Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD12680C0DC511EFA0B20923017001B1.roa
File: DD12680C0DC511EFA0B20923017001B1.roa (raw, json)
Hash identifier: Verc7RWGCAvJ+91X3eHdmu/M01O4xbVVTsxBvFH17qU=
Subject key identifier: 2B:3B:B1:C0:EF:38:4E:32:5C:B9:A2:54:31:38:F8:EE:FA:D4:FE:71
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B5EF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD12680C0DC511EFA0B20923017001B1.roa
Signing time: Thu 09 May 2024 05:34:54 +0000
ROA not before: Thu 09 May 2024 05:34:50 +0000
ROA not after: Sun 19 May 2024 05:34:50 +0000
asID: 5065
IP address blocks: 154.94.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46575 (0xb5ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 9 05:34:50 2024 GMT
Not After : May 19 05:34:50 2024 GMT
Subject: CN=663c607e-8612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ab:d8:9b:f3:b9:04:dc:7d:d6:56:60:dd:21:
ae:81:14:16:77:91:4f:0a:6b:f9:47:50:c1:a6:df:
c2:65:34:2e:66:0c:a1:d1:f9:8d:9b:b0:35:eb:86:
64:39:f8:75:1e:72:1f:b0:96:2a:f7:e5:13:79:b6:
ae:59:f7:76:06:c8:09:25:64:42:d6:66:b7:fa:73:
6e:68:ba:59:df:41:b3:89:74:9c:c7:ad:26:62:f0:
10:7f:c9:c7:5b:22:6c:37:5c:06:19:46:5a:06:c2:
7c:99:d7:23:df:8e:f2:b8:d3:d3:7e:73:03:26:ef:
e5:aa:24:b0:3c:92:de:7d:2d:bd:46:82:75:95:e3:
0b:fc:dd:c1:7d:a0:16:6f:ea:35:f9:f1:4d:93:14:
bc:ed:0b:3b:5d:b3:13:6d:a2:8e:a1:9f:35:c2:b8:
34:ef:62:1c:23:24:be:9e:a9:7c:6f:03:33:cb:2b:
37:37:ac:cf:cb:3e:b0:19:fa:40:57:29:89:55:2c:
43:a0:cf:1f:d7:50:91:b6:29:d4:b4:c1:a5:c8:0a:
ef:46:03:cc:83:6a:6b:c0:7d:c5:28:ad:c3:52:9a:
e1:7a:11:e0:e2:d9:90:0a:43:ec:66:65:46:78:5c:
9f:ad:5a:87:7c:b3:3f:ec:82:3c:0f:af:9c:66:c0:
fc:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:3B:B1:C0:EF:38:4E:32:5C:B9:A2:54:31:38:F8:EE:FA:D4:FE:71
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD12680C0DC511EFA0B20923017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.41.0/24
Signature Algorithm: sha256WithRSAEncryption
89:e8:e8:3b:77:12:62:52:1a:d7:04:86:3b:bc:6f:99:0a:c8:
da:7f:0f:61:c6:91:46:dc:90:e4:15:f4:d9:1c:00:f8:31:b2:
db:c7:1c:2d:a3:c6:e9:0d:cf:a8:62:28:27:fb:5c:74:26:6f:
b6:9f:71:1d:db:42:25:c9:64:44:90:68:68:0a:28:53:53:2d:
a2:29:e8:19:1f:7f:0b:d6:78:d7:5a:47:a5:43:2d:0b:49:bd:
86:02:b6:a4:59:a7:f1:ae:3a:1f:71:fd:91:94:0f:4e:56:2e:
13:1f:77:56:41:af:d7:10:fa:73:aa:a1:b2:08:a5:26:ee:3f:
78:c4:2a:25:e8:ad:eb:ba:a5:34:64:7e:a4:53:82:d5:bc:2f:
9e:e8:3f:a0:5d:77:29:69:4d:97:0b:9a:21:fb:9c:fa:e3:f4:
0a:8e:35:9f:7b:8e:7a:b7:9e:84:09:bf:12:12:fc:e2:67:66:
ba:f6:18:4b:95:61:18:00:97:e2:84:84:7c:63:17:a2:1c:f9:
a5:77:80:3d:19:45:b9:57:82:14:36:a5:57:14:3e:ae:68:97:
04:61:c1:a3:9c:3a:17:3d:68:5a:96:6d:07:5b:7f:54:2b:c8:
e9:fc:aa:6c:6d:14:f8:d4:a4:69:32:a2:ec:05:fb:d8:54:2b:
8a:d4:e6:63
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALXvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA5MDUzNDUwWhcNMjQwNTE5MDUzNDUwWjAYMRYw
FAYDVQQDEw02NjNjNjA3ZS04NjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu6vYm/O5BNx91lZg3SGugRQWd5FPCmv5R1DBpt/CZTQuZgyh0fmNm7A1
64ZkOfh1HnIfsJYq9+UTebauWfd2BsgJJWRC1ma3+nNuaLpZ30GziXScx60mYvAQ
f8nHWyJsN1wGGUZaBsJ8mdcj347yuNPTfnMDJu/lqiSwPJLefS29RoJ1leML/N3B
faAWb+o1+fFNkxS87Qs7XbMTbaKOoZ81wrg072IcIyS+nql8bwMzyys3N6zPyz6w
GfpAVymJVSxDoM8f11CRtinUtMGlyArvRgPMg2prwH3FKK3DUprhehHg4tmQCkPs
ZmVGeFyfrVqHfLM/7II8D6+cZsD8QQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCs7
scDvOE4yXLmiVDE4+O761P5xMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERDEyNjgwQzBEQzUxMUVGQTBCMjA5MjMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4pMA0GCSqGSIb3DQEB
CwUAA4IBAQCJ6Og7dxJiUhrXBIY7vG+ZCsjafw9hxpFG3JDkFfTZHAD4MbLbxxwt
o8bpDc+oYign+1x0Jm+2n3Ed20IlyWREkGhoCihTUy2iKegZH38L1njXWkelQy0L
Sb2GArakWafxrjofcf2RlA9OVi4TH3dWQa/XEPpzqqGyCKUm7j94xCol6K3ruqU0
ZH6kU4LVvC+e6D+gXXcpaU2XC5oh+5z64/QKjjWfe456t56ECb8SEvziZ2a69hhL
lWEYAJfihIR8YxeiHPmld4A9GUW5V4IUNqVXFD6uaJcEYcGjnDoXPWhalm0HW39U
K8jp/KpsbRT41KRpMqLsBfvYVCuK1OZj
-----END CERTIFICATE-----
Generated at Mon May 20 01:57:49 2024 by rpki-client on console-fra.rpki-client.org