Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CADA57040C1111EFA474F936017001B1.roa
File: CADA57040C1111EFA474F936017001B1.roa (raw, json)
Hash identifier: OSzygwM+Bclr2xWiRKIepN/dmhQob3lOHSwEfFHHkr8=
Subject key identifier: 04:82:2F:41:27:27:1A:57:C8:C7:74:29:60:B4:2C:D8:A1:AD:DD:AE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B55F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CADA57040C1111EFA474F936017001B1.roa
Signing time: Tue 07 May 2024 01:33:23 +0000
ROA not before: Tue 07 May 2024 01:33:19 +0000
ROA not after: Fri 17 May 2024 01:33:19 +0000
asID: 142062
IP address blocks: 154.196.96.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46431 (0xb55f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 7 01:33:19 2024 GMT
Not After : May 17 01:33:19 2024 GMT
Subject: CN=663984e3-8052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:29:4a:0d:7f:3d:dc:55:25:93:d9:48:9d:e1:
0e:9e:6a:3f:93:d7:af:80:c0:af:77:77:b0:bc:fc:
6d:14:49:1f:94:d5:26:51:3e:c9:2b:d7:3c:a8:29:
1f:c3:97:f7:0d:2b:c1:a3:6d:1f:08:47:62:bc:42:
1a:97:43:52:89:9c:76:f1:67:2c:7c:44:c9:7b:77:
ef:9a:76:68:3c:7f:38:2b:00:f2:93:d1:17:cf:12:
94:2f:f8:18:57:12:d3:56:bf:f5:e5:26:b5:73:e9:
d4:a6:57:21:fb:67:74:90:db:5e:c9:49:dc:dc:0d:
04:75:76:45:d4:4e:0d:da:d2:7b:eb:2f:83:fe:9a:
4c:a9:7f:3a:6a:86:d0:fe:64:bd:80:07:fb:b7:d7:
75:35:f2:2a:db:ae:ef:62:4c:31:1d:7c:07:fb:71:
7b:70:b9:d9:53:0b:c1:43:fb:e2:e0:e0:25:1e:b8:
ad:c4:76:5c:06:2c:35:ec:95:d0:cf:de:2c:15:e3:
e1:01:eb:d8:60:ef:f3:31:5f:85:9c:d3:bd:f9:59:
4a:a1:3a:cd:81:ea:e4:4f:94:f6:9f:e8:91:46:b3:
e2:cf:49:98:f2:98:f0:7e:df:50:87:6d:b8:26:73:
de:b6:13:fa:41:ea:b2:7f:94:3c:0a:aa:48:1e:3f:
77:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:82:2F:41:27:27:1A:57:C8:C7:74:29:60:B4:2C:D8:A1:AD:DD:AE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CADA57040C1111EFA474F936017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.96.0/19
Signature Algorithm: sha256WithRSAEncryption
5f:fd:22:18:e8:dd:3a:82:4b:49:21:42:6e:3d:69:09:cb:d8:
c6:75:e0:ee:a5:cb:3d:ea:c7:a3:7c:3c:fb:91:b7:9c:8f:41:
bc:fc:04:0b:ac:e7:e1:7c:4f:96:fa:60:6d:3e:38:94:d9:00:
13:a3:8a:fc:22:8c:19:87:50:dd:29:17:13:ba:ab:fc:10:65:
45:34:63:ff:29:ae:74:09:ce:27:df:5b:ee:73:de:37:db:fd:
c0:90:ed:4f:d4:dd:24:a4:91:67:0e:9c:60:ac:3d:77:0e:76:
7d:56:4e:ec:35:bf:1f:7e:b2:dd:4b:21:8f:47:a4:b2:1c:4a:
5d:ac:93:6b:a3:f0:f7:33:d9:4d:f0:d9:8c:03:44:7b:f0:8a:
f7:3e:09:ee:1f:67:5e:9b:bf:ec:95:ed:2e:7e:94:9a:ab:71:
b3:f0:ed:ad:1e:ca:c6:d3:2d:6d:44:e4:4b:fc:d9:fa:76:5a:
eb:a7:e8:25:26:5d:8b:b9:63:a9:e0:06:4a:e9:3e:2d:f6:dd:
cf:85:44:72:7f:88:54:91:2f:36:1e:56:0e:75:66:27:62:78:
b0:9c:b1:0d:29:f0:fc:ae:4c:76:90:2c:35:f4:fd:8a:f7:03:
41:5f:3f:84:f9:3f:6d:6a:2a:06:92:5b:c7:e9:a7:fc:15:48:
b4:fd:94:e5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALVfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA3MDEzMzE5WhcNMjQwNTE3MDEzMzE5WjAYMRYw
FAYDVQQDEw02NjM5ODRlMy04MDUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2ClKDX893FUlk9lIneEOnmo/k9evgMCvd3ewvPxtFEkflNUmUT7JK9c8
qCkfw5f3DSvBo20fCEdivEIal0NSiZx28WcsfETJe3fvmnZoPH84KwDyk9EXzxKU
L/gYVxLTVr/15Sa1c+nUplch+2d0kNteyUnc3A0EdXZF1E4N2tJ76y+D/ppMqX86
aobQ/mS9gAf7t9d1NfIq267vYkwxHXwH+3F7cLnZUwvBQ/vi4OAlHritxHZcBiw1
7JXQz94sFePhAevYYO/zMV+FnNO9+VlKoTrNgerkT5T2n+iRRrPiz0mY8pjwft9Q
h224JnPethP6Qeqyf5Q8CqpIHj93gQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFASC
L0EnJxpXyMd0KWC0LNihrd2uMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQURBNTcwNDBDMTExMUVGQTQ3NEY5MzYwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmsRgMA0GCSqGSIb3DQEB
CwUAA4IBAQBf/SIY6N06gktJIUJuPWkJy9jGdeDupcs96sejfDz7kbecj0G8/AQL
rOfhfE+W+mBtPjiU2QATo4r8IowZh1DdKRcTuqv8EGVFNGP/Ka50Cc4n31vuc943
2/3AkO1P1N0kpJFnDpxgrD13DnZ9Vk7sNb8ffrLdSyGPR6SyHEpdrJNro/D3M9lN
8NmMA0R78Ir3PgnuH2dem7/sle0ufpSaq3Gz8O2tHsrG0y1tRORL/Nn6dlrrp+gl
Jl2LuWOp4AZK6T4t9t3PhURyf4hUkS82HlYOdWYnYniwnLENKfD8rkx2kCw19P2K
9wNBXz+E+T9taioGklvH6af8FUi0/ZTl
-----END CERTIFICATE-----
Generated at Fri May 17 10:15:51 2024 by rpki-client on console-ams.rpki-client.org