Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20F4659C06D811EFA01DC533017001B1.roa
File: 20F4659C06D811EFA01DC533017001B1.roa (raw, json)
Hash identifier: KYKyPLd+XQQukNPZ+dCgi2YaVue191XAGhvf1e7Oemw=
Subject key identifier: E9:0F:50:EC:CC:C9:BE:C0:F9:EB:EF:7F:62:91:36:A6:02:1B:71:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B2DF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20F4659C06D811EFA01DC533017001B1.roa
Signing time: Tue 30 Apr 2024 09:58:01 +0000
ROA not before: Tue 30 Apr 2024 09:57:57 +0000
ROA not after: Tue 07 May 2024 09:57:57 +0000
asID: 138630
IP address blocks: 154.212.144.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45791 (0xb2df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 09:57:57 2024 GMT
Not After : May 7 09:57:57 2024 GMT
Subject: CN=6630c0a9-480c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d8:16:4d:41:e5:af:c9:09:c5:aa:fe:61:db:
e6:3e:b2:cb:87:49:9d:e1:33:4b:ae:48:4b:02:5f:
ff:7f:7d:e6:45:fb:9a:e2:c6:c8:bc:10:31:61:82:
ab:f7:80:84:ce:a5:1b:f3:02:c1:47:99:e8:20:b9:
5e:e0:33:74:e2:62:a7:49:62:46:50:72:ab:bf:08:
f4:a8:e0:0b:43:85:42:2f:4f:69:7b:58:d1:28:25:
d2:a5:a0:b5:e1:73:4e:09:84:69:a4:46:37:da:cf:
b1:17:03:21:d3:74:70:cb:73:db:f5:70:3a:45:02:
a6:d8:ac:77:c3:92:dd:52:42:7f:3c:58:91:8d:6b:
60:6e:1d:53:73:76:d8:93:29:ec:6b:52:c3:2a:e6:
d6:48:9f:26:71:43:49:a6:f9:d1:01:24:43:c1:ab:
19:92:1d:d5:4e:34:f3:1c:7a:5c:96:73:aa:e6:60:
68:e2:63:2f:6a:eb:9b:6d:bc:5f:70:d5:d3:1d:d0:
11:fd:7f:7b:d4:c6:4b:91:1e:f9:e4:c5:50:da:d4:
fb:34:cb:88:8b:87:8a:d1:e2:28:24:93:c5:f9:b1:
76:a8:c7:10:f2:68:30:0c:db:26:45:df:2f:5d:23:
54:9d:0a:e7:6e:bb:89:65:c3:0e:89:75:01:2a:04:
75:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:0F:50:EC:CC:C9:BE:C0:F9:EB:EF:7F:62:91:36:A6:02:1B:71:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20F4659C06D811EFA01DC533017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.144.0/20
Signature Algorithm: sha256WithRSAEncryption
15:59:06:e7:22:56:5a:cb:84:ee:13:e1:e3:a0:73:0d:35:27:
f2:7a:1b:9a:e1:e3:95:7a:79:1f:97:f4:49:77:3a:06:9a:6f:
2b:ad:02:f0:05:46:33:2f:1a:7e:b3:58:91:c8:d1:7a:7e:ac:
ea:af:5e:ad:c1:49:06:4a:cc:c7:3c:0c:93:49:76:13:c1:a2:
5b:c3:39:16:cc:95:e9:d7:fa:1d:da:f4:64:47:3f:8d:2e:6a:
13:1a:a7:04:96:91:0b:ef:10:a8:a3:a8:b3:f4:ef:2b:5f:e8:
a5:be:84:fa:59:e0:9a:e3:6d:20:f3:d7:7f:f0:27:7a:df:62:
37:15:98:e6:df:57:a3:67:a4:3f:b2:94:d5:5f:db:98:42:8a:
9b:8d:f3:2e:95:6c:b9:94:17:28:cf:64:7c:93:89:f5:84:53:
c7:9c:a2:62:be:6d:ec:d9:3b:37:d0:31:0e:81:48:7a:43:e4:
82:02:a3:0a:1c:c7:1e:8b:68:dc:0f:f6:54:b0:0f:66:ff:ad:
98:21:3f:7b:91:29:65:9e:e1:de:5c:ff:fc:56:43:20:0a:24:
eb:ac:bc:b2:f2:d0:02:cc:5b:4d:08:57:14:e6:6b:24:60:16:
72:f3:77:25:65:ca:ec:a7:96:70:90:ca:2e:13:bf:38:b2:3c:
be:ae:99:33
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALLfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDMwMDk1NzU3WhcNMjQwNTA3MDk1NzU3WjAYMRYw
FAYDVQQDEw02NjMwYzBhOS00ODBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq9gWTUHlr8kJxar+YdvmPrLLh0md4TNLrkhLAl//f33mRfua4sbIvBAx
YYKr94CEzqUb8wLBR5noILle4DN04mKnSWJGUHKrvwj0qOALQ4VCL09pe1jRKCXS
paC14XNOCYRppEY32s+xFwMh03Rwy3Pb9XA6RQKm2Kx3w5LdUkJ/PFiRjWtgbh1T
c3bYkynsa1LDKubWSJ8mcUNJpvnRASRDwasZkh3VTjTzHHpclnOq5mBo4mMvauub
bbxfcNXTHdAR/X971MZLkR755MVQ2tT7NMuIi4eK0eIoJJPF+bF2qMcQ8mgwDNsm
Rd8vXSNUnQrnbruJZcMOiXUBKgR1FwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOkP
UOzMyb7A+evvf2KRNqYCG3EzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMEY0NjU5QzA2RDgxMUVGQTAxREM1MzMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtSQMA0GCSqGSIb3DQEB
CwUAA4IBAQAVWQbnIlZay4TuE+HjoHMNNSfyehua4eOVenkfl/RJdzoGmm8rrQLw
BUYzLxp+s1iRyNF6fqzqr16twUkGSszHPAyTSXYTwaJbwzkWzJXp1/od2vRkRz+N
LmoTGqcElpEL7xCoo6iz9O8rX+ilvoT6WeCa420g89d/8Cd632I3FZjm31ejZ6Q/
spTVX9uYQoqbjfMulWy5lBcoz2R8k4n1hFPHnKJivm3s2Ts30DEOgUh6Q+SCAqMK
HMcei2jcD/ZUsA9m/62YIT97kSllnuHeXP/8VkMgCiTrrLyy8tACzFtNCFcU5msk
YBZy83clZcrsp5ZwkMouE784sjy+rpkz
-----END CERTIFICATE-----
Generated at Wed May 8 03:43:28 2024 by rpki-client on console-ams.rpki-client.org