Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C7A64480EAC11EF95B7C5FB007001B1.roa
File: 3C7A64480EAC11EF95B7C5FB007001B1.roa (raw, json)
Hash identifier: 4NpFyR4rB8iKOcpqV2ggx/mVQhQdquHQKbNRQ7ZL3Zc=
Subject key identifier: 11:6F:4D:7B:49:61:D5:09:5A:A7:E2:CB:D8:FF:BD:9B:DA:A2:FC:34
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B688
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C7A64480EAC11EF95B7C5FB007001B1.roa
Signing time: Fri 10 May 2024 09:03:58 +0000
ROA not before: Fri 10 May 2024 09:03:55 +0000
ROA not after: Mon 20 May 2024 09:03:55 +0000
asID: 142062
IP address blocks: 154.206.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46728 (0xb688)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 10 09:03:55 2024 GMT
Not After : May 20 09:03:55 2024 GMT
Subject: CN=663de2fe-c5cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:16:fc:3b:9a:83:70:68:33:38:2e:cf:76:13:
86:29:a5:d0:00:b4:29:9f:87:59:5c:e9:29:3c:e9:
07:b2:e3:a6:be:21:e8:d1:07:8e:d8:d0:ce:cb:23:
20:c1:7a:a1:9f:c7:6f:be:31:0f:1b:a3:87:3d:6b:
18:af:37:d3:ca:b4:38:cb:53:a9:cf:28:25:f9:5a:
d4:b8:32:13:21:23:f7:a1:49:56:b1:4e:9b:2c:16:
ae:de:88:31:80:c9:6c:9a:17:6d:bf:a8:2d:6c:f5:
fa:a0:84:3d:d6:5b:c1:0f:0b:2b:17:9a:77:d7:6b:
48:15:8a:40:fe:c7:e5:af:0d:2b:2b:92:2b:48:89:
ed:ce:fc:52:56:b2:ff:3b:8c:e4:1e:70:f8:bd:38:
9e:f4:12:e1:bf:dc:76:f1:4f:58:80:a2:cd:b9:29:
00:3e:d3:53:a5:94:29:bd:23:a3:59:25:53:68:24:
a1:c7:31:6e:4c:e2:df:49:65:42:ca:c7:9e:f7:8d:
be:e1:a1:e2:3a:59:2d:a2:c8:11:ef:5a:11:34:74:
f1:cd:8f:16:c8:1e:41:e3:db:fc:64:79:0e:33:60:
a1:4c:4d:54:2f:fd:64:78:86:a5:c2:a9:c8:5c:87:
77:40:57:81:55:2e:19:93:51:f2:46:ab:38:a2:c4:
35:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:6F:4D:7B:49:61:D5:09:5A:A7:E2:CB:D8:FF:BD:9B:DA:A2:FC:34
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C7A64480EAC11EF95B7C5FB007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.222.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:19:c8:38:3f:a2:0c:ab:90:53:43:94:ab:2e:6b:eb:95:7b:
99:be:05:84:b5:dc:d9:fa:5a:ad:13:4f:6b:91:a2:90:1a:ff:
e0:6c:5d:8c:15:9b:c5:6f:e6:b3:15:61:02:8a:f4:32:08:2b:
3a:da:cf:d3:5b:c2:98:03:99:fa:84:3f:c6:f9:52:4f:25:fe:
ee:9d:b1:86:de:09:1c:67:85:2b:e0:bc:ea:1e:36:bb:df:8b:
7d:61:e6:38:3f:c1:75:9a:5f:11:77:07:23:e7:63:11:03:a3:
73:6c:7c:44:3b:a9:7f:0d:a0:1c:62:3f:18:80:9e:10:a8:8f:
23:34:48:d3:e4:04:e5:a4:10:d4:79:da:aa:50:08:52:d0:81:
91:5d:ca:12:25:26:34:39:21:04:ec:8b:52:c2:ae:4c:52:92:
8a:97:33:4c:3e:34:ed:84:cb:9d:8a:21:3c:06:0a:a3:54:84:
87:9d:47:df:47:77:23:dd:1d:17:70:3c:57:bd:e1:1c:f0:41:
31:cc:06:4a:79:fa:32:36:08:c9:5d:ce:1a:69:18:2f:dc:67:
a0:5c:61:52:53:a8:6a:02:d6:7b:06:0c:a3:92:fc:41:68:58:
46:39:36:a0:7e:8e:45:fa:69:1c:be:ab:a2:6c:e8:ab:db:72:
c7:04:26:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALaIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTEwMDkwMzU1WhcNMjQwNTIwMDkwMzU1WjAYMRYw
FAYDVQQDEw02NjNkZTJmZS1jNWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqBb8O5qDcGgzOC7PdhOGKaXQALQpn4dZXOkpPOkHsuOmviHo0QeO2NDO
yyMgwXqhn8dvvjEPG6OHPWsYrzfTyrQ4y1Opzygl+VrUuDITISP3oUlWsU6bLBau
3ogxgMlsmhdtv6gtbPX6oIQ91lvBDwsrF5p312tIFYpA/sflrw0rK5IrSIntzvxS
VrL/O4zkHnD4vTie9BLhv9x28U9YgKLNuSkAPtNTpZQpvSOjWSVTaCShxzFuTOLf
SWVCysee942+4aHiOlktosgR71oRNHTxzY8WyB5B49v8ZHkOM2ChTE1UL/1keIal
wqnIXId3QFeBVS4Zk1HyRqs4osQ1AwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBFv
TXtJYdUJWqfiy9j/vZvaovw0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQzdBNjQ0ODBFQUMxMUVGOTVCN0M1RkIwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7eMA0GCSqGSIb3DQEB
CwUAA4IBAQCPGcg4P6IMq5BTQ5SrLmvrlXuZvgWEtdzZ+lqtE09rkaKQGv/gbF2M
FZvFb+azFWECivQyCCs62s/TW8KYA5n6hD/G+VJPJf7unbGG3gkcZ4Ur4LzqHja7
34t9YeY4P8F1ml8Rdwcj52MRA6NzbHxEO6l/DaAcYj8YgJ4QqI8jNEjT5ATlpBDU
edqqUAhS0IGRXcoSJSY0OSEE7ItSwq5MUpKKlzNMPjTthMudiiE8BgqjVISHnUff
R3cj3R0XcDxXveEc8EExzAZKefoyNgjJXc4aaRgv3GegXGFSU6hqAtZ7BgyjkvxB
aFhGOTagfo5F+mkcvquibOir23LHBCbx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:59 2024 by rpki-client on console-ams.rpki-client.org