Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/689EE6CA0EB111EFB35D9C23017001B1.roa
File: 689EE6CA0EB111EFB35D9C23017001B1.roa (raw, json)
Hash identifier: W8nbaZngVOkhKvCFN1LADKCcQjOdMbZpg6WD0tMoFwE=
Subject key identifier: 8F:36:5A:BE:72:A2:7E:AC:FE:CA:29:AA:11:C4:73:93:08:61:4D:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B6C0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/689EE6CA0EB111EFB35D9C23017001B1.roa
Signing time: Fri 10 May 2024 09:41:00 +0000
ROA not before: Fri 10 May 2024 09:40:56 +0000
ROA not after: Mon 20 May 2024 09:40:56 +0000
asID: 142062
IP address blocks: 154.206.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46784 (0xb6c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 10 09:40:56 2024 GMT
Not After : May 20 09:40:56 2024 GMT
Subject: CN=663debac-e6e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b9:8d:e4:4d:31:0b:b1:a5:53:ce:44:97:fc:
db:1b:b8:5b:2e:78:4e:21:de:c5:36:4e:35:87:ad:
d1:e0:0f:9b:c6:e3:49:f8:f0:31:5b:58:8e:f1:c5:
05:2f:a1:b8:69:1b:b6:b1:36:98:d9:63:09:a4:20:
f7:13:0e:67:e4:fa:7c:08:e2:75:8b:0c:ce:e7:fc:
40:fb:7f:d3:c6:1b:86:fd:ab:36:9c:f4:de:16:7b:
74:35:b6:bf:56:34:87:83:44:ce:17:6d:41:0f:0b:
bd:b1:36:c9:c1:56:85:3c:63:e7:30:ec:24:4e:c5:
4d:d9:ee:45:10:39:16:ee:35:53:9e:10:ec:ec:45:
56:44:8f:39:38:dc:f7:be:bc:8f:58:78:e0:c7:40:
29:3f:2b:c1:4a:d6:1f:af:9f:57:38:51:51:2a:7f:
16:60:a3:dc:72:70:1e:68:ce:35:9b:92:a9:b2:96:
de:c5:ef:78:51:43:31:59:34:ba:28:59:98:bb:ed:
99:66:1c:6a:c8:4d:1d:bb:ac:8c:f9:15:cc:47:74:
f8:db:b5:44:1d:b2:fd:b3:8c:4f:7b:5f:71:1a:c0:
1a:a3:47:1d:72:91:21:d4:c2:92:b9:c2:7f:d2:5f:
e6:68:62:30:54:96:90:a7:82:14:b5:25:d6:9d:51:
e1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:36:5A:BE:72:A2:7E:AC:FE:CA:29:AA:11:C4:73:93:08:61:4D:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/689EE6CA0EB111EFB35D9C23017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.195.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:e3:6f:b7:4a:7e:c3:f4:9c:19:2d:f8:47:21:d6:68:7c:6b:
18:3e:18:e7:ca:9a:de:91:01:e5:a7:64:56:c6:33:95:d4:c1:
63:5b:c2:b8:ba:e8:7f:01:b2:ad:da:9b:fa:d2:d3:20:26:de:
90:02:4b:1c:43:28:ee:c1:29:fc:b2:b5:f2:5a:37:3e:d2:bc:
b0:c2:fa:b5:4c:a1:33:09:d3:00:e9:b0:03:ea:c5:ff:b9:dd:
cb:5e:50:58:df:41:01:60:a3:d9:7d:4a:01:ee:13:be:ce:d0:
09:c5:b5:5f:f3:89:a2:02:6b:67:e2:1a:c7:6f:67:49:75:2b:
eb:ab:c3:0c:fe:d2:7f:f8:b3:4b:63:72:ad:e6:5f:10:bd:78:
9a:af:8a:0e:eb:a4:fa:36:2c:1e:fc:67:20:a0:22:00:c6:32:
b3:7a:58:82:6b:81:f8:fa:a8:60:c8:f6:7a:02:95:ee:0b:32:
63:f0:26:ab:4e:ef:a4:26:76:17:f7:9f:9f:d8:6b:90:64:3f:
49:a7:a2:a0:45:c6:62:32:b6:5c:38:8c:64:12:d6:38:d9:87:
73:8c:2f:f8:fe:ba:78:41:6a:43:20:7a:db:d7:cb:18:40:3a:
0c:46:65:b7:4b:52:80:f4:cd:51:51:9d:b3:a3:8f:1b:13:c4:
94:2f:0e:b7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALbAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTEwMDk0MDU2WhcNMjQwNTIwMDk0MDU2WjAYMRYw
FAYDVQQDEw02NjNkZWJhYy1lNmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA07mN5E0xC7GlU85El/zbG7hbLnhOId7FNk41h63R4A+bxuNJ+PAxW1iO
8cUFL6G4aRu2sTaY2WMJpCD3Ew5n5Pp8COJ1iwzO5/xA+3/TxhuG/as2nPTeFnt0
Nba/VjSHg0TOF21BDwu9sTbJwVaFPGPnMOwkTsVN2e5FEDkW7jVTnhDs7EVWRI85
ONz3vryPWHjgx0ApPyvBStYfr59XOFFRKn8WYKPccnAeaM41m5Kpspbexe94UUMx
WTS6KFmYu+2ZZhxqyE0du6yM+RXMR3T427VEHbL9s4xPe19xGsAao0cdcpEh1MKS
ucJ/0l/maGIwVJaQp4IUtSXWnVHhZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI82
Wr5yon6s/sopqhHEc5MIYU2oMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODlFRTZDQTBFQjExMUVGQjM1RDlDMjMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7DMA0GCSqGSIb3DQEB
CwUAA4IBAQDB42+3Sn7D9JwZLfhHIdZofGsYPhjnyprekQHlp2RWxjOV1MFjW8K4
uuh/AbKt2pv60tMgJt6QAkscQyjuwSn8srXyWjc+0rywwvq1TKEzCdMA6bAD6sX/
ud3LXlBY30EBYKPZfUoB7hO+ztAJxbVf84miAmtn4hrHb2dJdSvrq8MM/tJ/+LNL
Y3Kt5l8QvXiar4oO66T6Niwe/GcgoCIAxjKzeliCa4H4+qhgyPZ6ApXuCzJj8Car
Tu+kJnYX95+f2GuQZD9Jp6KgRcZiMrZcOIxkEtY42YdzjC/4/rp4QWpDIHrb18sY
QDoMRmW3S1KA9M1RUZ2zo48bE8SULw63
-----END CERTIFICATE-----
Generated at Tue May 21 02:17:27 2024 by rpki-client on console-fra.rpki-client.org