Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCD70DA60DB911EF9F1EA341017001B1.roa
File: BCD70DA60DB911EF9F1EA341017001B1.roa (raw, json)
Hash identifier: n1c+h37nUITzL0tlToKieFohf76QY0KZpsnLGwr8Lno=
Subject key identifier: A0:AD:73:18:CA:2D:84:A6:F4:73:AE:36:91:59:33:11:83:E9:23:42
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B5BF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCD70DA60DB911EF9F1EA341017001B1.roa
Signing time: Thu 09 May 2024 04:08:06 +0000
ROA not before: Thu 09 May 2024 04:08:03 +0000
ROA not after: Sat 18 May 2024 04:08:03 +0000
asID: 39600
IP address blocks: 154.203.72.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46527 (0xb5bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 04:08:03 2024 GMT
Not After : May 18 04:08:03 2024 GMT
Subject: CN=663c4c26-5db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:93:04:2d:c8:08:4d:05:bd:bc:e4:ae:89:d5:
c6:5a:7f:24:d3:94:15:23:c1:e1:89:5e:5e:6c:3e:
10:52:03:5c:63:32:a8:63:e4:b3:ec:0f:88:f1:3b:
f8:74:e5:5e:12:6a:1a:48:b4:a5:a8:6b:4e:5e:c2:
69:79:a8:97:cc:a3:83:ad:7f:73:61:ab:d2:9a:18:
08:3f:16:a3:19:f0:34:56:c3:64:cb:2f:e1:cd:f6:
9e:01:39:bc:fb:0e:0a:61:f6:c2:48:1e:8e:d5:ff:
da:df:62:3c:53:1d:05:20:04:98:c4:26:d4:fb:8d:
2e:2f:e8:a0:c3:b7:a2:d1:d3:e9:fa:44:a6:a0:6f:
66:f8:b6:54:fb:2c:99:b0:d0:46:11:9a:23:cd:92:
7f:8f:25:5f:12:02:17:d9:52:92:1b:3a:dc:bd:fa:
42:19:44:5a:20:37:0f:74:90:57:0d:5e:fa:55:5c:
85:e5:50:68:b0:76:1c:b2:94:14:38:30:e0:5f:38:
ef:99:0c:2e:17:c0:8a:e2:e5:83:4d:9c:fd:bd:89:
6a:0f:82:08:55:64:e4:f1:93:a0:47:f4:ed:a0:e0:
8e:da:c4:08:6f:a9:20:55:21:e5:b7:72:88:94:aa:
7e:a0:6f:0b:25:27:19:60:a9:42:7e:8a:9b:65:c8:
bb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:AD:73:18:CA:2D:84:A6:F4:73:AE:36:91:59:33:11:83:E9:23:42
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCD70DA60DB911EF9F1EA341017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.72.0/21
Signature Algorithm: sha256WithRSAEncryption
13:ed:26:cd:dd:6b:60:b3:78:45:dc:eb:02:9f:d3:32:b9:f1:
86:73:ac:37:96:3f:02:d4:a1:c0:38:38:55:0f:17:5a:8f:56:
a5:21:59:2d:f6:08:f2:62:11:4a:9a:fb:9c:16:dd:c5:49:3a:
e5:91:44:ad:1f:6b:79:12:2f:71:46:4e:55:a9:4f:43:bf:b8:
84:44:c8:ad:0c:6e:eb:8c:a4:ea:6a:13:f0:ff:0f:4c:ba:48:
e7:23:0e:80:64:08:49:58:61:52:92:5d:0f:12:1c:6f:a7:23:
fd:2d:82:e1:40:6a:ba:5e:b6:9c:c4:b8:29:91:55:50:68:10:
63:63:e1:bb:ad:58:08:13:31:35:81:ab:f1:4e:1b:44:cd:6e:
a5:5b:5d:bd:db:f7:ca:e5:e7:c2:93:f9:15:8b:e5:ca:fe:f9:
07:32:9e:73:ed:85:de:52:34:ef:19:2d:5f:8c:a6:39:d9:0f:
d9:22:d2:d4:1d:f0:d4:51:29:8e:4e:1d:f5:82:cd:d3:7a:f3:
94:c6:95:9e:42:0b:94:d7:17:73:88:6f:e4:0d:40:ca:8f:45:
7c:a2:0d:1a:06:49:ee:72:51:57:d3:9d:9c:26:53:b3:aa:3f:
de:68:ce:b8:09:e7:02:11:af:6a:6f:77:1c:e7:36:cc:cd:f0:
21:a0:57:0a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALW/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA5MDQwODAzWhcNMjQwNTE4MDQwODAzWjAYMRYw
FAYDVQQDEw02NjNjNGMyNi01ZGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxpMELcgITQW9vOSuidXGWn8k05QVI8HhiV5ebD4QUgNcYzKoY+Sz7A+I
8Tv4dOVeEmoaSLSlqGtOXsJpeaiXzKODrX9zYavSmhgIPxajGfA0VsNkyy/hzfae
ATm8+w4KYfbCSB6O1f/a32I8Ux0FIASYxCbU+40uL+igw7ei0dPp+kSmoG9m+LZU
+yyZsNBGEZojzZJ/jyVfEgIX2VKSGzrcvfpCGURaIDcPdJBXDV76VVyF5VBosHYc
spQUODDgXzjvmQwuF8CK4uWDTZz9vYlqD4IIVWTk8ZOgR/TtoOCO2sQIb6kgVSHl
t3KIlKp+oG8LJScZYKlCfoqbZci7GwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKCt
cxjKLYSm9HOuNpFZMxGD6SNCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQ0Q3MERBNjBEQjkxMUVGOUYxRUEzNDEwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmstIMA0GCSqGSIb3DQEB
CwUAA4IBAQAT7SbN3Wtgs3hF3OsCn9MyufGGc6w3lj8C1KHAODhVDxdaj1alIVkt
9gjyYhFKmvucFt3FSTrlkUStH2t5Ei9xRk5VqU9Dv7iERMitDG7rjKTqahPw/w9M
ukjnIw6AZAhJWGFSkl0PEhxvpyP9LYLhQGq6XracxLgpkVVQaBBjY+G7rVgIEzE1
gavxThtEzW6lW1292/fK5efCk/kVi+XK/vkHMp5z7YXeUjTvGS1fjKY52Q/ZItLU
HfDUUSmOTh31gs3TevOUxpWeQguU1xdziG/kDUDKj0V8og0aBknuclFX052cJlOz
qj/eaM64CecCEa9qb3cc5zbMzfAhoFcK
-----END CERTIFICATE-----
Generated at Sun May 19 02:03:34 2024 by rpki-client on console-fra.rpki-client.org