Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A4AE39740CED11EFAD25FE3E017001B1.roa
File: A4AE39740CED11EFAD25FE3E017001B1.roa (raw, json)
Hash identifier: oUpzaz4vjnGZ9eEqfwp9g8NKFfr2Urlny+oxQYnprpk=
Subject key identifier: 5E:9B:B6:C1:95:B2:CC:2B:7F:DA:B1:10:C0:AB:3A:31:7B:B5:28:CA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B58C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A4AE39740CED11EFAD25FE3E017001B1.roa
Signing time: Wed 08 May 2024 03:47:08 +0000
ROA not before: Wed 08 May 2024 03:47:05 +0000
ROA not after: Sat 18 May 2024 03:47:05 +0000
asID: 39600
IP address blocks: 154.207.232.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46476 (0xb58c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 03:47:05 2024 GMT
Not After : May 18 03:47:05 2024 GMT
Subject: CN=663af5bc-d99d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:42:0b:55:45:98:13:4a:2f:1e:bc:26:5f:61:
fe:0f:7c:1f:d4:8c:12:05:5c:6c:b8:10:62:99:5b:
86:6f:2d:b7:93:04:7e:38:26:3b:5f:26:62:5c:99:
68:57:18:87:37:d1:59:b3:b9:8e:30:10:44:10:e2:
23:66:73:a0:cc:e1:d0:d4:ec:7e:e5:86:b3:5e:b4:
5e:17:43:44:d2:e2:81:70:21:0f:b2:1e:f1:91:09:
18:23:f2:70:8f:85:77:dc:24:44:27:32:87:fa:8b:
03:e8:e8:96:22:a1:99:9f:81:69:1b:b0:c8:db:45:
57:d5:1e:87:d4:01:4a:47:a9:c9:e2:69:96:da:c4:
18:aa:7f:fd:5e:9e:d0:3e:f9:1c:4b:44:23:77:b4:
d8:df:f2:03:ad:ba:39:53:56:5d:2e:92:13:89:8a:
15:02:5c:4b:03:64:15:7f:3e:44:d4:fe:11:f8:58:
ee:2e:1e:4c:48:bc:ea:ce:0f:a6:46:78:bd:50:dd:
22:f3:54:7d:c9:9a:f5:22:4a:bf:93:f4:d3:ee:16:
c0:6f:12:5a:2a:a0:06:38:f4:86:2b:ee:6f:a6:81:
9a:be:71:80:65:9b:e1:d2:84:16:4e:57:3c:9d:3a:
ab:a1:22:a9:0a:20:de:19:80:a2:d9:05:e9:a7:59:
05:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:9B:B6:C1:95:B2:CC:2B:7F:DA:B1:10:C0:AB:3A:31:7B:B5:28:CA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A4AE39740CED11EFAD25FE3E017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.232.0/21
Signature Algorithm: sha256WithRSAEncryption
88:fc:d2:6b:77:cb:55:7e:41:40:39:d8:0a:20:7d:88:bc:7e:
89:6c:0e:8f:e9:bc:4a:e4:4d:2c:f1:33:dc:46:d4:24:ee:90:
d5:5e:dc:19:e1:96:16:4d:31:41:28:ba:5f:cc:dd:36:b6:a5:
d6:18:9f:c6:f9:67:e4:02:6d:4d:07:cb:7b:cf:cf:e0:d1:71:
fa:22:35:8d:97:c0:67:1d:69:15:f9:cc:1c:ee:22:81:ce:60:
4b:3d:22:70:2e:47:c2:84:fa:4b:b5:e5:a7:b6:2d:0b:99:b7:
49:3a:01:9f:b9:aa:28:05:75:e7:bb:87:d5:29:9b:5b:db:8d:
e6:69:c9:0d:48:84:75:27:34:2d:c3:e4:f0:cc:4d:e3:e9:c5:
ee:c4:2f:f4:ad:fe:75:02:d7:6a:ba:46:0b:93:7c:fc:7b:00:
d8:44:db:93:44:24:4c:29:9a:e9:26:79:67:96:6b:fa:cc:34:
4e:6f:e8:2d:14:4f:8b:c1:2e:85:da:10:a9:c1:59:c6:9a:96:
70:bd:02:74:a0:5a:72:1a:6b:b0:5c:26:d5:a7:2c:32:67:86:
4e:08:5e:75:6a:b7:3c:91:88:ce:1e:dd:22:b5:c4:d8:b9:0c:
3b:ca:11:97:fb:2b:7d:22:d3:05:62:aa:41:74:92:42:cc:ac:
aa:93:1b:ed
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALWMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA4MDM0NzA1WhcNMjQwNTE4MDM0NzA1WjAYMRYw
FAYDVQQDEw02NjNhZjViYy1kOTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7EILVUWYE0ovHrwmX2H+D3wf1IwSBVxsuBBimVuGby23kwR+OCY7XyZi
XJloVxiHN9FZs7mOMBBEEOIjZnOgzOHQ1Ox+5YazXrReF0NE0uKBcCEPsh7xkQkY
I/Jwj4V33CREJzKH+osD6OiWIqGZn4FpG7DI20VX1R6H1AFKR6nJ4mmW2sQYqn/9
Xp7QPvkcS0Qjd7TY3/IDrbo5U1ZdLpITiYoVAlxLA2QVfz5E1P4R+FjuLh5MSLzq
zg+mRni9UN0i81R9yZr1Ikq/k/TT7hbAbxJaKqAGOPSGK+5vpoGavnGAZZvh0oQW
Tlc8nTqroSKpCiDeGYCi2QXpp1kFRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF6b
tsGVsswrf9qxEMCrOjF7tSjKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNEFFMzk3NDBDRUQxMUVGQUQyNUZFM0UwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDms/oMA0GCSqGSIb3DQEB
CwUAA4IBAQCI/NJrd8tVfkFAOdgKIH2IvH6JbA6P6bxK5E0s8TPcRtQk7pDVXtwZ
4ZYWTTFBKLpfzN02tqXWGJ/G+WfkAm1NB8t7z8/g0XH6IjWNl8BnHWkV+cwc7iKB
zmBLPSJwLkfChPpLteWnti0LmbdJOgGfuaooBXXnu4fVKZtb243mackNSIR1JzQt
w+TwzE3j6cXuxC/0rf51AtdqukYLk3z8ewDYRNuTRCRMKZrpJnlnlmv6zDROb+gt
FE+LwS6F2hCpwVnGmpZwvQJ0oFpyGmuwXCbVpywyZ4ZOCF51arc8kYjOHt0itcTY
uQw7yhGX+yt9ItMFYqpBdJJCzKyqkxvt
-----END CERTIFICATE-----
Generated at Sun May 19 02:08:29 2024 by rpki-client on console-ams.rpki-client.org