Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE8027D40DBB11EFA7FA3052017001B1.roa
File: CE8027D40DBB11EFA7FA3052017001B1.roa (raw, json)
Hash identifier: dz9Kba6IPNAAe3MDkpjoj8WG7Oz1H67W+tsxcefuGe0=
Subject key identifier: 6B:65:76:B0:8B:92:76:0D:65:83:9C:6B:8E:F2:8D:B3:B6:85:9E:BB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B5CB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE8027D40DBB11EFA7FA3052017001B1.roa
Signing time: Thu 09 May 2024 04:22:55 +0000
ROA not before: Thu 09 May 2024 04:22:51 +0000
ROA not after: Sat 18 May 2024 04:22:51 +0000
asID: 39600
IP address blocks: 154.207.232.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46539 (0xb5cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 04:22:51 2024 GMT
Not After : May 18 04:22:51 2024 GMT
Subject: CN=663c4f9f-0486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6c:bd:40:4b:38:e1:fa:3a:4f:32:9b:68:d5:
7b:12:01:f5:0f:ed:bb:20:86:46:c0:f2:b4:fd:26:
ef:fd:9d:a2:54:c6:d6:a0:4a:ad:99:1d:d8:ea:1c:
5a:58:a1:49:2a:5d:03:c1:9a:9f:ca:0e:8e:82:3e:
5d:16:55:50:07:f9:dd:68:42:17:c0:d7:fa:24:85:
de:c5:71:20:fe:b1:c5:fc:d9:ec:e7:dc:c2:10:37:
83:2f:d3:20:70:5a:b6:22:8a:cd:c7:18:24:43:83:
20:cd:d1:f2:9d:1b:4e:ba:96:70:34:12:a4:f4:c1:
b4:28:3c:a2:92:47:fc:e1:66:95:56:7c:62:83:0b:
43:ff:56:28:58:9f:8d:cf:2c:5b:98:6b:52:b3:6b:
17:05:8f:97:16:27:d4:a1:e6:10:02:0d:f7:1a:79:
a5:a6:f6:65:9a:49:d6:89:7a:b2:5e:52:c8:a8:54:
0f:32:85:de:6e:de:c9:15:7e:25:b6:78:cf:f0:83:
ec:fd:f5:b0:3f:7e:69:11:2d:1e:2a:0c:9b:7d:09:
a4:d8:a5:9a:00:aa:39:85:f8:b9:66:28:28:dd:cf:
3e:7c:5c:15:00:11:03:f7:48:93:a3:57:2d:c6:5a:
6b:bc:cb:d5:1d:a7:be:7f:74:77:61:86:92:31:45:
b2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:65:76:B0:8B:92:76:0D:65:83:9C:6B:8E:F2:8D:B3:B6:85:9E:BB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE8027D40DBB11EFA7FA3052017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.232.0/21
Signature Algorithm: sha256WithRSAEncryption
54:87:6d:cd:3d:ce:fd:9f:6b:4e:5b:23:26:85:fd:99:d4:1e:
af:6f:fe:36:b6:61:f8:a4:7e:07:95:03:39:3f:99:a2:bd:b5:
47:ff:be:fd:d2:04:1b:49:2f:f7:9a:87:4d:85:58:88:4e:77:
fb:32:0b:93:b2:29:e9:7c:80:aa:f7:d3:74:4d:a0:76:17:cc:
ae:e7:9d:3f:7d:d9:c1:00:5d:32:35:0f:81:e0:eb:e3:4d:46:
31:c1:bf:c9:f3:91:b4:67:a1:88:e0:cc:64:96:26:19:c0:b8:
ca:88:2b:02:9c:85:62:e4:d4:85:56:0c:85:64:93:a6:c4:cb:
73:ce:73:54:69:21:4e:ae:57:73:7c:55:31:24:94:42:54:6a:
0e:28:7c:39:58:82:bb:3f:8b:dc:f0:89:0d:a7:45:46:4f:4b:
99:4e:06:5c:e2:85:eb:c2:01:39:dc:04:af:96:73:46:7d:ac:
a6:a4:33:5b:77:35:8d:cb:2b:1e:63:7b:0a:ea:29:95:5a:84:
d5:23:fb:14:0c:56:17:e6:ba:38:50:8e:ef:4a:c6:9d:b2:11:
37:fa:09:50:73:5f:53:8d:59:a3:ac:e8:83:19:88:5b:4a:27:
31:4a:bb:84:b4:42:f6:91:22:57:1d:63:1f:9d:46:1f:5f:34:
46:7b:92:e5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALXLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA5MDQyMjUxWhcNMjQwNTE4MDQyMjUxWjAYMRYw
FAYDVQQDEw02NjNjNGY5Zi0wNDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA32y9QEs44fo6TzKbaNV7EgH1D+27IIZGwPK0/Sbv/Z2iVMbWoEqtmR3Y
6hxaWKFJKl0DwZqfyg6Ogj5dFlVQB/ndaEIXwNf6JIXexXEg/rHF/Nns59zCEDeD
L9MgcFq2IorNxxgkQ4MgzdHynRtOupZwNBKk9MG0KDyikkf84WaVVnxigwtD/1Yo
WJ+NzyxbmGtSs2sXBY+XFifUoeYQAg33GnmlpvZlmknWiXqyXlLIqFQPMoXebt7J
FX4ltnjP8IPs/fWwP35pES0eKgybfQmk2KWaAKo5hfi5Zigo3c8+fFwVABED90iT
o1ctxlprvMvVHae+f3R3YYaSMUWybQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGtl
drCLknYNZYOca47yjbO2hZ67MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRTgwMjdENDBEQkIxMUVGQTdGQTMwNTIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDms/oMA0GCSqGSIb3DQEB
CwUAA4IBAQBUh23NPc79n2tOWyMmhf2Z1B6vb/42tmH4pH4HlQM5P5mivbVH/779
0gQbSS/3modNhViITnf7MguTsinpfICq99N0TaB2F8yu550/fdnBAF0yNQ+B4Ovj
TUYxwb/J85G0Z6GI4MxkliYZwLjKiCsCnIVi5NSFVgyFZJOmxMtzznNUaSFOrldz
fFUxJJRCVGoOKHw5WIK7P4vc8IkNp0VGT0uZTgZc4oXrwgE53ASvlnNGfaympDNb
dzWNyyseY3sK6imVWoTVI/sUDFYX5ro4UI7vSsadshE3+glQc19TjVmjrOiDGYhb
SicxSruEtEL2kSJXHWMfnUYfXzRGe5Ll
-----END CERTIFICATE-----
Generated at Sun May 19 02:08:29 2024 by rpki-client on console-ams.rpki-client.org