Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74BA8C548AC911EF8015EB4E762E951A.roa
File: 74BA8C548AC911EF8015EB4E762E951A.roa (raw, json)
Hash identifier: xjLe0Dt6wvHrNf2bOam+g2bAKw1hdBHhJPWgmiGGTRY=
Subject key identifier: 39:0F:A4:48:FE:7D:3D:8D:93:FC:B5:5A:DB:2D:2B:BE:94:DF:D5:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: FE1E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74BA8C548AC911EF8015EB4E762E951A.roa
Signing time: Tue 15 Oct 2024 07:45:32 +0000
ROA not before: Tue 15 Oct 2024 07:45:29 +0000
ROA not after: Sun 17 Nov 2024 07:45:29 +0000
asID: 209242
IP address blocks: 154.198.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65054 (0xfe1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 15 07:45:29 2024 GMT
Not After : Nov 17 07:45:29 2024 GMT
Subject: CN=670e1d9c-890a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e8:6f:bf:7c:cb:60:db:35:f6:14:74:c2:d6:
48:cd:79:61:47:c9:0c:10:b0:2b:90:2a:e4:2b:33:
58:7f:52:14:65:88:6a:af:a7:bf:cb:73:e2:15:da:
0f:4e:72:f9:aa:de:be:9e:d7:e4:36:1f:61:af:8d:
c1:a4:13:14:70:bb:2a:ff:76:61:af:9b:1d:46:8c:
60:42:ec:26:56:ef:01:a1:e1:0e:32:5b:e5:69:98:
1b:3f:d8:77:f8:8c:d4:ab:be:5e:4d:5b:8e:04:e9:
76:f9:7a:0f:1f:72:1c:2b:d5:1a:9c:11:3d:1e:26:
e2:00:30:06:b3:fd:6a:cc:e5:83:62:99:67:5b:2a:
ac:ff:6b:80:f3:51:35:b8:d0:ce:be:89:e7:34:cd:
dc:20:15:ed:12:f0:50:a9:ac:18:9a:b7:54:3c:76:
d5:76:e8:0d:ab:d5:c9:8a:9a:5b:05:74:92:f1:36:
bf:87:18:94:8a:ba:1c:3a:7f:a6:80:84:9f:74:04:
d9:2d:1d:3e:02:6a:7e:c4:c2:92:43:64:0d:1c:3a:
b0:49:45:c0:52:06:6e:68:ac:a6:c9:b0:e6:8e:77:
b2:92:75:1a:72:70:6f:aa:3c:b0:52:fb:6f:d8:c8:
cc:da:70:d1:f6:19:a4:4a:f6:4f:16:b0:3c:77:a0:
bc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:0F:A4:48:FE:7D:3D:8D:93:FC:B5:5A:DB:2D:2B:BE:94:DF:D5:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74BA8C548AC911EF8015EB4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.173.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:c8:1e:81:13:1d:2a:f3:e0:a2:eb:31:b3:84:74:a6:12:74:
72:1b:54:12:3e:ee:8a:b8:70:7d:02:27:47:68:10:94:58:6f:
67:2c:e4:58:f7:ec:8b:6b:13:84:da:a1:83:d9:3d:72:82:69:
24:5e:9e:c9:5d:00:3e:a0:43:94:1a:c7:01:5f:a0:3e:50:cb:
9e:1e:1b:af:00:c9:a4:95:79:23:54:35:9b:02:e7:f0:78:e2:
c8:64:6e:b2:4c:44:44:c0:20:5d:c5:00:b4:f3:65:f8:6b:4a:
bb:ab:cc:e7:fa:72:e7:a9:85:a8:9e:3e:6a:a5:70:af:8d:4e:
fe:79:4d:1d:87:5f:90:21:43:7e:33:09:b9:da:89:2f:2e:75:
81:03:3f:60:31:33:eb:e4:77:95:8e:33:e7:43:32:f0:f4:15:
1a:45:52:64:a5:8e:8b:9b:49:32:01:a8:fb:f4:d3:50:3d:88:
21:01:a7:2d:51:3b:4a:d2:da:65:f2:63:95:ec:bb:30:ce:8a:
a6:7d:0a:6c:4e:67:e0:12:af:e8:69:f1:2a:f5:07:52:2f:15:
50:e5:85:32:0f:09:e9:79:4d:55:7a:88:5e:14:c9:70:85:ef:
42:bb:37:3a:a4:cb:6a:06:ff:9a:4d:fc:0b:50:09:e5:6e:01:
60:f0:98:50
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAP4eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDE1MDc0NTI5WhcNMjQxMTE3MDc0NTI5WjAYMRYw
FAYDVQQDEw02NzBlMWQ5Yy04OTBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv+hvv3zLYNs19hR0wtZIzXlhR8kMELArkCrkKzNYf1IUZYhqr6e/y3Pi
FdoPTnL5qt6+ntfkNh9hr43BpBMUcLsq/3Zhr5sdRoxgQuwmVu8BoeEOMlvlaZgb
P9h3+IzUq75eTVuOBOl2+XoPH3IcK9UanBE9HibiADAGs/1qzOWDYplnWyqs/2uA
81E1uNDOvonnNM3cIBXtEvBQqawYmrdUPHbVdugNq9XJippbBXSS8Ta/hxiUiroc
On+mgISfdATZLR0+Amp+xMKSQ2QNHDqwSUXAUgZuaKymybDmjneyknUacnBvqjyw
Uvtv2MjM2nDR9hmkSvZPFrA8d6C89QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDkP
pEj+fT2Nk/y1WtstK76U39XvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NEJBOEM1NDhBQzkxMUVGODAxNUVCNEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsatMA0GCSqGSIb3DQEB
CwUAA4IBAQC4yB6BEx0q8+Ci6zGzhHSmEnRyG1QSPu6KuHB9AidHaBCUWG9nLORY
9+yLaxOE2qGD2T1ygmkkXp7JXQA+oEOUGscBX6A+UMueHhuvAMmklXkjVDWbAufw
eOLIZG6yTEREwCBdxQC082X4a0q7q8zn+nLnqYWonj5qpXCvjU7+eU0dh1+QIUN+
Mwm52okvLnWBAz9gMTPr5HeVjjPnQzLw9BUaRVJkpY6Lm0kyAaj79NNQPYghAact
UTtK0tpl8mOV7LswzoqmfQpsTmfgEq/oafEq9QdSLxVQ5YUyDwnpeU1VeoheFMlw
he9Cuzc6pMtqBv+aTfwLUAnlbgFg8JhQ
-----END CERTIFICATE-----
Generated at Sun Nov 17 09:27:03 2024 by rpki-client on console-fra.rpki-client.org