Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C64676C00CEB11EFA6804C32017001B1.roa
File: C64676C00CEB11EFA6804C32017001B1.roa (raw, json)
Hash identifier: 2iG9Cgd87dku+3RbsPEfIC8RJyWxiQz/oPJr0ka4OhM=
Subject key identifier: 8D:42:14:B9:D2:16:FF:84:BC:18:AD:B9:75:4A:E1:67:66:1B:6E:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B584
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C64676C00CEB11EFA6804C32017001B1.roa
Signing time: Wed 08 May 2024 03:33:46 +0000
ROA not before: Wed 08 May 2024 03:33:42 +0000
ROA not after: Sat 18 May 2024 03:33:42 +0000
asID: 39600
IP address blocks: 154.198.40.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46468 (0xb584)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 03:33:42 2024 GMT
Not After : May 18 03:33:42 2024 GMT
Subject: CN=663af299-04a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:05:72:c9:6b:bb:12:b5:ad:8a:76:be:6d:35:
ec:fa:23:82:88:f2:98:da:98:ef:f7:03:72:10:96:
5b:2b:cf:dc:bb:dd:34:47:4b:a2:3f:3e:60:06:79:
21:b9:f7:2f:50:6d:8b:bf:31:41:3d:03:87:28:63:
01:0f:32:19:2f:80:b2:89:a9:25:38:10:b2:83:f1:
10:52:c7:c4:a0:bf:dd:9c:ed:b8:b3:d1:c2:84:bf:
6d:82:9f:03:e6:f3:f0:90:4f:a6:cf:af:6a:ea:f0:
d6:e4:73:aa:5d:0e:72:93:76:61:bf:64:65:4f:ac:
24:56:45:e7:cb:01:bc:49:7f:7b:dd:8a:e1:6b:5f:
ba:3f:75:3a:43:6a:6f:1d:17:67:53:ea:8a:8b:95:
8a:ee:fe:01:56:d8:df:fc:1c:24:d2:2e:55:f1:5b:
83:e5:a8:cb:af:a7:01:e3:e0:25:23:e2:16:9d:c7:
86:68:4b:fb:1e:28:f7:90:fc:4f:8d:87:38:3d:37:
2d:76:6d:3d:d6:85:74:76:27:b8:db:c3:20:db:37:
31:11:f1:7d:dd:fd:46:34:cb:ee:d8:8a:15:83:a7:
e2:db:8d:d6:59:bf:83:2e:b1:07:fa:87:1d:2c:b9:
67:55:f3:73:4d:12:b1:e0:f8:37:d8:60:58:ae:14:
4e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:42:14:B9:D2:16:FF:84:BC:18:AD:B9:75:4A:E1:67:66:1B:6E:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C64676C00CEB11EFA6804C32017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.40.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:72:5d:7a:92:25:d5:2a:e7:ff:6e:66:2a:8a:23:f7:54:2c:
c4:5f:6e:74:2e:c1:38:57:c3:4b:4f:22:64:79:b5:a0:f7:09:
ea:d5:93:d0:5d:2e:74:f4:89:9b:cf:d4:e7:1c:ec:c6:da:8d:
a4:3c:e9:97:b2:3a:42:72:05:80:62:54:2f:2d:e8:31:19:91:
48:5a:ce:24:11:00:0f:23:4b:51:ec:36:fc:66:9d:09:eb:48:
48:5e:34:be:76:b2:0d:bd:7b:42:f5:0d:e8:59:cb:9e:49:dc:
7a:95:00:42:16:35:30:fb:56:13:cd:72:44:19:2f:a4:19:3c:
b9:e8:e7:32:6b:37:75:e0:64:44:82:3b:f6:7f:7c:df:29:79:
11:11:c9:a3:45:df:ad:8d:11:f4:d3:dc:37:11:30:57:68:5c:
c4:c6:dc:bd:71:e1:bb:0e:06:7b:a0:05:d0:5d:4e:67:74:18:
03:da:b9:bf:1e:a4:6c:78:e8:62:4e:69:b9:79:f1:fc:4c:e0:
8d:a5:37:07:c8:65:d5:5d:28:35:72:63:b8:92:95:e3:38:65:
ca:f0:47:cb:d3:98:9b:64:2c:16:66:02:e7:d1:be:b6:c6:b8:
6d:34:ef:49:69:6d:8e:9c:49:a5:f8:2a:ff:40:bb:8a:0f:ec:
b4:9d:42:f2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALWEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA4MDMzMzQyWhcNMjQwNTE4MDMzMzQyWjAYMRYw
FAYDVQQDEw02NjNhZjI5OS0wNGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAygVyyWu7ErWtina+bTXs+iOCiPKY2pjv9wNyEJZbK8/cu900R0uiPz5g
BnkhufcvUG2LvzFBPQOHKGMBDzIZL4CyiaklOBCyg/EQUsfEoL/dnO24s9HChL9t
gp8D5vPwkE+mz69q6vDW5HOqXQ5yk3Zhv2RlT6wkVkXnywG8SX973Yrha1+6P3U6
Q2pvHRdnU+qKi5WK7v4BVtjf/Bwk0i5V8VuD5ajLr6cB4+AlI+IWnceGaEv7Hij3
kPxPjYc4PTctdm091oV0die428Mg2zcxEfF93f1GNMvu2IoVg6fi243WWb+DLrEH
+ocdLLlnVfNzTRKx4Pg32GBYrhROBwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI1C
FLnSFv+EvBituXVK4WdmG25PMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNjQ2NzZDMDBDRUIxMUVGQTY4MDRDMzIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsYoMA0GCSqGSIb3DQEB
CwUAA4IBAQBccl16kiXVKuf/bmYqiiP3VCzEX250LsE4V8NLTyJkebWg9wnq1ZPQ
XS509Imbz9TnHOzG2o2kPOmXsjpCcgWAYlQvLegxGZFIWs4kEQAPI0tR7Db8Zp0J
60hIXjS+drINvXtC9Q3oWcueSdx6lQBCFjUw+1YTzXJEGS+kGTy56Ocyazd14GRE
gjv2f3zfKXkREcmjRd+tjRH009w3ETBXaFzExty9ceG7DgZ7oAXQXU5ndBgD2rm/
HqRseOhiTmm5efH8TOCNpTcHyGXVXSg1cmO4kpXjOGXK8EfL05ibZCwWZgLn0b62
xrhtNO9JaW2OnEml+Cr/QLuKD+y0nULy
-----END CERTIFICATE-----
Generated at Sun May 19 02:08:29 2024 by rpki-client on console-ams.rpki-client.org