Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AD4B44C039211EF9A419E02017001B1.roa
File: 3AD4B44C039211EF9A419E02017001B1.roa (raw, json)
Hash identifier: iEAuWGPYUGQ623EnWMvj+gvzFBWujoB3NMJGr6yNLZ4=
Subject key identifier: D0:56:69:90:03:7E:3A:9D:74:33:94:0C:88:E7:E9:E7:7E:7C:F3:48
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B18A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AD4B44C039211EF9A419E02017001B1.roa
Signing time: Fri 26 Apr 2024 06:00:06 +0000
ROA not before: Fri 26 Apr 2024 06:00:02 +0000
ROA not after: Sun 05 May 2024 06:00:02 +0000
asID: 139646
IP address blocks: 154.215.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45450 (0xb18a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 26 06:00:02 2024 GMT
Not After : May 5 06:00:02 2024 GMT
Subject: CN=662b42e6-b14b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:84:66:29:72:4e:26:72:f1:a5:47:2f:ce:61:
dd:e5:b4:80:10:41:65:ea:b0:e0:3e:4b:87:90:27:
4c:67:ee:1e:ff:e4:1e:45:d9:ac:80:36:9e:31:c9:
34:a1:92:b6:0b:8d:cf:79:e0:d5:c3:9a:c9:ff:d5:
0a:e9:8a:03:16:a6:2b:60:c6:8e:e4:87:90:8a:70:
16:68:2f:92:68:1b:04:a5:83:65:8f:44:0e:ec:33:
3f:44:a2:38:e7:12:5b:3d:31:f0:8c:1f:03:ef:dc:
33:c2:6e:2c:36:b1:18:fc:5d:c4:d8:48:10:87:7b:
07:a9:6d:c6:40:eb:15:78:9f:1f:c8:b7:8a:cb:aa:
d3:72:7a:4c:0e:ab:4c:64:ef:47:8c:78:f9:49:45:
32:9d:7d:b9:5d:f0:79:19:2d:48:ff:b8:ed:23:bb:
04:0c:3c:28:3a:18:a5:39:b1:11:2c:8d:8b:36:ae:
5b:54:75:a6:60:69:57:b0:1f:75:c3:6c:e7:2e:7d:
15:2d:6a:58:46:71:a3:cf:2c:40:6c:44:43:83:a9:
c9:4f:44:13:07:af:45:ab:a9:97:86:c4:91:b2:98:
ec:79:69:ae:28:8e:90:e0:ea:a9:c4:0d:25:3a:b9:
23:db:8a:35:27:d2:87:c5:b8:30:f8:c9:14:3c:c9:
96:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:56:69:90:03:7E:3A:9D:74:33:94:0C:88:E7:E9:E7:7E:7C:F3:48
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AD4B44C039211EF9A419E02017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.215.0.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:12:72:cf:4b:3e:a0:15:66:2b:e1:b9:59:95:06:81:08:f3:
ef:06:4d:63:37:15:d3:d7:e4:76:c6:2d:28:c1:b5:ac:08:03:
3d:dd:fd:c3:6b:c4:7e:c9:df:46:01:50:d8:10:16:3a:35:9a:
ac:a9:ba:1a:56:e0:72:da:ec:1d:f0:53:d7:28:70:6c:01:29:
8a:b7:a9:58:06:94:05:fc:ca:c5:77:93:72:85:d0:01:79:0c:
d1:ac:1c:26:74:1f:5b:22:d6:0a:2b:1a:a9:b5:9b:81:e4:99:
72:0d:a3:ba:36:de:37:6a:67:98:1f:2e:fc:2e:a4:41:ee:a8:
2c:d6:14:8f:ad:32:17:9b:34:3c:f2:59:70:17:ce:77:ac:38:
25:22:e5:e0:19:69:b4:81:39:23:62:58:d6:bc:4e:0d:74:33:
79:1c:0d:2a:b9:55:ba:7c:d2:f4:45:32:11:fd:5f:02:64:15:
df:f4:1a:09:d9:86:4a:0b:22:cd:88:04:40:e4:a1:d5:47:09:
ff:0a:b0:b3:a3:5b:e8:67:82:23:32:52:58:6f:92:7d:4b:c5:
de:e7:ff:1e:37:80:1f:f5:28:c0:14:60:35:d4:5d:af:9d:d2:
09:e3:49:8e:05:cc:43:f8:f6:71:77:75:cb:fb:24:d8:f5:44:
b3:01:22:5c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALGKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDI2MDYwMDAyWhcNMjQwNTA1MDYwMDAyWjAYMRYw
FAYDVQQDEw02NjJiNDJlNi1iMTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy4RmKXJOJnLxpUcvzmHd5bSAEEFl6rDgPkuHkCdMZ+4e/+QeRdmsgDae
Mck0oZK2C43PeeDVw5rJ/9UK6YoDFqYrYMaO5IeQinAWaC+SaBsEpYNlj0QO7DM/
RKI45xJbPTHwjB8D79wzwm4sNrEY/F3E2EgQh3sHqW3GQOsVeJ8fyLeKy6rTcnpM
DqtMZO9HjHj5SUUynX25XfB5GS1I/7jtI7sEDDwoOhilObERLI2LNq5bVHWmYGlX
sB91w2znLn0VLWpYRnGjzyxAbERDg6nJT0QTB69Fq6mXhsSRspjseWmuKI6Q4Oqp
xA0lOrkj24o1J9KHxbgw+MkUPMmW+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNBW
aZADfjqddDOUDIjn6ed+fPNIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQUQ0QjQ0QzAzOTIxMUVGOUE0MTlFMDIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtcAMA0GCSqGSIb3DQEB
CwUAA4IBAQC/EnLPSz6gFWYr4blZlQaBCPPvBk1jNxXT1+R2xi0owbWsCAM93f3D
a8R+yd9GAVDYEBY6NZqsqboaVuBy2uwd8FPXKHBsASmKt6lYBpQF/MrFd5NyhdAB
eQzRrBwmdB9bItYKKxqptZuB5JlyDaO6Nt43ameYHy78LqRB7qgs1hSPrTIXmzQ8
8llwF853rDglIuXgGWm0gTkjYljWvE4NdDN5HA0quVW6fNL0RTIR/V8CZBXf9BoJ
2YZKCyLNiARA5KHVRwn/CrCzo1voZ4IjMlJYb5J9S8Xe5/8eN4Af9SjAFGA11F2v
ndIJ40mOBcxD+PZxd3XL+yTY9USzASJc
-----END CERTIFICATE-----
Generated at Mon May 6 02:18:23 2024 by rpki-client on console-ams.rpki-client.org