Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB2E36300CEC11EFBF702F39017001B1.roa
File: DB2E36300CEC11EFBF702F39017001B1.roa (raw, json)
Hash identifier: SiwPDdDJdp+pvU5RDbnGsyXrCH7CjOGjchBkwiQ7pr4=
Subject key identifier: 92:35:FE:6A:F5:AD:51:D2:89:56:70:9F:30:5D:C7:B1:35:23:93:12
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B586
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB2E36300CEC11EFBF702F39017001B1.roa
Signing time: Wed 08 May 2024 03:41:30 +0000
ROA not before: Wed 08 May 2024 03:41:27 +0000
ROA not after: Sat 18 May 2024 03:41:27 +0000
asID: 39600
IP address blocks: 154.202.72.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46470 (0xb586)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 8 03:41:27 2024 GMT
Not After : May 18 03:41:27 2024 GMT
Subject: CN=663af46a-6b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d8:a1:9c:07:51:08:2f:95:d0:84:20:4f:9a:
62:0e:61:f2:80:3c:bb:26:ba:73:a4:e2:23:f7:ed:
e5:06:18:78:46:9e:35:31:b5:ee:b2:15:ea:7e:fc:
87:e5:53:90:08:93:3e:71:67:27:8c:95:b4:ca:e6:
4b:84:82:bd:e2:87:83:95:84:ee:8c:ad:8e:27:5e:
95:5d:84:17:b3:51:43:ee:20:97:7b:d9:33:42:4c:
fc:69:b5:cc:dd:55:e4:2d:df:e7:cf:dc:f9:76:30:
61:f6:0c:73:ed:28:b7:e9:d6:24:5a:3d:fa:db:9d:
13:7a:a8:96:72:39:8f:b0:cb:54:78:c3:a8:02:44:
ca:a2:d6:78:5f:1d:0d:90:77:6a:56:88:ec:6a:86:
56:b7:c8:58:65:46:06:22:e7:59:7c:9b:31:17:8d:
27:9e:9b:7a:97:c6:f1:06:06:1e:4a:76:f2:b7:6a:
e2:ba:16:18:a8:92:13:48:19:5c:7a:3d:6f:1a:06:
35:19:d8:49:09:83:ee:65:5b:38:86:ce:2b:49:70:
83:04:91:f5:2a:c6:59:d8:19:c2:9e:f4:7d:94:23:
c2:7b:c4:8d:fa:e9:f1:f7:ba:f6:88:92:ce:51:8c:
07:50:0b:a6:ad:91:4f:e4:78:2d:c0:25:9e:22:5b:
80:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:35:FE:6A:F5:AD:51:D2:89:56:70:9F:30:5D:C7:B1:35:23:93:12
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB2E36300CEC11EFBF702F39017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.72.0/21
Signature Algorithm: sha256WithRSAEncryption
c0:f6:79:40:3e:55:db:96:d2:23:45:15:9d:c1:6c:c5:d4:71:
8b:ba:70:9b:67:08:65:ef:f9:4a:b3:ad:1a:24:ad:d5:e4:b9:
2f:11:37:b6:39:99:67:63:ef:1a:be:b3:7e:6f:79:03:28:0f:
2d:68:6a:35:bf:fe:4c:a6:7f:29:32:79:d4:f7:56:07:40:bd:
e3:df:ff:81:83:0f:d0:ab:8d:a7:93:e7:fa:1d:e1:7d:1f:19:
df:f2:09:5f:6f:2e:58:5f:a3:2c:47:49:09:df:01:6b:f5:5e:
f7:42:50:ee:ed:09:01:8e:38:d1:3b:62:10:97:ad:4d:52:f7:
a4:30:44:26:1c:d2:8f:07:2b:c2:13:b5:22:3a:88:58:c7:a6:
7f:95:4b:cd:d0:c2:df:34:a8:23:92:d0:97:08:c1:9d:34:05:
f2:64:cf:c7:8e:fc:5f:a4:13:ef:fd:60:a3:b8:82:22:31:04:
89:c0:34:81:98:2a:e6:81:c7:b1:bd:39:b5:1a:d5:a9:29:59:
ff:e6:49:d9:f4:eb:14:c7:34:c4:fb:99:27:b3:fe:65:af:48:
0a:e2:f1:8a:e4:57:15:c7:7d:4c:47:00:c3:22:83:3c:50:3b:
d2:40:e8:8c:bc:12:74:d0:b3:4f:dc:89:e9:c3:24:5d:02:bb:
ba:5c:92:aa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALWGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA4MDM0MTI3WhcNMjQwNTE4MDM0MTI3WjAYMRYw
FAYDVQQDEw02NjNhZjQ2YS02YjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzdihnAdRCC+V0IQgT5piDmHygDy7JrpzpOIj9+3lBhh4Rp41MbXushXq
fvyH5VOQCJM+cWcnjJW0yuZLhIK94oeDlYTujK2OJ16VXYQXs1FD7iCXe9kzQkz8
abXM3VXkLd/nz9z5djBh9gxz7Si36dYkWj36250TeqiWcjmPsMtUeMOoAkTKotZ4
Xx0NkHdqVojsaoZWt8hYZUYGIudZfJsxF40nnpt6l8bxBgYeSnbyt2riuhYYqJIT
SBlcej1vGgY1GdhJCYPuZVs4hs4rSXCDBJH1KsZZ2BnCnvR9lCPCe8SN+unx97r2
iJLOUYwHUAumrZFP5HgtwCWeIluAKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJI1
/mr1rVHSiVZwnzBdx7E1I5MSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQjJFMzYzMDBDRUMxMUVGQkY3MDJGMzkwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmspIMA0GCSqGSIb3DQEB
CwUAA4IBAQDA9nlAPlXbltIjRRWdwWzF1HGLunCbZwhl7/lKs60aJK3V5LkvETe2
OZlnY+8avrN+b3kDKA8taGo1v/5Mpn8pMnnU91YHQL3j3/+Bgw/Qq42nk+f6HeF9
Hxnf8glfby5YX6MsR0kJ3wFr9V73QlDu7QkBjjjRO2IQl61NUvekMEQmHNKPByvC
E7UiOohYx6Z/lUvN0MLfNKgjktCXCMGdNAXyZM/HjvxfpBPv/WCjuIIiMQSJwDSB
mCrmgcexvTm1GtWpKVn/5knZ9OsUxzTE+5kns/5lr0gK4vGK5FcVx31MRwDDIoM8
UDvSQOiMvBJ00LNP3InpwyRdAru6XJKq
-----END CERTIFICATE-----
Generated at Sun May 19 02:08:29 2024 by rpki-client on console-ams.rpki-client.org