Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9C267700CEA11EF975EDA25017001B1.roa
File: B9C267700CEA11EF975EDA25017001B1.roa (raw, json)
Hash identifier: +2ieQE1pL/CLoTLXeCR3JxW1Tfu8j4OldDltsKGccAw=
Subject key identifier: 3F:23:4F:FA:C9:44:AF:A6:CD:54:24:C5:5D:62:91:6B:D9:CC:10:B3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B57E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9C267700CEA11EF975EDA25017001B1.roa
Signing time: Wed 08 May 2024 03:26:15 +0000
ROA not before: Wed 08 May 2024 03:26:12 +0000
ROA not after: Sat 18 May 2024 03:26:12 +0000
asID: 39600
IP address blocks: 154.207.208.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46462 (0xb57e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 03:26:12 2024 GMT
Not After : May 18 03:26:12 2024 GMT
Subject: CN=663af0d7-0c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:89:b1:9b:70:36:fd:c3:23:61:db:93:f2:0e:
86:90:f1:e9:db:b5:a3:ad:bf:5b:a7:4b:b6:c3:b3:
8f:df:28:96:03:80:37:4f:aa:f0:38:d3:1b:a5:b6:
50:2f:c9:fa:dc:a4:55:44:70:e1:ec:3c:12:a1:0d:
73:f0:4f:7f:5f:d1:fb:c7:e6:e6:5d:35:49:4a:25:
06:5e:6f:41:cc:23:7a:42:09:5a:69:04:3b:4b:ea:
f8:ad:cd:23:a2:f2:b8:31:40:5f:fa:2a:bd:c3:cb:
2b:f2:48:e3:3d:04:97:15:a4:72:d4:6b:85:3a:e0:
44:e3:9e:fd:77:78:08:aa:fc:52:eb:a4:56:90:94:
9b:70:90:94:b9:76:a8:17:ae:af:c6:9d:8d:46:b8:
aa:e6:be:90:be:7e:4b:7e:e0:07:53:75:57:ee:d7:
33:91:81:37:07:bd:7d:09:10:f0:ae:e2:60:25:01:
06:33:4a:b8:ed:12:30:2a:56:04:88:c4:a5:2a:08:
c0:b1:2a:49:15:bc:93:22:43:77:2c:c5:12:d1:fa:
25:2a:37:48:53:a5:00:3b:2e:b2:9c:89:dd:49:70:
af:75:dc:a3:05:2a:f0:ed:13:69:da:e4:79:2a:7f:
be:c7:bf:36:bf:98:64:fb:34:06:ce:0f:63:9c:97:
41:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:23:4F:FA:C9:44:AF:A6:CD:54:24:C5:5D:62:91:6B:D9:CC:10:B3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9C267700CEA11EF975EDA25017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.208.0/21
Signature Algorithm: sha256WithRSAEncryption
51:24:e3:13:4e:d8:cb:30:35:b2:ca:1a:3c:58:17:ea:00:55:
86:1e:5f:07:f2:2b:ca:ca:9b:29:e3:de:b6:e2:04:8d:e5:25:
b0:fe:84:83:d1:57:ab:11:a2:1e:58:ad:78:f3:12:7c:b2:23:
8a:24:c3:51:9f:0f:d5:dd:31:d5:ce:8d:04:cc:c0:cd:06:ef:
37:f9:dd:11:20:4f:55:c3:2d:c2:26:8a:83:71:0a:fb:20:59:
ea:4a:eb:e2:d6:d7:ad:89:98:ce:d7:52:38:0d:24:ed:15:7f:
04:90:45:4b:75:08:8e:de:20:81:89:fc:fd:19:b2:25:a5:db:
98:48:00:5e:90:84:01:c8:7e:24:0f:20:31:d6:ca:d3:08:07:
0f:a0:33:d6:e6:ea:33:25:ba:08:9c:79:c4:8b:f7:01:41:09:
6b:1d:38:41:15:73:57:8f:00:35:63:86:81:ed:91:47:da:61:
0f:26:aa:36:33:39:fb:73:63:68:56:87:bf:0a:de:ca:12:50:
9d:fa:86:a8:2e:a2:45:80:0a:3e:6d:42:38:c3:cd:af:e9:97:
4e:b0:8b:98:f6:1a:9a:08:36:c8:db:82:c3:f5:ed:33:8a:2c:
98:ea:5f:f2:5d:41:6c:18:d3:81:7b:b0:1c:48:68:d7:a9:1a:
7f:c3:67:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALV+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA4MDMyNjEyWhcNMjQwNTE4MDMyNjEyWjAYMRYw
FAYDVQQDEw02NjNhZjBkNy0wYzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxomxm3A2/cMjYduT8g6GkPHp27Wjrb9bp0u2w7OP3yiWA4A3T6rwONMb
pbZQL8n63KRVRHDh7DwSoQ1z8E9/X9H7x+bmXTVJSiUGXm9BzCN6QglaaQQ7S+r4
rc0jovK4MUBf+iq9w8sr8kjjPQSXFaRy1GuFOuBE4579d3gIqvxS66RWkJSbcJCU
uXaoF66vxp2NRriq5r6Qvn5LfuAHU3VX7tczkYE3B719CRDwruJgJQEGM0q47RIw
KlYEiMSlKgjAsSpJFbyTIkN3LMUS0folKjdIU6UAOy6ynIndSXCvddyjBSrw7RNp
2uR5Kn++x782v5hk+zQGzg9jnJdBVQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD8j
T/rJRK+mzVQkxV1ikWvZzBCzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9COUMyNjc3MDBDRUExMUVGOTc1RURBMjUwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDms/QMA0GCSqGSIb3DQEB
CwUAA4IBAQBRJOMTTtjLMDWyyho8WBfqAFWGHl8H8ivKypsp49624gSN5SWw/oSD
0VerEaIeWK148xJ8siOKJMNRnw/V3THVzo0EzMDNBu83+d0RIE9Vwy3CJoqDcQr7
IFnqSuvi1tetiZjO11I4DSTtFX8EkEVLdQiO3iCBifz9GbIlpduYSABekIQByH4k
DyAx1srTCAcPoDPW5uozJboInHnEi/cBQQlrHThBFXNXjwA1Y4aB7ZFH2mEPJqo2
Mzn7c2NoVoe/Ct7KElCd+oaoLqJFgAo+bUI4w82v6ZdOsIuY9hqaCDbI24LD9e0z
iiyY6l/yXUFsGNOBe7AcSGjXqRp/w2cE
-----END CERTIFICATE-----
Generated at Sun May 19 02:03:34 2024 by rpki-client on console-fra.rpki-client.org