Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21D921FC7F0D11EF80DA1746762E951A.roa
File: 21D921FC7F0D11EF80DA1746762E951A.roa (raw, json)
Hash identifier: K8+txQvpROKPTqgQF+pw1CXbFAql1+xtFILoJPHDqQ4=
Subject key identifier: F9:BC:C7:54:7A:25:F5:5C:95:B0:51:B9:D2:A8:80:E5:D4:07:92:AE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: F5AA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21D921FC7F0D11EF80DA1746762E951A.roa
Signing time: Mon 30 Sep 2024 09:19:45 +0000
ROA not before: Mon 30 Sep 2024 09:19:42 +0000
ROA not after: Thu 21 Nov 2024 09:19:42 +0000
asID: 63139
IP address blocks: 154.194.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62890 (0xf5aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 30 09:19:42 2024 GMT
Not After : Nov 21 09:19:42 2024 GMT
Subject: CN=66fa6d31-7fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7d:dc:ed:64:54:8b:f0:35:f0:d2:a6:0b:d1:
89:98:ec:51:99:80:3e:cb:cc:8f:a1:27:68:89:f9:
bc:e6:54:03:4f:f7:04:c9:ed:1b:89:c9:0a:84:8e:
90:d8:7e:f0:bd:cb:e8:18:7e:7a:f8:bc:c3:07:7a:
f5:72:14:e6:8b:26:77:2f:e2:ce:53:42:f0:db:44:
7a:0b:65:30:a0:a6:fb:06:56:4a:ff:26:fa:1e:d5:
81:3a:22:93:a5:dc:7c:86:92:84:ac:22:ad:89:2f:
58:35:7e:b3:a7:a3:93:8e:c0:ec:92:fe:aa:d0:7d:
fc:28:cc:1a:cd:17:fa:9b:66:c0:01:45:f3:d7:f4:
8e:cd:58:cd:22:42:99:23:a9:5b:e6:31:eb:59:02:
5a:59:0f:4f:85:a9:04:c5:65:c3:51:41:dd:68:2c:
e8:e6:3c:59:64:83:1b:d4:94:e7:b7:69:50:ba:f1:
c9:8f:48:6f:6c:52:9d:dd:db:b6:b4:6a:cd:de:4a:
05:6b:61:b7:fa:8d:07:80:a1:28:ab:2e:7e:b3:11:
22:9b:b7:18:1e:83:93:76:b4:56:a7:c1:cc:8c:5a:
d0:e6:08:20:81:a2:af:51:4c:bf:1c:40:c3:ff:c8:
43:79:5a:63:88:95:b8:64:8b:94:7e:82:3e:0d:f8:
b6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:BC:C7:54:7A:25:F5:5C:95:B0:51:B9:D2:A8:80:E5:D4:07:92:AE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21D921FC7F0D11EF80DA1746762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.68.0/24
Signature Algorithm: sha256WithRSAEncryption
38:28:24:7f:4e:1d:4b:57:2c:52:f5:b1:4c:d2:b7:5d:41:94:
2e:6b:93:31:b6:5b:8c:1d:9d:1e:4a:73:8e:5b:73:81:e1:b5:
e4:cf:4b:56:2f:8e:ea:0e:c9:a8:b8:3f:98:06:c3:7d:9b:2f:
68:29:da:dd:cc:e3:4f:47:60:2f:3b:b5:51:4d:19:1a:f9:5b:
6e:fa:46:f8:dd:ca:3c:06:67:13:60:20:a8:3f:62:f2:ca:90:
42:03:47:97:ff:f2:c5:cc:6e:df:d9:86:6d:21:93:ca:59:5a:
09:8c:cf:4d:76:11:66:6e:aa:fd:db:5a:a8:7c:a8:ac:b5:3a:
e1:d5:af:aa:e5:d7:99:ea:b9:9b:2e:ee:5c:bd:5b:4e:ef:61:
be:25:15:1e:44:9e:7d:18:1f:4c:bc:e6:c2:ed:a0:33:cf:e5:
eb:24:79:2a:ab:2b:eb:a6:39:ff:ab:d0:a3:b6:aa:40:e2:e4:
80:c3:f9:37:4f:c8:45:fd:bb:78:1a:4e:2c:78:35:51:f8:13:
7f:36:66:10:ab:6e:a9:a4:02:6a:3d:9d:f0:6b:f9:00:3c:68:
2c:1e:83:73:46:6d:ba:99:da:77:3b:d2:fa:d7:6f:38:c3:eb:
60:1c:eb:e8:67:44:2c:c0:c3:a2:17:08:28:49:02:4a:79:74:
06:62:aa:88
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAPWqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTMwMDkxOTQyWhcNMjQxMTIxMDkxOTQyWjAYMRYw
FAYDVQQDEw02NmZhNmQzMS03ZmIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3n3c7WRUi/A18NKmC9GJmOxRmYA+y8yPoSdoifm85lQDT/cEye0bickK
hI6Q2H7wvcvoGH56+LzDB3r1chTmiyZ3L+LOU0Lw20R6C2UwoKb7BlZK/yb6HtWB
OiKTpdx8hpKErCKtiS9YNX6zp6OTjsDskv6q0H38KMwazRf6m2bAAUXz1/SOzVjN
IkKZI6lb5jHrWQJaWQ9PhakExWXDUUHdaCzo5jxZZIMb1JTnt2lQuvHJj0hvbFKd
3du2tGrN3koFa2G3+o0HgKEoqy5+sxEim7cYHoOTdrRWp8HMjFrQ5ggggaKvUUy/
HEDD/8hDeVpjiJW4ZIuUfoI+Dfi2YQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPm8
x1R6JfVclbBRudKogOXUB5KuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMUQ5MjFGQzdGMEQxMUVGODBEQTE3NDY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJEMA0GCSqGSIb3DQEB
CwUAA4IBAQA4KCR/Th1LVyxS9bFM0rddQZQua5MxtluMHZ0eSnOOW3OB4bXkz0tW
L47qDsmouD+YBsN9my9oKdrdzONPR2AvO7VRTRka+Vtu+kb43co8BmcTYCCoP2Ly
ypBCA0eX//LFzG7f2YZtIZPKWVoJjM9NdhFmbqr921qofKistTrh1a+q5deZ6rmb
Lu5cvVtO72G+JRUeRJ59GB9MvObC7aAzz+XrJHkqqyvrpjn/q9CjtqpA4uSAw/k3
T8hF/bt4Gk4seDVR+BN/NmYQq26ppAJqPZ3wa/kAPGgsHoNzRm26mdp3O9L61284
w+tgHOvoZ0QswMOiFwgoSQJKeXQGYqqI
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:47:22 2024 by rpki-client on console-fra.rpki-client.org