Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4AFDC64CFB9F11EEAB4B643A017001B1.roa
File: 4AFDC64CFB9F11EEAB4B643A017001B1.roa (raw, json)
Hash identifier: NGYQsyG6dJ1hjhFeLSif2Tkb7ju1eAE96BtnwTstVYY=
Subject key identifier: FA:5F:91:FC:AA:10:B9:72:E2:36:94:C9:FB:C1:7B:28:11:A9:F6:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AD33
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4AFDC64CFB9F11EEAB4B643A017001B1.roa
Signing time: Tue 16 Apr 2024 03:13:27 +0000
ROA not before: Tue 16 Apr 2024 03:13:24 +0000
ROA not after: Wed 24 Apr 2024 03:13:24 +0000
asID: 136933
IP address blocks: 154.213.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44339 (0xad33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 03:13:24 2024 GMT
Not After : Apr 24 03:13:24 2024 GMT
Subject: CN=661decd7-e3bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e2:75:65:03:fd:fe:e9:f7:4b:fd:6f:07:b7:
8e:d7:d3:42:ad:62:d8:92:9e:e8:0c:86:f3:18:f1:
22:85:40:71:4c:4d:5c:08:0c:79:ea:9a:f3:b0:47:
71:50:c4:d7:4d:df:e5:68:42:57:0e:dd:b1:e1:6e:
df:32:80:aa:d2:74:97:86:01:14:cf:14:8f:19:0a:
41:c5:91:05:c8:8c:6d:c8:79:98:ee:f6:38:57:7f:
db:cd:64:9a:b2:c1:5c:da:31:c1:db:9c:e6:1d:51:
f7:83:ba:96:33:10:66:b3:13:ff:ce:e6:23:a4:4d:
83:2f:48:dd:0b:13:b9:0f:89:8a:c2:7f:cb:40:77:
8a:5c:51:62:73:80:4e:73:ae:c7:0f:3a:e1:a1:de:
37:56:33:45:2c:8e:96:3d:56:78:1c:1c:8a:f5:9d:
e9:7f:3c:ba:67:58:db:32:86:a7:dc:05:ac:49:68:
b1:98:63:f0:0f:54:10:dd:b6:b8:f3:ff:8b:03:e5:
ae:f1:a1:72:27:db:15:07:c0:85:e8:53:a2:5d:6a:
5d:c5:20:fd:24:4b:b7:11:69:de:5a:c6:25:3e:8e:
9d:fa:ab:20:cd:60:b6:b8:5f:4c:17:12:d7:b6:e8:
e7:43:d9:5e:fe:62:f4:65:11:e3:a9:c1:7a:46:52:
2f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5F:91:FC:AA:10:B9:72:E2:36:94:C9:FB:C1:7B:28:11:A9:F6:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4AFDC64CFB9F11EEAB4B643A017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.21.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:4e:a6:60:48:dd:88:de:93:7e:05:5f:ff:b9:4b:d9:c0:6a:
8f:b2:2f:d8:8b:5d:7b:21:55:c9:b6:1f:60:93:ec:86:25:8b:
35:fb:cb:cb:fe:c7:d4:70:a1:b2:b5:aa:c2:9d:c9:bd:10:0f:
99:9e:0e:e5:60:1b:cc:43:13:71:48:43:44:26:aa:6e:f6:48:
b3:ba:1d:1f:23:5c:b6:0d:62:3b:c8:01:f3:4c:61:10:11:19:
c9:9e:bb:59:c9:3d:19:1a:3a:09:71:a0:5e:25:9d:07:74:32:
ee:bb:2f:39:c7:57:d8:f3:f9:fe:4b:b0:bb:2d:81:bd:5a:48:
4e:83:06:18:46:3a:62:87:24:53:35:af:bc:af:9f:b1:0d:d8:
10:61:c3:e4:af:3d:96:a9:b9:02:17:0d:0f:fd:b8:8b:d2:e6:
d7:a4:70:54:de:68:be:7b:b1:dd:5e:54:3d:34:02:b2:af:94:
a0:85:b9:0e:64:e9:c0:7c:ce:d9:55:9a:ed:65:a8:eb:11:d9:
f8:ff:11:12:60:1b:f4:63:e5:5f:3c:cd:b9:79:b6:a4:fc:9a:
e3:ea:3c:b6:b5:ee:30:ce:66:b5:f4:79:78:b3:fe:5b:93:3a:
6d:a8:7a:4c:a8:ed:d2:11:1e:2c:c6:7f:88:06:7c:3f:00:22:
27:1c:5f:5b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK0zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE2MDMxMzI0WhcNMjQwNDI0MDMxMzI0WjAYMRYw
FAYDVQQDEw02NjFkZWNkNy1lM2JmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAseJ1ZQP9/un3S/1vB7eO19NCrWLYkp7oDIbzGPEihUBxTE1cCAx56prz
sEdxUMTXTd/laEJXDt2x4W7fMoCq0nSXhgEUzxSPGQpBxZEFyIxtyHmY7vY4V3/b
zWSassFc2jHB25zmHVH3g7qWMxBmsxP/zuYjpE2DL0jdCxO5D4mKwn/LQHeKXFFi
c4BOc67HDzrhod43VjNFLI6WPVZ4HByK9Z3pfzy6Z1jbMoan3AWsSWixmGPwD1QQ
3ba48/+LA+Wu8aFyJ9sVB8CF6FOiXWpdxSD9JEu3EWneWsYlPo6d+qsgzWC2uF9M
FxLXtujnQ9le/mL0ZRHjqcF6RlIv/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPpf
kfyqELly4jaUyfvBeygRqfbYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QUZEQzY0Q0ZCOUYxMUVFQUI0QjY0M0EwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtUVMA0GCSqGSIb3DQEB
CwUAA4IBAQCqTqZgSN2I3pN+BV//uUvZwGqPsi/Yi117IVXJth9gk+yGJYs1+8vL
/sfUcKGytarCncm9EA+Zng7lYBvMQxNxSENEJqpu9kizuh0fI1y2DWI7yAHzTGEQ
ERnJnrtZyT0ZGjoJcaBeJZ0HdDLuuy85x1fY8/n+S7C7LYG9WkhOgwYYRjpihyRT
Na+8r5+xDdgQYcPkrz2WqbkCFw0P/biL0ubXpHBU3mi+e7HdXlQ9NAKyr5SghbkO
ZOnAfM7ZVZrtZajrEdn4/xESYBv0Y+VfPM25ebak/Jrj6jy2te4wzma19Hl4s/5b
kzptqHpMqO3SER4sxn+IBnw/ACInHF9b
-----END CERTIFICATE-----
Generated at Wed Apr 24 09:55:38 2024 by rpki-client on console-fra.rpki-client.org