAQBPblZM21LwudQNp+qlp4WSxOvcf886sTbeMZi7Yldt+3RpDzfYVMb4
Dsc2klRNEU5BncjgiN/2V5c4Y/A4Jgj3SJkKO97gJmhJ7Wq69iglBGva/P59nWgJ
bmDAziOzFWrSSSYbZXGsW7V2S45jPGLZKa8pkPR/53GntoQeZjINbZ9I/7D2M6aE
wQtWEakfYERkRLZW/ADc/hbynFTA3rId6rBc1WhlrYhZrOM7QdDiegOwkeMxRP+v
wNvmPgR6X24JwL4je/0lGOxalMF4WMdObKWv2mqw9Esi1sk436kjtzAPKlFgO+YH
C+kSDftO5kPD4PPXvKqyHPLvz+yhkm/m
-----END CERTIFICATE-----
Generated at Mon May 20 01:57:14 2024 by rpki-client on console-ams.rpki-client.org