Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDA334E60DC611EF898D2D29017001B1.roa
File: BDA334E60DC611EF898D2D29017001B1.roa (raw, json)
Hash identifier: p0AaGLYJmmLD/b3NUs1nZh4LdIB/LUpsy0p1GiT8JwI=
Subject key identifier: 5F:5C:AE:9B:3D:05:5D:FC:07:45:61:C8:65:9A:7E:F3:0F:94:CB:8C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B5FB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDA334E60DC611EF898D2D29017001B1.roa
Signing time: Thu 09 May 2024 05:41:11 +0000
ROA not before: Thu 09 May 2024 05:41:08 +0000
ROA not after: Sun 19 May 2024 05:41:08 +0000
asID: 21859
IP address blocks: 154.94.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46587 (0xb5fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 05:41:08 2024 GMT
Not After : May 19 05:41:08 2024 GMT
Subject: CN=663c61f7-6029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:39:45:fd:d3:91:42:5e:33:4f:48:60:ce:e6:
21:29:b0:3b:e1:d7:5c:90:e6:38:c9:a0:bf:5c:d5:
46:35:2f:28:22:7c:d5:de:f1:41:db:6f:e7:76:9a:
6e:b8:a3:0f:cb:9b:69:f5:99:1c:e2:b7:d5:40:dd:
0a:23:15:53:af:48:73:0e:b8:0e:bd:bf:db:24:b0:
d7:bb:0f:3a:0c:2e:ae:a6:19:fe:f6:d0:67:35:07:
b0:f0:1e:5b:e1:02:ef:83:89:17:f2:9a:67:12:23:
d9:67:98:29:7c:1b:06:62:8d:69:23:90:65:da:ad:
3d:b1:7e:2e:cf:f3:f1:81:1c:65:42:b7:ae:57:1e:
fe:22:e3:a9:c2:7c:b8:9e:e8:87:8e:c8:c3:34:f8:
a2:95:79:8d:a7:31:df:27:cd:d2:73:d8:87:0f:07:
30:01:02:8e:24:f3:d3:43:4c:4e:68:43:62:f0:64:
63:40:08:cd:02:19:18:e4:fa:1e:32:3f:e7:78:e4:
c3:a7:db:72:e7:2e:5e:f2:2a:d4:47:53:d7:94:2d:
87:dc:bf:8e:8d:ab:ce:ca:b6:74:75:87:15:18:f4:
1c:8f:4f:54:18:09:3d:ef:2a:86:be:93:8c:c3:9d:
87:da:bf:c0:41:42:dd:fe:6a:ed:d0:af:ed:e8:0a:
74:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:5C:AE:9B:3D:05:5D:FC:07:45:61:C8:65:9A:7E:F3:0F:94:CB:8C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BDA334E60DC611EF898D2D29017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.35.0/24
Signature Algorithm: sha256WithRSAEncryption
62:b2:b1:8b:81:5e:76:2c:61:df:4b:02:d0:36:1a:ab:1e:78:
c8:4d:f6:17:2b:dc:9e:38:eb:50:68:c0:ff:90:a6:3c:0c:3e:
f7:36:78:bd:5b:e3:db:16:eb:57:1e:97:16:0c:b5:c0:75:3a:
a1:73:e1:ee:0a:9e:e8:51:75:09:91:35:95:07:c7:71:d3:52:
4a:99:a1:78:ab:bf:ac:9d:86:e7:ce:8c:50:03:7d:e4:c0:1a:
dc:01:d2:31:f4:e2:f1:e6:4f:88:a9:5c:c5:04:47:51:41:a0:
6b:7a:37:ff:76:dd:cf:ea:37:4b:6e:7f:6b:fb:e8:8b:e6:e8:
e7:30:ec:dc:e8:06:2d:13:da:b3:13:c7:ff:6f:eb:d9:82:ba:
7b:de:54:dd:64:f9:27:27:34:de:fa:22:a9:11:dd:c3:09:15:
96:dd:18:40:26:ed:2d:50:9b:ea:d9:9c:86:22:d9:14:e1:dc:
54:89:7b:77:a8:e8:34:09:5f:36:64:f1:d3:7d:32:de:b2:43:
46:28:62:70:6c:93:7f:af:00:8d:59:0c:57:68:ad:94:db:9a:
30:cb:b2:45:f6:82:b7:78:fa:7c:87:7b:59:ef:16:32:d4:dc:
18:b6:b0:bc:6f:c4:4c:e9:71:ec:a7:de:50:c8:c2:a7:86:22:
25:52:45:40
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALX7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA5MDU0MTA4WhcNMjQwNTE5MDU0MTA4WjAYMRYw
FAYDVQQDEw02NjNjNjFmNy02MDI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArDlF/dORQl4zT0hgzuYhKbA74ddckOY4yaC/XNVGNS8oInzV3vFB22/n
dppuuKMPy5tp9Zkc4rfVQN0KIxVTr0hzDrgOvb/bJLDXuw86DC6uphn+9tBnNQew
8B5b4QLvg4kX8ppnEiPZZ5gpfBsGYo1pI5Bl2q09sX4uz/PxgRxlQreuVx7+IuOp
wny4nuiHjsjDNPiilXmNpzHfJ83Sc9iHDwcwAQKOJPPTQ0xOaENi8GRjQAjNAhkY
5PoeMj/neOTDp9ty5y5e8irUR1PXlC2H3L+OjavOyrZ0dYcVGPQcj09UGAk97yqG
vpOMw52H2r/AQULd/mrt0K/t6Ap0YwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF9c
rps9BV38B0VhyGWafvMPlMuMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CREEzMzRFNjBEQzYxMUVGODk4RDJEMjkwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4jMA0GCSqGSIb3DQEB
CwUAA4IBAQBisrGLgV52LGHfSwLQNhqrHnjITfYXK9yeOOtQaMD/kKY8DD73Nni9
W+PbFutXHpcWDLXAdTqhc+HuCp7oUXUJkTWVB8dx01JKmaF4q7+snYbnzoxQA33k
wBrcAdIx9OLx5k+IqVzFBEdRQaBrejf/dt3P6jdLbn9r++iL5ujnMOzc6AYtE9qz
E8f/b+vZgrp73lTdZPknJzTe+iKpEd3DCRWW3RhAJu0tUJvq2ZyGItkU4dxUiXt3
qOg0CV82ZPHTfTLeskNGKGJwbJN/rwCNWQxXaK2U25owy7JF9oK3ePp8h3tZ7xYy
1NwYtrC8b8RM6XHsp95QyMKnhiIlUkVA
-----END CERTIFICATE-----
Generated at Mon May 20 01:57:49 2024 by rpki-client on console-fra.rpki-client.org