Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/17BB50040EAC11EFA22065FB007001B1.roa
File: 17BB50040EAC11EFA22065FB007001B1.roa (raw, json)
Hash identifier: MbTbkhlGaTuXKJXJUN6NGvwgDH3UXdPnIAVXbCxq3BM=
Subject key identifier: E3:AD:AB:45:87:9E:86:4C:42:88:6C:37:5C:03:01:C8:9D:87:A3:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B686
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/17BB50040EAC11EFA22065FB007001B1.roa
Signing time: Fri 10 May 2024 09:02:57 +0000
ROA not before: Fri 10 May 2024 09:02:53 +0000
ROA not after: Mon 20 May 2024 09:02:53 +0000
asID: 142062
IP address blocks: 154.206.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46726 (0xb686)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 10 09:02:53 2024 GMT
Not After : May 20 09:02:53 2024 GMT
Subject: CN=663de2c1-d063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5e:13:57:07:94:9d:6e:c6:cf:eb:e0:e7:68:
df:bd:39:9a:c0:ec:1e:20:9b:26:63:09:a4:01:0e:
4d:2c:2b:3e:45:9b:e3:ff:9e:1c:4e:29:71:01:dd:
5f:d2:eb:31:a2:23:36:9a:e8:6d:7e:3f:5c:39:cc:
00:6e:55:e1:cb:23:48:be:ad:bc:51:7c:c9:32:cb:
16:6f:96:2b:91:b2:85:51:ee:88:75:9e:83:00:ae:
d4:a7:43:b6:1a:1d:56:22:a5:5e:5a:e2:9b:64:30:
63:dc:34:96:97:de:ad:c3:0b:ac:fd:b9:aa:7b:a2:
cc:e3:82:6f:2a:25:5d:2a:97:21:7c:5d:b3:a7:00:
24:9d:48:1c:1b:5b:12:5b:78:3d:a5:95:6b:a1:7f:
a6:24:ab:cb:02:b0:e9:8a:a0:fd:b6:99:6d:38:72:
f4:91:6b:44:0c:ac:2e:f2:38:9e:2d:c9:a4:59:75:
e7:f4:75:8e:54:72:26:b5:e1:36:49:93:99:90:ac:
d5:7c:4d:05:d3:b3:a9:c6:00:f7:a7:a4:86:41:0c:
e7:f0:53:cc:e7:bc:4e:63:7c:c0:c3:58:f0:2c:8e:
0c:95:13:ad:d6:f4:d5:86:0a:7e:49:78:88:4e:5f:
d0:42:9f:75:09:4a:16:d3:69:74:6d:47:0e:3d:5e:
df:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:AD:AB:45:87:9E:86:4C:42:88:6C:37:5C:03:01:C8:9D:87:A3:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/17BB50040EAC11EFA22065FB007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.221.0/24
Signature Algorithm: sha256WithRSAEncryption
28:16:db:53:92:63:31:c2:ac:4b:5c:97:97:33:68:2e:f1:93:
a0:c7:7b:64:4a:5c:51:f4:0c:6e:4c:1e:c8:e9:02:b6:61:fb:
af:5d:cb:0a:d6:aa:a7:ea:77:be:15:6b:f8:dc:59:a2:44:83:
9f:22:65:0e:81:a1:3f:73:ac:3e:82:f9:ec:e3:17:53:6e:d4:
a1:ee:47:1e:3f:e8:9a:2b:8c:78:56:a5:ba:ce:2d:05:c1:13:
15:8f:29:3d:fa:5c:06:ae:77:25:74:26:d8:fc:59:8c:55:94:
3a:96:b7:ad:d7:78:e5:bc:9a:9d:6b:d9:7a:bf:53:2c:ca:cb:
0c:65:35:c9:5b:a2:a2:11:0d:4f:0c:5b:02:40:2e:e8:34:98:
a8:b5:f7:d9:48:8f:b2:18:6d:f7:2c:7d:63:b9:48:36:e5:e7:
e3:01:85:5b:1f:9b:37:67:83:f7:52:31:59:06:3b:ff:6d:a5:
61:e8:c6:91:0c:d1:5d:94:9f:21:7f:46:c9:12:49:cd:fa:d6:
07:e5:50:54:3f:6a:27:70:e1:e6:8b:dd:36:43:22:55:f8:0e:
ef:ac:88:0f:c4:81:43:ec:07:b5:40:53:4a:8e:de:bd:a7:2d:
de:41:cf:20:1f:e4:f0:e0:42:57:ec:54:7d:d1:10:c7:49:06:
b9:8d:bc:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALaGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTEwMDkwMjUzWhcNMjQwNTIwMDkwMjUzWjAYMRYw
FAYDVQQDEw02NjNkZTJjMS1kMDYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0l4TVweUnW7Gz+vg52jfvTmawOweIJsmYwmkAQ5NLCs+RZvj/54cTilx
Ad1f0usxoiM2muhtfj9cOcwAblXhyyNIvq28UXzJMssWb5YrkbKFUe6IdZ6DAK7U
p0O2Gh1WIqVeWuKbZDBj3DSWl96twwus/bmqe6LM44JvKiVdKpchfF2zpwAknUgc
G1sSW3g9pZVroX+mJKvLArDpiqD9tpltOHL0kWtEDKwu8jieLcmkWXXn9HWOVHIm
teE2SZOZkKzVfE0F07OpxgD3p6SGQQzn8FPM57xOY3zAw1jwLI4MlROt1vTVhgp+
SXiITl/QQp91CUoW02l0bUcOPV7fMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOOt
q0WHnoZMQohsN1wDAcidh6M+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xN0JCNTAwNDBFQUMxMUVGQTIyMDY1RkIwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7dMA0GCSqGSIb3DQEB
CwUAA4IBAQAoFttTkmMxwqxLXJeXM2gu8ZOgx3tkSlxR9AxuTB7I6QK2YfuvXcsK
1qqn6ne+FWv43FmiRIOfImUOgaE/c6w+gvns4xdTbtSh7kceP+iaK4x4VqW6zi0F
wRMVjyk9+lwGrncldCbY/FmMVZQ6lret13jlvJqda9l6v1MsyssMZTXJW6KiEQ1P
DFsCQC7oNJiotffZSI+yGG33LH1juUg25efjAYVbH5s3Z4P3UjFZBjv/baVh6MaR
DNFdlJ8hf0bJEknN+tYH5VBUP2oncOHmi902QyJV+A7vrIgPxIFD7Ae1QFNKjt69
py3eQc8gH+Tw4EJX7FR90RDHSQa5jbyl
-----END CERTIFICATE-----
Generated at Tue May 21 02:40:32 2024 by rpki-client on console-ams.rpki-client.org