Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10D1FA780EAB11EFBE9F5D6F017001B1.roa
File: 10D1FA780EAB11EFBE9F5D6F017001B1.roa (raw, json)
Hash identifier: JCg3zdBiLEaEL+qHzvkhsLU5JcMwDaE0hMsn7Fd5dOE=
Subject key identifier: 61:94:71:A3:60:CA:7C:C6:C4:31:75:C0:F5:A7:9C:D8:E7:31:A9:44
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B678
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10D1FA780EAB11EFBE9F5D6F017001B1.roa
Signing time: Fri 10 May 2024 08:55:36 +0000
ROA not before: Fri 10 May 2024 08:55:32 +0000
ROA not after: Mon 20 May 2024 08:55:32 +0000
asID: 142062
IP address blocks: 154.206.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46712 (0xb678)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 10 08:55:32 2024 GMT
Not After : May 20 08:55:32 2024 GMT
Subject: CN=663de108-2d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b3:0f:9f:d8:db:9f:4d:83:b7:dd:49:f3:c1:
ad:4c:cc:bb:2f:60:5c:55:88:50:33:c8:4e:8f:a6:
77:7b:c7:74:2a:b5:11:eb:8e:48:68:c9:96:6d:42:
e2:5d:43:65:9a:86:e9:7a:4d:b5:06:90:3c:ce:e9:
96:95:5f:2c:72:52:ce:d0:31:b3:ea:b7:f2:1c:06:
1f:8f:86:35:e2:6d:45:b5:2b:39:a0:52:ef:81:65:
ec:9c:8f:3b:8c:38:75:47:10:92:8c:6c:b1:81:ea:
dd:e0:fd:59:04:ad:e6:27:18:02:f3:ad:1f:51:cc:
24:0e:30:d1:64:94:31:ea:90:87:2e:73:0c:21:e1:
4b:eb:a5:08:e5:e5:1c:62:bc:fb:6b:9b:80:ff:ab:
fc:33:2d:d4:33:be:74:be:5d:bf:7e:25:bc:f0:4c:
69:96:ff:01:d1:70:77:5e:16:6c:5c:fe:d3:5f:1f:
56:2c:39:b4:61:af:10:19:ed:12:aa:6e:1c:74:db:
d2:d8:a6:75:20:14:a0:44:f2:89:11:13:ab:b8:f2:
21:0b:56:6b:1f:99:cd:0a:37:b2:38:7e:6a:43:fa:
c5:d6:cd:77:36:34:b0:a8:04:d7:fe:90:e7:8b:39:
80:ef:2f:6f:d1:0f:4d:a9:74:9b:f0:96:9f:23:3c:
98:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:94:71:A3:60:CA:7C:C6:C4:31:75:C0:F5:A7:9C:D8:E7:31:A9:44
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10D1FA780EAB11EFBE9F5D6F017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.212.0/24
Signature Algorithm: sha256WithRSAEncryption
26:0a:14:f4:3f:eb:2c:be:22:a6:6e:6c:15:7a:5e:2d:6c:a8:
b7:63:6b:1b:92:f7:6f:f0:d8:27:46:4f:06:13:c0:fd:40:12:
31:b5:4a:32:c8:6c:42:34:0c:07:c1:54:20:66:95:ab:89:59:
74:44:90:6a:ab:59:24:0c:03:cc:15:ae:ce:27:fe:6e:0a:07:
85:1a:ae:be:a5:ea:c8:c0:66:76:dd:3e:3f:83:65:b0:db:3d:
b6:95:8b:00:c8:ad:08:62:ea:95:06:76:df:35:09:34:44:08:
c4:4d:3f:fc:17:04:40:cd:71:76:be:1a:ec:a3:80:1e:5c:00:
76:68:3b:58:24:59:ac:d3:97:01:58:94:3e:c5:f0:44:6b:aa:
6b:29:71:13:d5:11:b5:8b:66:fc:ef:fe:c3:8c:36:84:11:06:
9d:ce:00:25:73:19:a5:ab:03:5a:d3:6b:18:4b:3e:14:0e:a6:
4e:ad:9d:f2:15:9f:9d:47:c3:1d:c2:9b:41:2f:b9:f4:05:ce:
7a:97:e6:02:dd:d6:2b:a2:44:20:16:86:9c:48:4f:01:05:e4:
c1:c6:88:e6:55:0b:12:04:ae:56:63:67:80:c7:0c:fd:55:a1:
f3:4a:56:3e:61:69:c9:75:ce:c5:70:3c:b7:ee:0e:3d:6d:74:
5d:9b:6a:8a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALZ4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTEwMDg1NTMyWhcNMjQwNTIwMDg1NTMyWjAYMRYw
FAYDVQQDEw02NjNkZTEwOC0yZDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr7MPn9jbn02Dt91J88GtTMy7L2BcVYhQM8hOj6Z3e8d0KrUR645IaMmW
bULiXUNlmobpek21BpA8zumWlV8sclLO0DGz6rfyHAYfj4Y14m1FtSs5oFLvgWXs
nI87jDh1RxCSjGyxgerd4P1ZBK3mJxgC860fUcwkDjDRZJQx6pCHLnMMIeFL66UI
5eUcYrz7a5uA/6v8My3UM750vl2/fiW88Explv8B0XB3XhZsXP7TXx9WLDm0Ya8Q
Ge0Sqm4cdNvS2KZ1IBSgRPKJEROruPIhC1ZrH5nNCjeyOH5qQ/rF1s13NjSwqATX
/pDnizmA7y9v0Q9NqXSb8JafIzyYQwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGGU
caNgynzGxDF1wPWnnNjnMalEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMEQxRkE3ODBFQUIxMUVGQkU5RjVENkYwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7UMA0GCSqGSIb3DQEB
CwUAA4IBAQAmChT0P+ssviKmbmwVel4tbKi3Y2sbkvdv8NgnRk8GE8D9QBIxtUoy
yGxCNAwHwVQgZpWriVl0RJBqq1kkDAPMFa7OJ/5uCgeFGq6+perIwGZ23T4/g2Ww
2z22lYsAyK0IYuqVBnbfNQk0RAjETT/8FwRAzXF2vhrso4AeXAB2aDtYJFms05cB
WJQ+xfBEa6prKXET1RG1i2b87/7DjDaEEQadzgAlcxmlqwNa02sYSz4UDqZOrZ3y
FZ+dR8MdwptBL7n0Bc56l+YC3dYrokQgFoacSE8BBeTBxojmVQsSBK5WY2eAxwz9
VaHzSlY+YWnJdc7FcDy37g49bXRdm2qK
-----END CERTIFICATE-----
Generated at Tue May 21 02:40:32 2024 by rpki-client on console-ams.rpki-client.org