Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71921076FBA711EEA6FCE8FB007001B1.roa
File: 71921076FBA711EEA6FCE8FB007001B1.roa (raw, json)
Hash identifier: aoeUwvEF1HZO4ujdCCJO8Eqd+tSa9biuCMBMECkS+W4=
Subject key identifier: DD:8B:22:EC:D0:BC:09:DE:C2:42:12:CF:E8:58:29:FD:04:5B:09:0D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AD87
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71921076FBA711EEA6FCE8FB007001B1.roa
Signing time: Tue 16 Apr 2024 04:11:48 +0000
ROA not before: Tue 16 Apr 2024 04:11:44 +0000
ROA not after: Wed 24 Apr 2024 04:11:44 +0000
asID: 142062
IP address blocks: 154.206.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44423 (0xad87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 04:11:44 2024 GMT
Not After : Apr 24 04:11:44 2024 GMT
Subject: CN=661dfa84-8c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:69:00:b0:e6:d5:e5:5b:51:06:e4:a6:70:07:
23:54:c9:9c:76:fa:e2:52:de:bb:5d:bb:2f:c4:be:
a5:62:c9:4b:b6:0b:3b:99:24:ed:59:e2:fe:e4:5f:
98:ec:9f:f3:0f:3e:39:b2:ee:3e:16:2a:3c:96:6b:
ed:9e:17:7b:95:59:eb:68:10:06:8a:93:42:9f:a6:
7d:65:24:dd:ea:0f:d8:b5:36:2f:77:4e:a7:8d:85:
7a:02:26:3e:2a:a9:73:21:76:d2:0b:80:fc:0a:2a:
c6:da:39:f9:57:63:cf:0e:c2:1c:28:42:79:b4:21:
bd:97:e5:32:b0:d5:30:82:3a:33:39:2e:66:fd:14:
08:19:45:f7:f0:d3:84:18:90:91:26:23:22:87:ac:
c7:8f:7e:d8:14:81:2e:1b:2f:6c:31:f1:94:0d:c9:
9a:9b:ba:92:0c:35:ab:0f:c6:dc:ab:1a:99:c4:fb:
35:3f:49:e4:64:2e:77:af:87:be:7e:67:9d:c7:8c:
47:f5:84:12:2d:4f:bc:f2:84:fe:9a:e9:0f:51:d9:
4e:7f:e6:f5:3a:81:89:f3:f6:7e:66:8d:01:c3:8b:
c0:98:fb:f3:c0:71:d3:f6:bb:a3:73:c9:ff:60:d2:
fb:cf:ea:c9:59:2f:a7:96:ef:18:6f:43:c3:cd:83:
66:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:8B:22:EC:D0:BC:09:DE:C2:42:12:CF:E8:58:29:FD:04:5B:09:0D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71921076FBA711EEA6FCE8FB007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.224.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:1c:17:74:9e:6b:b0:81:bd:bd:43:10:58:d9:cf:d2:3f:cc:
12:eb:a3:15:61:44:59:43:fc:6d:7e:2c:6f:84:26:fc:00:0c:
f0:7c:2e:6f:48:65:68:fc:6b:01:03:b6:58:a7:ab:0e:58:a5:
81:83:4e:54:e9:88:6f:54:70:e2:4f:70:e0:8e:45:b4:0e:d1:
54:8a:a2:ef:c6:b0:e3:c8:23:96:f5:ca:f4:98:7e:64:76:1f:
e9:f2:57:db:2c:49:cd:17:ad:7e:72:ae:b2:08:b5:8a:e8:fc:
ef:ab:ff:9e:28:86:c9:6d:e7:d5:80:9f:0d:c4:ba:1d:64:05:
83:10:26:90:c6:a9:c6:39:a6:4f:ea:9b:79:f6:70:0e:82:3e:
be:65:e0:c3:e5:90:c5:00:10:2a:6c:78:2f:33:e0:e6:a6:51:
7d:8a:fe:5f:14:41:82:ae:4b:4d:53:b3:84:af:3c:0e:40:90:
d2:3a:7e:14:b1:ef:d5:3d:80:ad:71:d2:22:aa:75:33:b9:64:
b0:c3:ff:b5:34:10:3d:4d:4c:36:d6:29:bb:8d:ee:fd:71:7a:
91:87:c8:0d:28:45:f0:40:20:18:72:8b:37:3d:04:1a:aa:a1:
81:d0:d5:f8:3b:45:de:95:cd:9e:b0:ca:62:00:54:9b:d3:f0:
5e:f4:02:a9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK2HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE2MDQxMTQ0WhcNMjQwNDI0MDQxMTQ0WjAYMRYw
FAYDVQQDEw02NjFkZmE4NC04YzEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvmkAsObV5VtRBuSmcAcjVMmcdvriUt67XbsvxL6lYslLtgs7mSTtWeL+
5F+Y7J/zDz45su4+Fio8lmvtnhd7lVnraBAGipNCn6Z9ZSTd6g/YtTYvd06njYV6
AiY+KqlzIXbSC4D8CirG2jn5V2PPDsIcKEJ5tCG9l+UysNUwgjozOS5m/RQIGUX3
8NOEGJCRJiMih6zHj37YFIEuGy9sMfGUDcmam7qSDDWrD8bcqxqZxPs1P0nkZC53
r4e+fmedx4xH9YQSLU+88oT+mukPUdlOf+b1OoGJ8/Z+Zo0Bw4vAmPvzwHHT9ruj
c8n/YNL7z+rJWS+nlu8Yb0PDzYNmwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN2L
IuzQvAnewkISz+hYKf0EWwkNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MTkyMTA3NkZCQTcxMUVFQTZGQ0U4RkIwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7gMA0GCSqGSIb3DQEB
CwUAA4IBAQC5HBd0nmuwgb29QxBY2c/SP8wS66MVYURZQ/xtfixvhCb8AAzwfC5v
SGVo/GsBA7ZYp6sOWKWBg05U6YhvVHDiT3DgjkW0DtFUiqLvxrDjyCOW9cr0mH5k
dh/p8lfbLEnNF61+cq6yCLWK6Pzvq/+eKIbJbefVgJ8NxLodZAWDECaQxqnGOaZP
6pt59nAOgj6+ZeDD5ZDFABAqbHgvM+DmplF9iv5fFEGCrktNU7OErzwOQJDSOn4U
se/VPYCtcdIiqnUzuWSww/+1NBA9TUw21im7je79cXqRh8gNKEXwQCAYcos3PQQa
qqGB0NX4O0Xelc2esMpiAFSb0/Be9AKp
-----END CERTIFICATE-----
Generated at Wed Apr 24 09:55:38 2024 by rpki-client on console-fra.rpki-client.org