Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/338FB4F4FADA11EE92BBBF6B017001B1.roa
File: 338FB4F4FADA11EE92BBBF6B017001B1.roa (raw, json)
Hash identifier: MU55JpHmLfRQNIQcsmjDKPw4m6r4HbaUR6tqmVJrGJ4=
Subject key identifier: 50:62:36:3E:1C:C7:6A:29:02:74:26:4B:49:2D:BF:EF:56:94:44:20
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AC0B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/338FB4F4FADA11EE92BBBF6B017001B1.roa
Signing time: Mon 15 Apr 2024 03:42:37 +0000
ROA not before: Mon 15 Apr 2024 03:42:34 +0000
ROA not after: Wed 24 Apr 2024 03:42:34 +0000
asID: 142062
IP address blocks: 154.206.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44043 (0xac0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 03:42:34 2024 GMT
Not After : Apr 24 03:42:34 2024 GMT
Subject: CN=661ca22d-6c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fa:86:d9:17:3a:06:39:d8:8a:cf:0a:31:d7:
90:7c:12:31:7c:51:bf:bb:6c:c5:49:a3:fc:f7:1d:
db:a8:a1:23:51:49:29:ac:d7:cc:dc:f8:c1:7b:f7:
8e:75:73:b4:e1:4f:91:6c:75:70:e1:e8:b2:b1:2a:
96:d2:f9:94:bf:4b:a3:d7:00:29:19:07:4c:b1:4e:
25:f8:37:9f:f2:de:fa:a2:0d:27:37:ce:3c:f1:a0:
c9:14:1b:ab:94:10:55:07:f7:c6:ca:4b:37:dd:a7:
ce:52:d7:be:5c:86:c2:b1:c8:2f:4f:34:4c:b8:53:
c5:e9:d2:5a:18:e4:06:d1:fc:5f:40:02:4e:d2:74:
9c:a9:aa:b8:a8:21:9c:93:22:17:0a:a0:c0:46:bc:
77:e3:9b:b3:13:48:10:6f:67:2f:4a:de:72:15:14:
90:8f:96:f7:16:11:a4:a7:74:81:b7:97:ed:07:56:
f0:66:dd:b7:63:ac:dd:19:c1:98:69:3a:de:42:0f:
80:75:fc:56:1c:46:7e:e7:35:04:05:47:3c:b7:5b:
6c:df:0f:aa:4b:04:ea:e9:44:d4:08:cd:7c:64:92:
45:18:c8:d0:ce:f9:30:14:a3:8e:2e:63:63:81:98:
1d:f0:ee:9d:7c:f4:64:56:b3:ed:4e:88:97:93:ed:
3a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:62:36:3E:1C:C7:6A:29:02:74:26:4B:49:2D:BF:EF:56:94:44:20
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/338FB4F4FADA11EE92BBBF6B017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.211.0/24
Signature Algorithm: sha256WithRSAEncryption
03:bb:43:d3:9d:b5:f4:1a:90:ae:61:68:58:d5:b1:7c:ba:a1:
28:31:19:ee:26:94:0b:c7:41:e4:92:2f:ca:74:b8:ee:a5:03:
ce:de:95:7d:32:a6:e9:8c:28:94:f6:bc:66:e4:87:d4:e6:df:
0d:cf:d5:37:0f:4f:11:52:ec:a2:2f:2c:4e:39:5a:87:1b:0a:
d1:78:99:e3:5f:d3:16:cd:c0:0b:33:61:52:50:86:3d:1b:bb:
b8:55:18:7f:3a:34:13:0a:1d:bf:0a:91:09:89:9f:13:34:be:
4c:1b:07:a8:08:82:5a:b2:eb:22:3b:5b:ff:c0:a5:06:5e:2f:
8d:d7:59:53:c1:b1:63:70:a2:84:7d:91:ea:c2:7a:72:f1:92:
de:0d:4a:5d:0c:35:64:1a:44:97:91:5f:cb:5f:8e:64:49:b1:
84:72:31:a0:4e:fd:1b:ad:84:b5:7c:e9:94:33:f6:26:94:7a:
f8:9c:6b:2d:fe:86:0b:7b:df:1c:c1:c9:7a:22:49:89:bc:7a:
1f:01:f9:84:d0:2e:8f:ba:4c:98:2d:6c:12:d0:4c:ca:b7:02:
f9:3b:18:e4:a4:31:d9:c6:4e:e5:4e:90:f2:5b:d8:b1:c5:55:
f4:e9:b1:1d:a7:a9:6a:59:1a:e2:fe:80:ea:08:6d:04:01:6b:
c7:c4:2d:39
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKwLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDM0MjM0WhcNMjQwNDI0MDM0MjM0WjAYMRYw
FAYDVQQDEw02NjFjYTIyZC02YzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtPqG2Rc6BjnYis8KMdeQfBIxfFG/u2zFSaP89x3bqKEjUUkprNfM3PjB
e/eOdXO04U+RbHVw4eiysSqW0vmUv0uj1wApGQdMsU4l+Def8t76og0nN8488aDJ
FBurlBBVB/fGyks33afOUte+XIbCscgvTzRMuFPF6dJaGOQG0fxfQAJO0nScqaq4
qCGckyIXCqDARrx345uzE0gQb2cvSt5yFRSQj5b3FhGkp3SBt5ftB1bwZt23Y6zd
GcGYaTreQg+AdfxWHEZ+5zUEBUc8t1ts3w+qSwTq6UTUCM18ZJJFGMjQzvkwFKOO
LmNjgZgd8O6dfPRkVrPtToiXk+06LwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFBi
Nj4cx2opAnQmS0ktv+9WlEQgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMzhGQjRGNEZBREExMUVFOTJCQkJGNkIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7TMA0GCSqGSIb3DQEB
CwUAA4IBAQADu0PTnbX0GpCuYWhY1bF8uqEoMRnuJpQLx0Hkki/KdLjupQPO3pV9
MqbpjCiU9rxm5IfU5t8Nz9U3D08RUuyiLyxOOVqHGwrReJnjX9MWzcALM2FSUIY9
G7u4VRh/OjQTCh2/CpEJiZ8TNL5MGweoCIJasusiO1v/wKUGXi+N11lTwbFjcKKE
fZHqwnpy8ZLeDUpdDDVkGkSXkV/LX45kSbGEcjGgTv0brYS1fOmUM/YmlHr4nGst
/oYLe98cwcl6IkmJvHofAfmE0C6PukyYLWwS0EzKtwL5OxjkpDHZxk7lTpDyW9ix
xVX06bEdp6lqWRri/oDqCG0EAWvHxC05
-----END CERTIFICATE-----
Generated at Wed Apr 24 12:34:43 2024 by rpki-client on console-ams.rpki-client.org