Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4956E1A20F3111EFA2D5622C017001B1.roa
File: 4956E1A20F3111EFA2D5622C017001B1.roa (raw, json)
Hash identifier: nup4v+hJ7rWH4A+WnE8JjIKjJydIKaMYm3nYOwTLlAc=
Subject key identifier: A4:84:D7:E3:0D:0F:3B:B6:FE:E9:4F:D2:69:B0:22:0E:F8:E8:03:56
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B6D9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4956E1A20F3111EFA2D5622C017001B1.roa
Signing time: Sat 11 May 2024 00:56:23 +0000
ROA not before: Sat 11 May 2024 00:00:19 +0000
ROA not after: Tue 21 May 2024 00:00:19 +0000
asID: 44559
IP address blocks: 154.210.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46809 (0xb6d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 11 00:00:19 2024 GMT
Not After : May 21 00:00:19 2024 GMT
Subject: CN=663ec237-2a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6f:66:25:76:e1:fc:7c:31:b4:e3:45:62:a3:
45:2b:1c:4d:89:d0:ce:a8:1a:c3:83:bf:83:db:7f:
0e:01:86:ff:f9:62:54:ae:5f:24:d6:e4:fd:98:60:
96:a6:87:ef:b4:ca:1a:68:ab:b9:57:86:8b:ef:e2:
d7:f1:c9:56:a8:2c:c4:3f:66:54:1e:03:bd:31:3a:
a9:06:40:58:49:d9:41:36:f1:91:db:aa:77:3a:7d:
bd:32:16:38:40:c4:9d:d1:bb:50:de:ed:7a:ae:51:
d0:36:65:7d:5a:41:99:8c:20:04:6c:d5:9e:5d:83:
74:77:c8:3c:36:12:06:33:e2:f4:f9:99:ea:cd:7d:
27:84:5c:d0:48:f8:60:5f:4a:2c:fe:49:96:63:00:
00:e5:0b:5b:15:44:82:1d:78:5c:ce:36:26:18:d6:
5d:94:0b:3c:a3:94:a7:6c:fb:c3:de:94:e9:59:6a:
ec:2c:61:c1:3a:6d:bd:29:f1:31:d3:e3:6f:cd:f4:
69:9b:af:7b:10:98:49:7b:79:8b:50:d3:bb:e5:5a:
1b:95:ca:ef:c0:fb:42:0e:30:3e:d5:58:66:9d:05:
06:8f:58:49:16:f5:66:05:1d:17:6a:5a:be:ba:ef:
f5:70:e3:17:06:7d:73:a8:a3:fd:05:cf:f6:48:d4:
41:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:84:D7:E3:0D:0F:3B:B6:FE:E9:4F:D2:69:B0:22:0E:F8:E8:03:56
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4956E1A20F3111EFA2D5622C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.64.0/18
Signature Algorithm: sha256WithRSAEncryption
92:ce:35:78:10:0f:94:a4:58:46:37:35:eb:28:6f:f6:b2:f4:
af:f5:9e:da:0b:a5:b9:70:ec:55:93:f3:9c:27:66:18:71:74:
a8:3a:9e:39:80:dc:3b:bf:fd:fa:5c:b6:2e:4d:33:7c:ad:3f:
92:eb:d9:b7:04:fd:0c:52:bd:6c:26:63:a0:3f:8b:18:ec:4e:
6b:a3:bd:53:61:99:db:7d:53:21:7f:9a:70:09:13:d8:1c:51:
78:78:46:2d:28:c9:1a:e0:c1:f8:71:75:8b:9d:ed:07:46:72:
2a:a3:13:bc:5a:17:c6:f8:2c:be:38:4c:04:6b:15:bf:66:76:
ed:29:70:2e:74:7d:bb:68:84:ed:2e:37:90:42:18:76:8f:c2:
9c:38:e4:06:47:24:f8:85:38:e3:1e:bd:24:40:6b:48:62:52:
ea:46:88:05:d9:45:8c:fc:be:91:14:5a:57:e6:36:88:e1:48:
69:60:3e:99:a7:ab:ff:e1:c3:84:07:07:d2:48:56:e7:86:92:
ea:3e:d7:ca:1f:77:b8:62:8e:91:e8:56:ed:5f:a8:35:1b:e1:
56:96:e1:ec:ce:6e:8e:25:53:64:e9:97:00:02:2a:aa:6b:2a:
cc:bd:b8:1d:df:84:79:bd:0e:92:bd:3c:ec:de:1b:5c:5c:e4:
99:7e:57:38
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALbZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTExMDAwMDE5WhcNMjQwNTIxMDAwMDE5WjAYMRYw
FAYDVQQDEw02NjNlYzIzNy0yYTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3m9mJXbh/HwxtONFYqNFKxxNidDOqBrDg7+D238OAYb/+WJUrl8k1uT9
mGCWpofvtMoaaKu5V4aL7+LX8clWqCzEP2ZUHgO9MTqpBkBYSdlBNvGR26p3On29
MhY4QMSd0btQ3u16rlHQNmV9WkGZjCAEbNWeXYN0d8g8NhIGM+L0+ZnqzX0nhFzQ
SPhgX0os/kmWYwAA5QtbFUSCHXhczjYmGNZdlAs8o5SnbPvD3pTpWWrsLGHBOm29
KfEx0+NvzfRpm697EJhJe3mLUNO75VoblcrvwPtCDjA+1VhmnQUGj1hJFvVmBR0X
alq+uu/1cOMXBn1zqKP9Bc/2SNRB7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKSE
1+MNDzu2/ulP0mmwIg746ANWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OTU2RTFBMjBGMzExMUVGQTJENTYyMkMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmtJAMA0GCSqGSIb3DQEB
CwUAA4IBAQCSzjV4EA+UpFhGNzXrKG/2svSv9Z7aC6W5cOxVk/OcJ2YYcXSoOp45
gNw7v/36XLYuTTN8rT+S69m3BP0MUr1sJmOgP4sY7E5ro71TYZnbfVMhf5pwCRPY
HFF4eEYtKMka4MH4cXWLne0HRnIqoxO8WhfG+Cy+OEwEaxW/ZnbtKXAudH27aITt
LjeQQhh2j8KcOOQGRyT4hTjjHr0kQGtIYlLqRogF2UWM/L6RFFpX5jaI4UhpYD6Z
p6v/4cOEBwfSSFbnhpLqPtfKH3e4Yo6R6FbtX6g1G+FWluHszm6OJVNk6ZcAAiqq
ayrMvbgd34R5vQ6SvTzs3htcXOSZflc4
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:48:04 2024 by rpki-client on console-fra.rpki-client.org