Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9C1F78E07AF11EF9E55B10B017001B1.roa
File: C9C1F78E07AF11EF9E55B10B017001B1.roa (raw, json)
Hash identifier: GW2uhz0V3L8mog2YHqdvYDk+8aTehLDeX8a7HYvhiWo=
Subject key identifier: 03:8D:BC:84:2B:12:3A:9A:53:87:92:88:A1:85:62:4A:3D:5B:73:94
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B39B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9C1F78E07AF11EF9E55B10B017001B1.roa
Signing time: Wed 01 May 2024 11:41:46 +0000
ROA not before: Wed 01 May 2024 11:41:42 +0000
ROA not after: Fri 17 May 2024 11:41:42 +0000
asID: 151800
IP address blocks: 154.197.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45979 (0xb39b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 11:41:42 2024 GMT
Not After : May 17 11:41:42 2024 GMT
Subject: CN=66322a7a-552e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7a:5b:cb:3f:f7:9e:7e:fb:33:b3:d7:dd:0e:
80:ff:aa:50:90:50:0e:2b:5a:c6:e1:53:39:a5:d8:
ac:df:33:7c:ce:68:37:90:e5:35:b7:bf:f7:3c:38:
b4:ad:f2:60:63:3b:72:1a:e3:82:a3:78:d9:28:83:
16:7b:5d:17:1d:04:44:30:56:ac:84:45:0a:df:33:
c5:83:ea:92:bc:43:6b:3a:55:36:cf:1f:de:18:e1:
fd:22:54:73:47:9b:66:a9:51:ca:af:d0:59:b7:cd:
b1:8c:f0:40:3e:c0:1c:b3:b7:53:f7:18:2f:de:81:
aa:41:6c:ff:8f:f2:73:cb:4f:9d:12:5b:e8:e5:15:
01:de:c7:9d:19:97:d0:b9:8e:3b:c3:70:0a:2a:19:
4c:ad:71:71:0c:fe:73:01:00:27:56:3f:fb:4f:7e:
3d:13:2b:9b:01:ff:44:ab:54:6e:5f:0b:2f:48:57:
9c:6c:1b:01:e4:8a:a9:16:b9:c2:b2:9a:f4:6d:cd:
d1:95:2f:be:7d:c9:99:b0:8c:5f:69:43:38:b1:13:
b8:d6:c8:72:ae:59:5e:9e:dd:94:30:e8:af:d6:35:
02:29:4d:1b:b5:6a:81:56:fa:07:45:1b:17:76:d8:
7d:bf:7b:28:74:92:f8:44:34:c1:02:d8:1b:29:00:
ec:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:8D:BC:84:2B:12:3A:9A:53:87:92:88:A1:85:62:4A:3D:5B:73:94
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9C1F78E07AF11EF9E55B10B017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.87.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:d7:5d:b1:2f:b9:d3:99:24:88:2e:fb:0a:76:4a:66:13:71:
ba:83:66:d2:80:dc:3b:b1:51:a5:ea:a7:dc:fb:7e:64:3b:32:
0a:8d:16:3c:37:18:21:23:b9:af:e7:fe:b0:fc:b7:b2:4a:98:
ef:80:0d:39:29:f4:45:85:b7:f5:bb:b7:04:c8:8e:22:cc:0b:
2e:ba:90:e4:79:ad:92:45:f3:ea:f2:4b:7b:0f:e2:e4:59:d8:
d9:d5:17:d0:9e:11:c8:c4:5f:de:ca:62:7c:a9:e5:d4:5d:52:
3c:b9:87:6e:5d:c8:f5:df:76:0b:64:48:d9:d2:12:ee:bb:d9:
1d:4d:37:28:87:d5:86:d6:ea:5a:16:5a:80:77:03:4f:c5:01:
d1:30:ab:c1:26:0e:37:4b:ff:44:97:64:48:fc:37:f8:ab:c3:
33:cd:65:0e:12:b5:98:e9:f7:11:ed:1d:c4:43:e6:3e:75:71:
4f:25:22:7f:ba:1f:2b:57:03:28:af:f4:24:f2:a3:11:f5:b1:
14:4c:e6:4d:58:98:5d:8b:fc:a7:6d:5b:85:7f:0a:ba:ae:5b:
46:d1:f9:ef:b3:70:0e:d6:48:4f:25:d5:b9:5c:13:f8:b8:b1:
ca:de:d2:a1:4a:16:08:55:85:aa:36:ef:16:8b:70:3b:bf:9f:
3d:1d:07:dd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALObMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTAxMTE0MTQyWhcNMjQwNTE3MTE0MTQyWjAYMRYw
FAYDVQQDEw02NjMyMmE3YS01NTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwnpbyz/3nn77M7PX3Q6A/6pQkFAOK1rG4VM5pdis3zN8zmg3kOU1t7/3
PDi0rfJgYztyGuOCo3jZKIMWe10XHQREMFashEUK3zPFg+qSvENrOlU2zx/eGOH9
IlRzR5tmqVHKr9BZt82xjPBAPsAcs7dT9xgv3oGqQWz/j/Jzy0+dElvo5RUB3sed
GZfQuY47w3AKKhlMrXFxDP5zAQAnVj/7T349EyubAf9Eq1RuXwsvSFecbBsB5Iqp
FrnCspr0bc3RlS++fcmZsIxfaUM4sRO41shyrllent2UMOiv1jUCKU0btWqBVvoH
RRsXdth9v3sodJL4RDTBAtgbKQDs+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAON
vIQrEjqaU4eSiKGFYko9W3OUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOUMxRjc4RTA3QUYxMUVGOUU1NUIxMEIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVXMA0GCSqGSIb3DQEB
CwUAA4IBAQC/112xL7nTmSSILvsKdkpmE3G6g2bSgNw7sVGl6qfc+35kOzIKjRY8
NxghI7mv5/6w/LeySpjvgA05KfRFhbf1u7cEyI4izAsuupDkea2SRfPq8kt7D+Lk
WdjZ1RfQnhHIxF/eymJ8qeXUXVI8uYduXcj133YLZEjZ0hLuu9kdTTcoh9WG1upa
FlqAdwNPxQHRMKvBJg43S/9El2RI/Df4q8MzzWUOErWY6fcR7R3EQ+Y+dXFPJSJ/
uh8rVwMor/Qk8qMR9bEUTOZNWJhdi/ynbVuFfwq6rltG0fnvs3AO1khPJdW5XBP4
uLHK3tKhShYIVYWqNu8Wi3A7v589HQfd
-----END CERTIFICATE-----
Generated at Fri May 17 17:36:44 2024 by rpki-client on console-fra.rpki-client.org