Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F24239F806D311EF8F5F4A11017001B1.roa
File: F24239F806D311EF8F5F4A11017001B1.roa (raw, json)
Hash identifier: Q1wPLFlAhlFXrGYQGbMDD9Sv5May3hwcWZmzOVue8z0=
Subject key identifier: C4:AD:5B:2D:58:35:40:05:1F:34:FA:F7:33:BC:E4:F2:26:6E:EE:70
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B2C5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F24239F806D311EF8F5F4A11017001B1.roa
Signing time: Tue 30 Apr 2024 09:28:04 +0000
ROA not before: Tue 30 Apr 2024 09:28:01 +0000
ROA not after: Fri 10 May 2024 09:28:01 +0000
asID: 137443
IP address blocks: 154.218.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45765 (0xb2c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 09:28:01 2024 GMT
Not After : May 10 09:28:01 2024 GMT
Subject: CN=6630b9a4-59db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fb:88:27:28:c9:6d:0c:5e:f7:85:26:7f:66:
1e:5b:f7:05:51:ac:84:4c:3a:8b:9b:2b:11:58:42:
b4:17:a0:1a:bb:6b:10:6a:ca:f5:85:d9:53:38:da:
91:90:45:61:56:56:da:55:2d:da:5d:cd:9e:e3:57:
cc:08:a9:21:7a:78:de:6c:b4:3b:09:15:32:87:a5:
81:f8:49:a9:f0:42:c3:14:bc:c7:5e:dd:f3:3d:ec:
ca:fc:78:45:cd:cf:c8:07:58:3b:c0:0d:af:d7:23:
c5:4b:ab:71:f3:1f:db:3f:54:a1:da:78:10:7f:e0:
c3:8a:50:37:67:46:55:e9:34:8d:85:89:38:53:69:
d5:f2:9d:a4:80:3a:3b:01:ce:62:38:eb:73:d4:3f:
aa:c0:0d:8f:c5:2e:58:2b:7a:34:a3:bd:11:42:bf:
9f:58:d6:a8:aa:96:71:ae:53:ae:92:d3:41:b4:98:
d0:74:1d:f4:22:bd:db:c9:0c:be:11:95:23:28:b0:
4c:5b:9d:d3:3b:19:d3:df:ff:17:6b:a4:9c:39:aa:
62:83:ff:fd:64:bf:fa:b6:c0:b9:c4:c2:f3:d6:55:
42:d5:38:23:de:76:82:99:57:30:e6:47:1e:f5:7b:
12:9f:2d:98:f6:ac:a3:6a:26:ad:20:9d:1f:ad:91:
db:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AD:5B:2D:58:35:40:05:1F:34:FA:F7:33:BC:E4:F2:26:6E:EE:70
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F24239F806D311EF8F5F4A11017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.8.0/21
Signature Algorithm: sha256WithRSAEncryption
b9:bd:63:0b:3a:b5:6c:62:7d:9f:ea:2e:c4:10:e6:80:99:a5:
2d:7e:58:ae:c2:b7:5e:0e:85:e6:64:24:8e:00:4b:8a:28:38:
40:fb:cd:ac:17:2b:8c:76:bb:3a:c4:bd:f0:3a:7f:cb:57:50:
09:d3:d0:b3:8b:d0:d7:f0:de:da:d0:f0:38:d0:1e:48:f4:97:
4e:1d:e0:20:cf:f4:0b:2b:ea:9f:30:98:c5:39:f3:c3:46:61:
ff:14:86:11:53:48:1b:30:18:b6:c4:57:16:c8:2b:6a:2e:43:
29:c4:14:58:b3:6e:4d:aa:c8:19:88:a5:af:6c:5c:43:46:a4:
36:26:ed:2c:fb:29:bf:ba:cd:48:8f:fd:fd:72:5a:72:a8:7d:
cc:cd:36:eb:26:47:ee:af:b8:6e:fb:e7:24:ae:55:1f:a6:8a:
06:c3:65:45:92:10:72:7b:03:24:f1:16:1a:85:c0:68:88:94:
96:b5:a1:a3:df:73:e2:a3:00:b3:66:a2:08:1a:d7:7a:19:8d:
2b:ea:3d:5c:28:77:4e:12:69:4e:63:30:63:f4:89:34:31:19:
60:f8:a3:25:8e:59:63:b8:bb:3e:32:fb:1c:b4:78:be:7f:44:
ec:d2:b2:08:0f:6e:d8:53:fe:00:ec:3a:4d:f5:d8:0c:31:28:
4a:1f:b6:9c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALLFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDMwMDkyODAxWhcNMjQwNTEwMDkyODAxWjAYMRYw
FAYDVQQDEw02NjMwYjlhNC01OWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0/uIJyjJbQxe94Umf2YeW/cFUayETDqLmysRWEK0F6Aau2sQasr1hdlT
ONqRkEVhVlbaVS3aXc2e41fMCKkhenjebLQ7CRUyh6WB+Emp8ELDFLzHXt3zPezK
/HhFzc/IB1g7wA2v1yPFS6tx8x/bP1Sh2ngQf+DDilA3Z0ZV6TSNhYk4U2nV8p2k
gDo7Ac5iOOtz1D+qwA2PxS5YK3o0o70RQr+fWNaoqpZxrlOuktNBtJjQdB30Ir3b
yQy+EZUjKLBMW53TOxnT3/8Xa6ScOapig//9ZL/6tsC5xMLz1lVC1Tgj3naCmVcw
5kce9XsSny2Y9qyjaiatIJ0frZHbHwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMSt
Wy1YNUAFHzT69zO85PImbu5wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMjQyMzlGODA2RDMxMUVGOEY1RjRBMTEwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtoIMA0GCSqGSIb3DQEB
CwUAA4IBAQC5vWMLOrVsYn2f6i7EEOaAmaUtfliuwrdeDoXmZCSOAEuKKDhA+82s
FyuMdrs6xL3wOn/LV1AJ09Czi9DX8N7a0PA40B5I9JdOHeAgz/QLK+qfMJjFOfPD
RmH/FIYRU0gbMBi2xFcWyCtqLkMpxBRYs25NqsgZiKWvbFxDRqQ2Ju0s+ym/us1I
j/39clpyqH3MzTbrJkfur7hu++ckrlUfpooGw2VFkhByewMk8RYahcBoiJSWtaGj
33PiowCzZqIIGtd6GY0r6j1cKHdOEmlOYzBj9Ik0MRlg+KMljlljuLs+MvsctHi+
f0Ts0rIID27YU/4A7DpN9dgMMShKH7ac
-----END CERTIFICATE-----
Generated at Fri May 10 13:38:25 2024 by rpki-client on console-fra.rpki-client.org