Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D11B05C07B011EFB3A78C11017001B1.roa
File: 9D11B05C07B011EFB3A78C11017001B1.roa (raw, json)
Hash identifier: lpjpOyYYNHyD6/EZWu3aqxVNV0yzYuzB30AvafevTwU=
Subject key identifier: DC:42:EC:94:F8:5B:8D:44:C4:1A:96:2C:A7:81:95:47:F7:E6:EB:5D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B3A3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D11B05C07B011EFB3A78C11017001B1.roa
Signing time: Wed 01 May 2024 11:47:40 +0000
ROA not before: Wed 01 May 2024 11:47:37 +0000
ROA not after: Sat 11 May 2024 11:47:37 +0000
asID: 44559
IP address blocks: 154.203.192.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45987 (0xb3a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 11:47:37 2024 GMT
Not After : May 11 11:47:37 2024 GMT
Subject: CN=66322bdc-d6e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8c:97:8c:ba:89:84:05:18:95:ed:5b:47:33:
45:0f:4f:45:92:50:16:82:ab:f2:fc:8c:ca:1b:d5:
97:12:4a:32:7b:7d:ff:5f:2b:06:0f:bc:01:cc:ea:
cc:b4:d3:b5:10:a1:f2:9d:b3:99:e0:ab:51:78:c5:
b2:22:10:4e:d5:b5:61:81:ba:38:45:a5:a4:c8:65:
d4:dd:aa:4b:7f:a8:3d:4f:75:49:d8:e7:a2:9d:c0:
ba:71:93:13:1e:df:f0:46:c4:7e:3a:c3:69:74:15:
81:70:3e:9b:16:7f:ba:ac:67:1d:2b:59:e0:25:a4:
bc:3d:fc:d5:d4:f8:d9:53:9f:e3:0b:49:35:0c:77:
65:d3:62:e2:8b:66:b8:08:f6:2e:ba:dc:bf:88:20:
8b:54:ab:40:eb:ce:29:af:28:b7:e7:42:52:50:e6:
f3:18:e0:e1:8b:26:45:47:cd:c3:4d:fc:a6:fe:35:
59:63:a4:31:18:fe:15:a0:ff:86:f1:01:b7:64:f4:
a4:5d:04:ff:dd:2f:24:b9:a2:e8:36:45:a4:1d:6a:
b6:77:b6:1b:89:78:ea:7e:a6:47:bb:29:d7:44:f0:
c7:f0:8d:ff:8b:c8:76:40:ed:e1:75:04:67:95:72:
5c:57:2a:41:26:ef:c6:5a:7a:5d:90:09:f5:58:6c:
78:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:42:EC:94:F8:5B:8D:44:C4:1A:96:2C:A7:81:95:47:F7:E6:EB:5D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D11B05C07B011EFB3A78C11017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.192.0/19
Signature Algorithm: sha256WithRSAEncryption
86:e6:2e:a9:dc:82:03:22:79:69:c3:d6:76:f0:ce:86:41:3e:
24:91:dc:1d:d1:f9:7a:8a:8e:ad:7a:44:b8:e7:aa:90:0e:f3:
2b:75:c5:e4:91:39:14:ce:61:5c:d3:eb:21:87:64:59:78:e5:
a2:3f:82:f5:f6:f2:d8:56:60:f0:81:c5:fe:89:28:f7:90:d7:
f4:4d:de:ca:90:b8:e1:70:ee:28:c2:63:70:9d:dd:19:02:69:
82:81:71:26:58:cd:fa:e8:64:2a:42:a8:ea:35:29:bd:21:a3:
f7:3d:a5:8d:a4:bf:01:d2:68:63:0e:53:79:f7:31:79:aa:4c:
ad:ee:6e:d8:6b:a9:b1:23:5b:09:05:f8:b9:41:96:01:b0:ff:
07:e2:18:20:cc:2e:ab:39:1a:35:3a:d7:59:b6:aa:6b:3c:08:
41:5a:97:26:89:8c:80:9f:65:c8:32:b8:cc:d9:fb:5f:97:1c:
08:be:d0:56:8b:57:80:d4:99:94:e3:b3:0c:7b:7a:c3:56:78:
65:56:4a:a3:29:22:8f:d0:16:b4:5c:04:9f:0f:17:02:ff:24:
6a:2d:c5:74:64:7c:78:11:6d:24:2f:b8:a3:a8:40:9d:94:f5:
1a:5f:2c:c0:6a:ea:72:30:6b:5f:19:0d:c4:aa:6c:bd:19:5e:
6a:4b:40:06
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALOjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTAxMTE0NzM3WhcNMjQwNTExMTE0NzM3WjAYMRYw
FAYDVQQDEw02NjMyMmJkYy1kNmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA34yXjLqJhAUYle1bRzNFD09FklAWgqvy/IzKG9WXEkoye33/XysGD7wB
zOrMtNO1EKHynbOZ4KtReMWyIhBO1bVhgbo4RaWkyGXU3apLf6g9T3VJ2OeincC6
cZMTHt/wRsR+OsNpdBWBcD6bFn+6rGcdK1ngJaS8PfzV1PjZU5/jC0k1DHdl02Li
i2a4CPYuuty/iCCLVKtA684pryi350JSUObzGODhiyZFR83DTfym/jVZY6QxGP4V
oP+G8QG3ZPSkXQT/3S8kuaLoNkWkHWq2d7YbiXjqfqZHuynXRPDH8I3/i8h2QO3h
dQRnlXJcVypBJu/GWnpdkAn1WGx4zwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNxC
7JT4W41ExBqWLKeBlUf35utdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RDExQjA1QzA3QjAxMUVGQjNBNzhDMTEwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmsvAMA0GCSqGSIb3DQEB
CwUAA4IBAQCG5i6p3IIDInlpw9Z28M6GQT4kkdwd0fl6io6tekS456qQDvMrdcXk
kTkUzmFc0+shh2RZeOWiP4L19vLYVmDwgcX+iSj3kNf0Td7KkLjhcO4owmNwnd0Z
AmmCgXEmWM366GQqQqjqNSm9IaP3PaWNpL8B0mhjDlN59zF5qkyt7m7Ya6mxI1sJ
Bfi5QZYBsP8H4hggzC6rORo1OtdZtqprPAhBWpcmiYyAn2XIMrjM2ftflxwIvtBW
i1eA1JmU47MMe3rDVnhlVkqjKSKP0Ba0XASfDxcC/yRqLcV0ZHx4EW0kL7ijqECd
lPUaXyzAaupyMGtfGQ3Eqmy9GV5qS0AG
-----END CERTIFICATE-----
Generated at Sun May 12 01:39:48 2024 by rpki-client on console-fra.rpki-client.org