Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/140E7E50FADD11EE9D0B0808017001B1.roa
File: 140E7E50FADD11EE9D0B0808017001B1.roa (raw, json)
Hash identifier: 6ZH3xy1bJ40tdQS9P1Nm6rn01s/HBky4NcBUDn7Fokc=
Subject key identifier: 19:42:35:B0:D5:FD:3E:D0:21:10:53:1E:AB:66:A6:65:74:C0:95:89
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AC31
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/140E7E50FADD11EE9D0B0808017001B1.roa
Signing time: Mon 15 Apr 2024 04:03:13 +0000
ROA not before: Mon 15 Apr 2024 04:03:09 +0000
ROA not after: Wed 24 Apr 2024 04:03:09 +0000
asID: 142062
IP address blocks: 154.206.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44081 (0xac31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 04:03:09 2024 GMT
Not After : Apr 24 04:03:09 2024 GMT
Subject: CN=661ca701-2a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:78:62:af:e4:1c:26:ec:ef:58:c4:96:74:6d:
c4:67:ce:01:dc:bb:ba:31:94:eb:9b:48:85:90:53:
ce:05:38:2a:27:de:a3:b6:52:15:c4:e5:20:7d:bd:
ff:3f:9c:c5:e7:a9:1f:7b:87:64:a0:61:9b:95:03:
eb:0e:08:6e:5b:1a:c3:31:93:43:d9:fe:1e:f2:08:
0e:9a:bd:e2:b2:cd:91:f7:be:c4:82:00:e4:e3:4a:
b5:ea:e0:54:03:73:ff:f5:10:94:3a:43:93:5c:95:
02:05:8e:43:ab:48:a6:be:04:ab:f7:3e:b6:6b:70:
94:0e:f9:49:63:e0:b3:5b:e8:fc:8d:6e:6e:17:ae:
df:d5:94:e3:23:d3:a4:65:a2:81:9c:64:d0:7c:13:
60:85:e4:b4:21:42:2b:c2:ae:69:fb:a5:47:af:b4:
57:aa:5a:4b:3f:a6:8f:6b:10:41:f0:5a:e6:ca:ff:
1f:8a:94:5c:65:80:a3:3c:94:3a:02:e8:24:f3:56:
b9:db:35:42:06:e0:20:40:1c:4a:56:b7:47:02:40:
65:44:af:18:6e:bc:10:b8:87:f2:dd:65:87:fe:a3:
32:3f:f3:38:10:ed:b4:1d:1b:57:be:e4:cf:98:db:
da:3d:d1:1c:a1:6c:74:cd:73:ec:f8:3d:70:b7:f7:
38:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:42:35:B0:D5:FD:3E:D0:21:10:53:1E:AB:66:A6:65:74:C0:95:89
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/140E7E50FADD11EE9D0B0808017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.230.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:ae:f1:55:91:34:fd:24:8b:dc:06:97:a1:36:7a:aa:ce:ba:
c5:96:aa:e0:cf:0f:12:13:6e:98:b0:60:77:20:6c:f0:1f:3b:
41:b6:c3:ed:fb:5a:a1:ff:62:03:26:f8:e3:b8:2e:50:d3:45:
ef:c4:62:5e:f0:f2:dd:f6:f0:ba:d8:04:4d:e7:3a:af:59:0d:
ff:15:a1:31:35:c5:21:b3:c4:29:b4:bf:77:5d:54:cd:01:60:
ad:96:9f:6e:f1:eb:8b:5b:4a:cd:b5:34:b7:16:f5:b0:af:92:
c8:bb:6d:29:1a:5e:89:c3:25:59:4b:5a:45:74:c2:23:6a:fd:
d5:fd:a5:80:e3:ef:ef:0a:e4:16:1a:a1:40:98:a5:63:00:20:
69:b2:ac:a4:6a:43:48:00:35:47:56:a4:97:16:c6:6b:3f:c6:
cb:38:a8:8f:b0:0a:e9:f8:8e:26:ec:ec:c4:6f:2c:54:3b:ba:
44:5f:58:10:25:f0:ac:d9:08:26:10:dc:78:04:c4:4a:5e:be:
94:8f:d1:fd:e8:da:b0:17:2b:71:0c:06:2f:7c:0f:45:d4:a1:
84:61:5b:ef:29:e2:dc:64:c7:e8:43:4b:46:f2:78:c8:af:60:
6b:f7:0a:15:8f:fa:78:3f:87:95:13:1c:eb:d1:55:da:d5:d3:
03:71:3d:8d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKwxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDQwMzA5WhcNMjQwNDI0MDQwMzA5WjAYMRYw
FAYDVQQDEw02NjFjYTcwMS0yYTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwXhir+QcJuzvWMSWdG3EZ84B3Lu6MZTrm0iFkFPOBTgqJ96jtlIVxOUg
fb3/P5zF56kfe4dkoGGblQPrDghuWxrDMZND2f4e8ggOmr3iss2R977EggDk40q1
6uBUA3P/9RCUOkOTXJUCBY5Dq0imvgSr9z62a3CUDvlJY+CzW+j8jW5uF67f1ZTj
I9OkZaKBnGTQfBNgheS0IUIrwq5p+6VHr7RXqlpLP6aPaxBB8Frmyv8fipRcZYCj
PJQ6Augk81a52zVCBuAgQBxKVrdHAkBlRK8YbrwQuIfy3WWH/qMyP/M4EO20HRtX
vuTPmNvaPdEcoWx0zXPs+D1wt/c4gQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBlC
NbDV/T7QIRBTHqtmpmV0wJWJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNDBFN0U1MEZBREQxMUVFOUQwQjA4MDgwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7mMA0GCSqGSIb3DQEB
CwUAA4IBAQDDrvFVkTT9JIvcBpehNnqqzrrFlqrgzw8SE26YsGB3IGzwHztBtsPt
+1qh/2IDJvjjuC5Q00XvxGJe8PLd9vC62ARN5zqvWQ3/FaExNcUhs8QptL93XVTN
AWCtlp9u8euLW0rNtTS3FvWwr5LIu20pGl6JwyVZS1pFdMIjav3V/aWA4+/vCuQW
GqFAmKVjACBpsqykakNIADVHVqSXFsZrP8bLOKiPsArp+I4m7OzEbyxUO7pEX1gQ
JfCs2QgmENx4BMRKXr6Uj9H96NqwFytxDAYvfA9F1KGEYVvvKeLcZMfoQ0tG8njI
r2Br9woVj/p4P4eVExzr0VXa1dMDcT2N
-----END CERTIFICATE-----
Generated at Wed Apr 24 12:34:43 2024 by rpki-client on console-ams.rpki-client.org