Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/60431A66A0E511EF88E37499762E951A.roa
File: 60431A66A0E511EF88E37499762E951A.roa (raw, json)
Hash identifier: AJrP40FkEuULUSeqrGYtkwqREdMxAMMf0cDK6sc4QS8=
Subject key identifier: EB:D5:56:42:AC:D2:D6:BD:54:B3:D2:D1:B2:AB:2F:1B:CC:3E:BD:FF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010C52
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/60431A66A0E511EF88E37499762E951A.roa
Signing time: Tue 12 Nov 2024 11:00:50 +0000
ROA not before: Tue 12 Nov 2024 11:00:46 +0000
ROA not after: Fri 22 Nov 2024 11:00:46 +0000
asID: 39600
IP address blocks: 154.207.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68690 (0x10c52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 12 11:00:46 2024 GMT
Not After : Nov 22 11:00:46 2024 GMT
Subject: CN=67333561-81d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:23:cc:25:bc:55:1c:9b:c4:24:f6:9b:9b:76:
84:2e:2d:fb:42:d8:a2:e5:8a:e0:90:cd:3e:f2:34:
e6:1e:6a:6a:aa:b4:ad:61:02:3b:19:20:0c:e2:52:
93:1c:91:20:03:d8:a3:75:32:6a:a2:51:a7:37:8f:
34:e7:49:8a:cd:0e:6a:35:6f:fd:78:63:7e:be:a1:
ce:7c:b9:a1:62:55:cf:02:6f:7e:ef:9f:9e:4b:86:
2c:5a:c3:48:0f:c7:e7:d6:b1:0f:ed:99:f3:fc:d5:
84:24:69:0f:45:63:07:69:b5:89:85:76:74:b6:22:
7c:a3:1c:8b:31:8a:9a:0c:01:57:ac:fd:30:9e:44:
f5:39:6b:ed:07:9f:29:1b:59:e6:d0:d8:87:e9:cc:
f9:10:dc:45:2d:ca:50:bd:b7:f7:b5:1f:d3:f7:43:
0f:33:e9:48:ae:24:55:4c:ad:71:ce:e2:74:4d:11:
d1:c2:78:c2:55:d2:d8:a6:6b:1d:62:ef:c9:ca:a0:
9e:4e:f4:60:b6:ad:09:be:8c:49:04:31:61:5c:4a:
b8:af:f8:94:9a:f3:8f:c6:01:a1:4f:5e:35:fd:98:
76:96:6c:c2:b8:1e:5b:35:f5:38:b3:95:38:cf:86:
b8:1e:01:d8:78:d3:24:7c:12:cb:93:f9:15:3e:2c:
83:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:D5:56:42:AC:D2:D6:BD:54:B3:D2:D1:B2:AB:2F:1B:CC:3E:BD:FF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/60431A66A0E511EF88E37499762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.128.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:f4:a4:d6:5d:64:e1:f7:c5:79:b3:71:49:b2:9f:7d:d9:37:
16:27:08:cc:5b:fb:4e:1c:64:b6:60:a7:40:59:22:37:24:68:
6b:04:8a:b4:8b:e6:ed:e3:de:46:04:a6:35:3f:92:96:78:bf:
f2:3d:c3:4e:c7:57:21:c1:c6:62:b9:18:c7:0e:94:0c:a3:7e:
1a:16:49:80:b7:22:ad:d5:73:4e:de:5a:7c:6a:5d:fd:a7:db:
47:9d:1e:dc:66:1d:1b:f5:61:52:d5:89:c8:34:06:d3:30:07:
c3:82:17:c2:c2:83:70:d3:d2:a3:5e:27:b6:41:d9:ff:d3:a1:
3b:23:e8:78:63:a4:1a:f7:db:93:67:38:67:ee:ea:ab:d4:75:
02:f7:68:6f:44:fd:d1:3b:d4:b2:a9:a5:ee:fc:e6:6e:d0:44:
17:4e:17:75:cb:f4:6a:56:4c:86:ae:e0:bf:c8:93:6b:77:76:
87:16:ee:93:7d:b1:90:c0:03:4a:40:ed:d7:65:f7:95:81:67:
8b:fe:bb:33:e4:a4:68:f1:56:39:59:9e:ec:49:0d:9f:5f:d5:
28:3e:3b:89:51:6f:d1:0e:a5:c3:8c:d3:00:08:20:5d:5c:d7:
06:f3:ff:27:02:da:5a:93:1c:86:96:83:d4:58:a7:f4:1a:15:
65:2d:bd:21
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQxSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTEyMTEwMDQ2WhcNMjQxMTIyMTEwMDQ2WjAYMRYw
FAYDVQQDEw02NzMzMzU2MS04MWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvyPMJbxVHJvEJPabm3aELi37Qtii5YrgkM0+8jTmHmpqqrStYQI7GSAM
4lKTHJEgA9ijdTJqolGnN48050mKzQ5qNW/9eGN+vqHOfLmhYlXPAm9+75+eS4Ys
WsNID8fn1rEP7Znz/NWEJGkPRWMHabWJhXZ0tiJ8oxyLMYqaDAFXrP0wnkT1OWvt
B58pG1nm0NiH6cz5ENxFLcpQvbf3tR/T90MPM+lIriRVTK1xzuJ0TRHRwnjCVdLY
pmsdYu/JyqCeTvRgtq0JvoxJBDFhXEq4r/iUmvOPxgGhT141/Zh2lmzCuB5bNfU4
s5U4z4a4HgHYeNMkfBLLk/kVPiyDfQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOvV
VkKs0ta9VLPS0bKrLxvMPr3/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MDQzMUE2NkEwRTUxMUVGODhFMzc0OTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDms+AMA0GCSqGSIb3DQEB
CwUAA4IBAQCM9KTWXWTh98V5s3FJsp992TcWJwjMW/tOHGS2YKdAWSI3JGhrBIq0
i+bt495GBKY1P5KWeL/yPcNOx1chwcZiuRjHDpQMo34aFkmAtyKt1XNO3lp8al39
p9tHnR7cZh0b9WFS1YnINAbTMAfDghfCwoNw09KjXie2Qdn/06E7I+h4Y6Qa99uT
Zzhn7uqr1HUC92hvRP3RO9SyqaXu/OZu0EQXThd1y/RqVkyGruC/yJNrd3aHFu6T
fbGQwANKQO3XZfeVgWeL/rsz5KRo8VY5WZ7sSQ2fX9UoPjuJUW/RDqXDjNMACCBd
XNcG8/8nAtpakxyGloPUWKf0GhVlLb0h
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:07:43 2024 by rpki-client on console-ams.rpki-client.org