Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1DDD6F0014311EFB3C80D33017001B1.roa
File: B1DDD6F0014311EFB3C80D33017001B1.roa (raw, json)
Hash identifier: DaN/aqpYapmnNXi0A4xFoMMkf2NQc/1+P6CdDJ2w5SE=
Subject key identifier: 58:9C:23:14:14:BD:E3:08:3B:DD:0A:81:D1:BD:E8:A5:0B:1C:08:52
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AEED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1DDD6F0014311EFB3C80D33017001B1.roa
Signing time: Tue 23 Apr 2024 07:32:53 +0000
ROA not before: Tue 23 Apr 2024 07:32:50 +0000
ROA not after: Sat 11 May 2024 07:32:50 +0000
asID: 399989
IP address blocks: 154.194.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44781 (0xaeed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 23 07:32:50 2024 GMT
Not After : May 11 07:32:50 2024 GMT
Subject: CN=66276425-fb3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:21:96:6b:c4:7b:f5:c1:73:af:7e:3a:39:1c:
18:aa:b8:10:70:09:bd:e6:c8:02:58:e8:94:57:51:
60:24:87:01:cb:d1:9a:94:03:c7:34:dc:ac:d2:4f:
7e:6a:4b:d5:aa:20:af:c6:94:3f:f1:c1:ca:b6:85:
42:31:0f:03:60:63:a9:2f:7c:68:63:fe:05:60:bf:
23:a3:8b:e9:dd:ce:af:4a:b3:05:84:28:1a:05:42:
f3:25:10:2d:43:25:aa:d6:bd:7a:9d:4b:0b:a6:51:
b2:6a:ca:9f:9c:c9:e1:be:b5:2d:68:5f:e0:f0:bf:
93:03:9f:ed:6b:60:47:b7:eb:47:dd:55:74:fa:5e:
80:0e:a9:47:12:31:da:9f:92:d5:96:be:6d:15:96:
81:2c:f2:a2:5f:e3:c6:2b:94:9f:47:cd:44:03:02:
6a:be:56:ab:bb:47:22:99:0f:e2:de:c4:29:74:7a:
2a:bf:e6:6b:67:c3:18:2c:e0:bd:ee:03:63:47:b0:
88:a2:a9:df:22:e6:5b:fb:fb:44:b4:4c:7b:e6:df:
fb:58:f1:95:54:87:bb:b8:ac:61:58:73:c9:c2:b9:
d3:d0:37:7f:43:8e:9a:2a:54:ca:c0:aa:74:16:6e:
18:91:9b:86:f9:cf:2d:2b:2e:b4:6a:06:e6:8a:fc:
90:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:9C:23:14:14:BD:E3:08:3B:DD:0A:81:D1:BD:E8:A5:0B:1C:08:52
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B1DDD6F0014311EFB3C80D33017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.16.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:af:33:a2:a0:8a:f2:5b:e4:38:30:08:39:6e:88:2e:3e:1c:
21:3f:39:33:81:23:ee:56:fa:bc:12:e5:59:3d:f0:41:10:84:
c4:e1:0d:6f:e6:06:0f:a3:da:33:f0:69:5b:e6:73:8e:8f:8e:
f1:1c:a2:fc:fa:9b:cd:c7:af:cc:d2:21:13:89:ff:e1:3e:84:
f1:14:1a:cf:e9:f2:05:ec:e8:e3:2e:55:20:14:6d:bf:f3:d3:
6a:d7:46:11:a3:42:a9:fc:c6:c3:5e:2f:6f:8e:39:ea:70:c9:
32:0d:d9:27:b4:bc:99:e4:7a:77:8b:70:a5:f4:05:a2:f5:47:
6f:c1:47:83:49:02:35:24:d1:60:f3:e1:53:52:8a:c6:a2:0e:
31:e6:db:6e:70:20:1e:bc:68:a2:b2:bd:a8:52:43:4b:ef:59:
7e:f2:44:5b:d8:32:6f:53:80:63:ed:4e:c2:ad:1c:11:d3:5e:
02:8b:ac:72:ed:f5:31:99:f5:f3:10:d9:f7:00:f7:fc:f6:36:
46:39:37:56:fa:d3:6c:93:f8:80:0e:d1:ad:de:2f:4c:f5:ea:
09:eb:ab:06:b2:a5:59:4c:a7:83:c5:63:d4:38:b7:1e:97:98:
47:48:9d:ea:0e:05:6f:d4:88:f8:54:46:0e:bf:4a:22:32:e3:
08:86:19:33
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK7tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDIzMDczMjUwWhcNMjQwNTExMDczMjUwWjAYMRYw
FAYDVQQDEw02NjI3NjQyNS1mYjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvyGWa8R79cFzr346ORwYqrgQcAm95sgCWOiUV1FgJIcBy9GalAPHNNys
0k9+akvVqiCvxpQ/8cHKtoVCMQ8DYGOpL3xoY/4FYL8jo4vp3c6vSrMFhCgaBULz
JRAtQyWq1r16nUsLplGyasqfnMnhvrUtaF/g8L+TA5/ta2BHt+tH3VV0+l6ADqlH
EjHan5LVlr5tFZaBLPKiX+PGK5SfR81EAwJqvlaru0cimQ/i3sQpdHoqv+ZrZ8MY
LOC97gNjR7CIoqnfIuZb+/tEtEx75t/7WPGVVIe7uKxhWHPJwrnT0Dd/Q46aKlTK
wKp0Fm4YkZuG+c8tKy60agbmivyQMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFic
IxQUveMIO90KgdG96KULHAhSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMURERDZGMDAxNDMxMUVGQjNDODBEMzMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsIQMA0GCSqGSIb3DQEB
CwUAA4IBAQC6rzOioIryW+Q4MAg5boguPhwhPzkzgSPuVvq8EuVZPfBBEITE4Q1v
5gYPo9oz8Glb5nOOj47xHKL8+pvNx6/M0iETif/hPoTxFBrP6fIF7OjjLlUgFG2/
89Nq10YRo0Kp/MbDXi9vjjnqcMkyDdkntLyZ5Hp3i3Cl9AWi9UdvwUeDSQI1JNFg
8+FTUorGog4x5ttucCAevGiisr2oUkNL71l+8kRb2DJvU4Bj7U7CrRwR014Ci6xy
7fUxmfXzENn3APf89jZGOTdW+tNsk/iADtGt3i9M9eoJ66sGsqVZTKeDxWPUOLce
l5hHSJ3qDgVv1Ij4VEYOv0oiMuMIhhkz
-----END CERTIFICATE-----
Generated at Sun May 12 02:36:21 2024 by rpki-client on console-ams.rpki-client.org