Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/30A3EC9EFAE211EE9998492F017001B1.roa
File: 30A3EC9EFAE211EE9998492F017001B1.roa (raw, json)
Hash identifier: l8/Aq1nm2l9ZqzARKruTSMejwZGNZYSuDCZt5dUmPeU=
Subject key identifier: 8F:A8:6B:29:67:A4:83:3C:C6:0D:BE:99:CF:51:5C:83:5E:2D:34:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AC50
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/30A3EC9EFAE211EE9998492F017001B1.roa
Signing time: Mon 15 Apr 2024 04:39:48 +0000
ROA not before: Mon 15 Apr 2024 04:39:45 +0000
ROA not after: Wed 24 Apr 2024 04:39:45 +0000
asID: 142062
IP address blocks: 154.206.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44112 (0xac50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 04:39:45 2024 GMT
Not After : Apr 24 04:39:45 2024 GMT
Subject: CN=661caf94-92c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:68:ee:a7:25:e7:69:d1:56:e4:2c:b5:3b:77:
eb:2b:d2:02:d4:92:56:65:ff:f4:99:85:89:55:26:
59:ff:e0:24:e0:ef:fe:57:77:bf:9b:da:43:ff:64:
21:34:5b:d8:d4:3c:b1:a3:35:a5:ab:81:98:18:0c:
34:31:b1:61:61:1b:a9:dc:2b:cb:c8:48:db:da:71:
6d:b9:f8:22:22:e2:59:c5:ee:68:3f:6a:d5:fb:ef:
da:6d:7c:fe:5e:a7:89:72:6f:e3:e3:7d:26:cb:0d:
4e:9f:0a:02:f7:8a:2b:d7:c9:84:7c:55:2f:bf:95:
95:1f:db:75:49:ae:93:cb:af:45:e5:21:55:05:12:
52:e8:2e:7f:6e:47:b0:ab:fa:18:0c:d2:f5:4a:d9:
d6:a6:b0:c7:6c:cf:fb:63:69:b3:8c:bb:75:18:c8:
97:8c:69:54:29:2d:2a:19:6f:e2:34:0e:0e:ce:85:
4b:51:a6:24:f6:c0:60:54:74:98:ca:cc:69:7e:b2:
14:b9:88:b1:67:a3:5f:5f:26:2f:5e:01:57:40:29:
9c:96:19:24:a6:20:46:45:56:da:d6:3d:fc:39:9d:
b0:9a:db:39:af:38:a2:0c:2f:5b:e7:6f:2b:3f:2e:
b7:e3:4d:4f:a3:f4:61:bd:bd:4f:27:89:91:b5:1e:
7d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:A8:6B:29:67:A4:83:3C:C6:0D:BE:99:CF:51:5C:83:5E:2D:34:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/30A3EC9EFAE211EE9998492F017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.224.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:34:6b:db:f7:25:fd:08:58:cb:04:ff:c7:84:68:8d:5e:78:
87:7b:fd:78:5b:3e:ab:b1:09:f2:01:86:9a:21:f1:43:f2:a1:
0f:39:95:54:4b:ec:15:25:29:c7:14:ae:d6:36:05:1a:f6:73:
9c:e5:22:17:ae:54:1b:b9:a2:ca:46:10:27:47:57:3c:f0:bb:
c6:b1:dd:f0:73:51:b9:3e:2f:32:9d:cd:84:90:95:6e:da:d3:
92:3b:af:b2:08:8f:bb:eb:55:39:15:14:84:6c:cd:92:e2:4c:
e4:e6:de:0e:68:20:8a:aa:99:86:d4:d4:ec:03:5b:8f:ea:1e:
1e:c0:c0:9f:c8:1a:80:a7:3e:16:9b:68:b8:be:2a:34:95:4f:
37:a8:94:0b:b2:e9:2b:50:33:ab:6e:19:d8:66:d2:d8:06:8c:
2c:e0:c5:77:f5:68:33:53:5d:b4:c1:62:59:18:6b:06:dd:c4:
c8:77:14:c7:c9:d4:e2:85:e1:a2:ce:6a:4e:c4:b8:98:c8:1e:
16:87:f2:af:ee:1f:36:ea:4f:0e:35:4f:a1:4e:20:76:e3:29:
ab:f5:20:19:e8:bb:a0:02:72:1a:f6:21:68:92:73:ad:c8:51:
fa:76:3d:a8:7a:38:04:78:c6:9e:72:17:f4:e7:53:5e:b8:43:
c2:cf:60:e6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKxQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDQzOTQ1WhcNMjQwNDI0MDQzOTQ1WjAYMRYw
FAYDVQQDEw02NjFjYWY5NC05MmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1WjupyXnadFW5Cy1O3frK9IC1JJWZf/0mYWJVSZZ/+Ak4O/+V3e/m9pD
/2QhNFvY1DyxozWlq4GYGAw0MbFhYRup3CvLyEjb2nFtufgiIuJZxe5oP2rV++/a
bXz+XqeJcm/j430myw1OnwoC94or18mEfFUvv5WVH9t1Sa6Ty69F5SFVBRJS6C5/
bkewq/oYDNL1StnWprDHbM/7Y2mzjLt1GMiXjGlUKS0qGW/iNA4OzoVLUaYk9sBg
VHSYysxpfrIUuYixZ6NfXyYvXgFXQCmclhkkpiBGRVba1j38OZ2wmts5rziiDC9b
528rPy63401Po/Rhvb1PJ4mRtR59BwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI+o
aylnpIM8xg2+mc9RXINeLTTYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMEEzRUM5RUZBRTIxMUVFOTk5ODQ5MkYwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7gMA0GCSqGSIb3DQEB
CwUAA4IBAQB8NGvb9yX9CFjLBP/HhGiNXniHe/14Wz6rsQnyAYaaIfFD8qEPOZVU
S+wVJSnHFK7WNgUa9nOc5SIXrlQbuaLKRhAnR1c88LvGsd3wc1G5Pi8ync2EkJVu
2tOSO6+yCI+761U5FRSEbM2S4kzk5t4OaCCKqpmG1NTsA1uP6h4ewMCfyBqApz4W
m2i4vio0lU83qJQLsukrUDOrbhnYZtLYBows4MV39WgzU120wWJZGGsG3cTIdxTH
ydTiheGizmpOxLiYyB4Wh/Kv7h826k8ONU+hTiB24ymr9SAZ6LugAnIa9iFoknOt
yFH6dj2oejgEeMaechf051NeuEPCz2Dm
-----END CERTIFICATE-----
Generated at Wed Apr 24 09:55:38 2024 by rpki-client on console-fra.rpki-client.org