Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7D3B5F227C311EFBE55E9317DDC24C2.roa
File: A7D3B5F227C311EFBE55E9317DDC24C2.roa (raw, json)
Hash identifier: QplPrXc1pz+YeC+buWktiVvxTc1iaCjfEBappLQQh7c=
Subject key identifier: 10:3A:50:F4:52:28:72:28:EC:0E:29:08:2D:93:9D:55:E3:0C:BF:49
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: C186
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7D3B5F227C311EFBE55E9317DDC24C2.roa
Signing time: Tue 11 Jun 2024 07:24:36 +0000
ROA not before: Tue 11 Jun 2024 07:24:33 +0000
ROA not after: Thu 20 Jun 2024 07:24:33 +0000
asID: 139811
IP address blocks: 154.91.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49542 (0xc186)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 11 07:24:33 2024 GMT
Not After : Jun 20 07:24:33 2024 GMT
Subject: CN=6667fbb4-5b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fd:8d:07:65:b2:27:8f:42:0d:d7:0b:e2:ad:
00:c9:ef:f9:09:34:ff:c9:59:b7:ac:5f:ae:8e:aa:
00:ec:ee:c0:f4:63:b6:cd:c8:b4:e1:c3:88:84:80:
21:f9:ec:89:59:f3:7a:6b:8e:24:e7:8e:7d:66:ca:
61:84:5e:fe:45:0c:31:70:22:03:d7:70:70:71:0c:
3d:87:d3:e4:f5:a8:16:8f:2c:44:50:d3:ca:96:c3:
c8:12:a7:ed:7a:0d:6a:ff:ce:4d:26:cc:14:1f:53:
38:c5:ec:14:fb:3b:28:c3:e1:50:33:5d:f9:1d:93:
e2:85:06:ad:01:98:a5:1b:14:85:bb:b5:0c:a0:71:
a1:78:e7:c2:4a:60:6d:e2:4a:46:5a:67:45:53:1b:
0b:6f:3b:d5:6a:7c:a8:06:49:5c:c2:3c:df:6d:0c:
3d:15:c2:13:52:d1:cf:d6:4a:41:3c:c2:b3:aa:eb:
f6:d9:46:93:e0:8d:37:e2:b4:95:29:7f:59:ca:93:
b9:fd:34:54:30:e8:c2:c5:5d:53:3a:5f:42:dc:0e:
58:17:eb:16:8f:bf:c8:21:c1:9f:a2:85:8f:9d:a0:
33:4a:07:d7:b3:cd:2e:f7:50:59:4b:12:b5:de:37:
d5:8e:0c:84:19:ce:46:aa:9a:47:7e:f2:a8:f2:c1:
66:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:3A:50:F4:52:28:72:28:EC:0E:29:08:2D:93:9D:55:E3:0C:BF:49
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7D3B5F227C311EFBE55E9317DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.39.0/24
Signature Algorithm: sha256WithRSAEncryption
00:fd:0a:b7:9a:9e:68:b0:4f:8e:e7:af:f1:69:f0:40:82:c8:
39:78:4f:af:ae:60:0f:f5:c5:d8:1b:ed:28:57:16:03:ea:62:
30:e3:46:8d:04:70:73:04:59:83:f8:c6:77:8c:65:e3:18:28:
d8:1b:2d:a0:a0:7d:1b:ae:d5:a3:d5:3f:19:78:74:02:25:93:
00:96:b8:0c:57:25:05:5a:27:49:3f:0a:1f:25:4c:6f:5b:53:
f7:fa:a1:6b:70:8c:57:1a:b3:5c:ab:3b:83:ac:a2:e0:d6:d4:
e6:cd:da:d4:cb:23:29:13:94:00:4b:95:f1:97:c9:da:9c:63:
b2:4c:93:48:47:b1:c9:c7:d8:4e:69:ee:f0:43:cd:da:b4:3d:
a1:98:90:b9:d3:d8:15:13:11:5e:2a:3c:69:20:0d:14:24:71:
b4:26:e2:7c:d8:28:1e:5c:1f:f8:db:6a:45:c3:dc:9f:36:de:
7a:fa:a7:e8:0e:59:12:75:d0:1f:77:67:d8:fc:72:f6:ad:65:
2e:7a:9f:ce:e2:c9:4b:d3:81:b3:41:f5:85:f4:76:24:2c:c5:
3e:b5:06:c2:e4:a9:f8:e6:75:3b:79:9d:6d:03:f8:e8:de:1e:
d4:30:d9:53:d8:6f:ef:f9:e6:b2:83:7e:ea:78:52:56:22:0b:
4a:3a:68:48
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAMGGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNjExMDcyNDMzWhcNMjQwNjIwMDcyNDMzWjAYMRYw
FAYDVQQDEw02NjY3ZmJiNC01YjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt/2NB2WyJ49CDdcL4q0Aye/5CTT/yVm3rF+ujqoA7O7A9GO2zci04cOI
hIAh+eyJWfN6a44k5459ZsphhF7+RQwxcCID13BwcQw9h9Pk9agWjyxEUNPKlsPI
Eqfteg1q/85NJswUH1M4xewU+zsow+FQM135HZPihQatAZilGxSFu7UMoHGheOfC
SmBt4kpGWmdFUxsLbzvVanyoBklcwjzfbQw9FcITUtHP1kpBPMKzquv22UaT4I03
4rSVKX9ZypO5/TRUMOjCxV1TOl9C3A5YF+sWj7/IIcGfooWPnaAzSgfXs80u91BZ
SxK13jfVjgyEGc5GqppHfvKo8sFmIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBA6
UPRSKHIo7A4pCC2TnVXjDL9JMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BN0QzQjVGMjI3QzMxMUVGQkU1NUU5MzE3RERDMjRDMi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlsnMA0GCSqGSIb3DQEB
CwUAA4IBAQAA/Qq3mp5osE+O56/xafBAgsg5eE+vrmAP9cXYG+0oVxYD6mIw40aN
BHBzBFmD+MZ3jGXjGCjYGy2goH0brtWj1T8ZeHQCJZMAlrgMVyUFWidJPwofJUxv
W1P3+qFrcIxXGrNcqzuDrKLg1tTmzdrUyyMpE5QAS5Xxl8nanGOyTJNIR7HJx9hO
ae7wQ83atD2hmJC509gVExFeKjxpIA0UJHG0JuJ82CgeXB/422pFw9yfNt56+qfo
DlkSddAfd2fY/HL2rWUuep/O4slL04GzQfWF9HYkLMU+tQbC5Kn45nU7eZ1tA/jo
3h7UMNlT2G/v+eayg37qeFJWIgtKOmhI
-----END CERTIFICATE-----
Generated at Thu Jun 20 10:20:59 2024 by rpki-client on console-fra.rpki-client.org