Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CC4CE2EFAD911EE996FAC62017001B1.roa
File: 4CC4CE2EFAD911EE996FAC62017001B1.roa (raw, json)
Hash identifier: XQ2X5BG/iQUrD1Vnn+Hq5+BsRQi4F47My0iUDgCtRh0=
Subject key identifier: 29:1D:B9:07:B2:39:9F:CA:E6:D2:6A:2B:0B:85:2A:00:09:CE:FA:2B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AC01
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CC4CE2EFAD911EE996FAC62017001B1.roa
Signing time: Mon 15 Apr 2024 03:36:10 +0000
ROA not before: Mon 15 Apr 2024 03:36:07 +0000
ROA not after: Wed 24 Apr 2024 03:36:07 +0000
asID: 142062
IP address blocks: 154.206.206.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44033 (0xac01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 03:36:07 2024 GMT
Not After : Apr 24 03:36:07 2024 GMT
Subject: CN=661ca0aa-c9e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8b:5f:a7:3c:a6:d0:3a:3b:bb:dc:d0:74:bb:
19:2c:16:f8:c6:1a:fe:91:12:f7:e3:8b:bf:61:c7:
23:ff:97:2a:47:2f:20:ed:ac:a6:6b:49:98:91:30:
18:6d:a4:8c:75:fb:b7:f4:22:86:72:61:20:dc:1b:
de:dc:c7:a9:99:e7:5b:75:b2:02:c6:d0:3c:de:14:
7f:43:19:8e:e4:7e:2b:ff:8e:72:26:20:dd:b4:56:
cc:7d:f7:ae:69:a0:db:31:b7:bb:16:25:7c:55:4f:
52:e7:2a:d1:ce:48:a7:7e:a7:67:f2:b8:7f:f9:33:
f1:f1:d2:e3:51:34:bb:da:4c:b3:c6:21:fa:79:9e:
9f:ef:bb:31:d5:64:19:4a:8d:e6:a4:09:43:9a:89:
06:3f:59:26:d7:6f:02:bc:4f:9a:7a:d3:c7:63:74:
79:46:d6:ac:ff:5e:5c:1e:96:55:a3:0d:0b:8f:81:
c2:d9:b2:0f:60:58:bd:d4:0d:b2:a7:fe:50:64:d5:
94:0a:e6:c3:99:43:3d:3c:b3:bf:b1:20:8c:17:50:
4a:33:de:0c:b3:b4:ff:d2:c0:a5:75:11:a8:60:83:
af:84:08:bf:ee:18:7c:95:1d:af:b5:a3:ec:09:45:
c4:a4:97:16:a7:d9:7e:a4:e1:d9:38:f3:28:ca:67:
bc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1D:B9:07:B2:39:9F:CA:E6:D2:6A:2B:0B:85:2A:00:09:CE:FA:2B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CC4CE2EFAD911EE996FAC62017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.206.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:b2:53:3d:b1:7f:ae:48:4a:aa:95:3e:c4:ca:06:7a:6d:95:
a8:65:b0:a1:40:15:52:65:ed:dd:e3:9f:24:94:d9:99:66:5a:
5f:c8:2d:da:d5:3e:aa:0d:20:5d:69:0b:e0:7c:c9:e0:e5:84:
04:4b:62:78:3d:2d:cc:1d:08:f5:37:55:6e:e1:75:e8:28:61:
36:d1:7d:c9:25:00:db:b9:a8:68:2a:b0:93:46:73:a5:62:7d:
48:0b:f3:70:78:f5:06:00:3e:5b:b4:04:53:7c:a8:14:28:d7:
f8:4c:bb:88:49:f4:75:af:b3:b9:6b:15:dd:e1:f5:d5:56:26:
d5:3b:98:eb:68:12:95:16:6f:09:16:af:35:a7:84:0d:45:d2:
80:fa:2b:ee:98:10:00:a3:4f:71:e7:80:61:2b:78:4f:70:32:
1b:10:45:6c:3b:d2:25:25:22:e5:f4:d5:3a:1e:95:05:77:de:
1c:d6:5e:78:ab:dc:ca:cb:74:5d:ba:fa:e3:d7:5f:b0:1a:c8:
e1:33:0a:bd:91:ba:75:ea:35:5f:09:bb:13:ed:ec:4e:64:ff:
63:30:77:ae:23:72:ac:3f:7d:05:df:b1:51:e7:b8:dd:00:73:
dd:b4:a8:fc:6a:da:d1:73:98:d9:38:c7:f6:9f:08:9b:30:62:
7b:ec:d9:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKwBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDMzNjA3WhcNMjQwNDI0MDMzNjA3WjAYMRYw
FAYDVQQDEw02NjFjYTBhYS1jOWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3otfpzym0Do7u9zQdLsZLBb4xhr+kRL344u/Yccj/5cqRy8g7ayma0mY
kTAYbaSMdfu39CKGcmEg3Bve3MepmedbdbICxtA83hR/QxmO5H4r/45yJiDdtFbM
ffeuaaDbMbe7FiV8VU9S5yrRzkinfqdn8rh/+TPx8dLjUTS72kyzxiH6eZ6f77sx
1WQZSo3mpAlDmokGP1km128CvE+aetPHY3R5Rtas/15cHpZVow0Lj4HC2bIPYFi9
1A2yp/5QZNWUCubDmUM9PLO/sSCMF1BKM94Ms7T/0sCldRGoYIOvhAi/7hh8lR2v
taPsCUXEpJcWp9l+pOHZOPMoyme8JQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCkd
uQeyOZ/K5tJqKwuFKgAJzvorMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80Q0M0Q0UyRUZBRDkxMUVFOTk2RkFDNjIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7OMA0GCSqGSIb3DQEB
CwUAA4IBAQDHslM9sX+uSEqqlT7EygZ6bZWoZbChQBVSZe3d458klNmZZlpfyC3a
1T6qDSBdaQvgfMng5YQES2J4PS3MHQj1N1Vu4XXoKGE20X3JJQDbuahoKrCTRnOl
Yn1IC/NwePUGAD5btARTfKgUKNf4TLuISfR1r7O5axXd4fXVVibVO5jraBKVFm8J
Fq81p4QNRdKA+ivumBAAo09x54BhK3hPcDIbEEVsO9IlJSLl9NU6HpUFd94c1l54
q9zKy3Rduvrj11+wGsjhMwq9kbp16jVfCbsT7exOZP9jMHeuI3KsP30F37FR57jd
AHPdtKj8atrRc5jZOMf2nwibMGJ77Nlu
-----END CERTIFICATE-----
Generated at Wed Apr 24 09:55:38 2024 by rpki-client on console-fra.rpki-client.org