Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B97317CFADA11EEB0DCA870017001B1.roa
File: 8B97317CFADA11EEB0DCA870017001B1.roa (raw, json)
Hash identifier: eng01y5Ri62w66OYPvjRZQxqjJQVFJybRoaE/GhvHiw=
Subject key identifier: 73:5D:E4:39:ED:E2:18:CB:39:1F:C9:65:BE:A3:D8:B9:4C:D7:D6:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AC0F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B97317CFADA11EEB0DCA870017001B1.roa
Signing time: Mon 15 Apr 2024 03:45:05 +0000
ROA not before: Mon 15 Apr 2024 03:45:01 +0000
ROA not after: Wed 24 Apr 2024 03:45:01 +0000
asID: 142062
IP address blocks: 154.206.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44047 (0xac0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 03:45:01 2024 GMT
Not After : Apr 24 03:45:01 2024 GMT
Subject: CN=661ca2c1-1dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4a:29:3d:9f:2d:dd:45:93:a0:84:1f:12:75:
7b:5f:18:42:ce:fa:e2:e3:bd:40:93:59:3d:8e:52:
bc:28:64:7e:91:06:5b:f3:8c:dd:28:66:b5:bb:e4:
3d:15:bc:aa:19:49:5a:99:90:ee:67:ef:36:9b:14:
e6:bc:37:fb:3f:32:da:2c:18:65:c7:b1:a4:71:d5:
f1:d9:a2:0e:bb:14:e0:1a:96:9d:bd:04:17:c8:b9:
b1:af:93:12:b2:5e:4c:e2:c2:d0:26:2a:e6:df:8a:
0c:1e:0a:a0:a1:4e:cd:09:02:9b:0c:1c:37:c4:ed:
7e:f7:18:e0:0b:1d:10:52:09:8f:e2:91:48:72:04:
62:b1:0a:46:67:5c:df:6e:04:b7:c1:4c:0f:50:4d:
20:17:fa:95:02:d7:d8:50:0e:23:50:24:0a:03:db:
48:33:9e:5d:ad:05:d2:f8:c4:b8:54:25:d4:d9:64:
87:1c:71:00:e6:7c:a7:c8:cf:45:97:54:3c:fa:0e:
bc:2f:6f:01:aa:6c:a8:43:61:2e:41:3e:55:50:06:
92:e2:ee:4b:20:eb:22:a1:39:96:7f:04:a0:0f:65:
8d:bb:e7:56:0c:9f:95:07:0d:4c:22:0e:94:f3:ef:
6c:1c:94:68:53:dc:8d:df:7a:f7:43:00:fe:19:83:
53:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:5D:E4:39:ED:E2:18:CB:39:1F:C9:65:BE:A3:D8:B9:4C:D7:D6:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B97317CFADA11EEB0DCA870017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.213.0/24
Signature Algorithm: sha256WithRSAEncryption
89:a4:b7:99:36:f7:d8:d7:41:43:bb:88:a8:07:88:93:15:a8:
05:41:58:4f:06:e8:4b:01:d1:95:bc:86:8a:fa:f2:d7:a8:65:
01:55:e2:46:ed:a3:e5:37:19:3a:d3:19:0a:bb:59:2f:ab:70:
a7:fd:37:a5:d6:5e:f4:a4:48:c1:13:7c:da:a2:95:f1:5e:8d:
01:a8:bc:7c:6f:2d:99:0e:40:b8:8b:7c:e4:b1:54:ba:61:8e:
ec:ca:9e:e3:b8:f8:47:68:d2:f0:91:db:36:87:8b:56:7f:48:
79:49:4e:76:7c:70:0c:d5:65:5c:8c:9a:c0:1e:fc:b7:70:a3:
66:c1:af:f4:8b:05:a3:aa:8e:d0:ae:57:b2:92:76:c7:f6:94:
91:4b:c9:f6:6f:d9:1b:ee:4a:1b:40:94:79:84:04:1e:83:88:
bb:75:a6:f2:ba:16:cf:27:b4:02:6a:71:b3:f9:5d:ac:49:72:
a1:bb:66:48:bc:86:e7:ec:77:de:22:0b:2c:98:4e:c3:19:37:
19:96:95:09:af:94:19:5f:22:0e:78:79:57:e6:0c:a9:ca:11:
cc:43:c9:c0:4b:92:91:49:96:1d:8b:bb:01:a4:ba:61:af:6e:
57:13:ed:01:3c:01:a8:77:b6:13:45:d1:1c:21:c0:5e:ca:f2:
9e:43:fe:40
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKwPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDM0NTAxWhcNMjQwNDI0MDM0NTAxWjAYMRYw
FAYDVQQDEw02NjFjYTJjMS0xZGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3UopPZ8t3UWToIQfEnV7XxhCzvri471Ak1k9jlK8KGR+kQZb84zdKGa1
u+Q9FbyqGUlamZDuZ+82mxTmvDf7PzLaLBhlx7GkcdXx2aIOuxTgGpadvQQXyLmx
r5MSsl5M4sLQJirm34oMHgqgoU7NCQKbDBw3xO1+9xjgCx0QUgmP4pFIcgRisQpG
Z1zfbgS3wUwPUE0gF/qVAtfYUA4jUCQKA9tIM55drQXS+MS4VCXU2WSHHHEA5nyn
yM9Fl1Q8+g68L28BqmyoQ2EuQT5VUAaS4u5LIOsioTmWfwSgD2WNu+dWDJ+VBw1M
Ig6U8+9sHJRoU9yN33r3QwD+GYNT4QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHNd
5Dnt4hjLOR/JZb6j2LlM19bZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84Qjk3MzE3Q0ZBREExMUVFQjBEQ0E4NzAwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7VMA0GCSqGSIb3DQEB
CwUAA4IBAQCJpLeZNvfY10FDu4ioB4iTFagFQVhPBuhLAdGVvIaK+vLXqGUBVeJG
7aPlNxk60xkKu1kvq3Cn/Tel1l70pEjBE3zaopXxXo0BqLx8by2ZDkC4i3zksVS6
YY7syp7juPhHaNLwkds2h4tWf0h5SU52fHAM1WVcjJrAHvy3cKNmwa/0iwWjqo7Q
rleyknbH9pSRS8n2b9kb7kobQJR5hAQeg4i7dabyuhbPJ7QCanGz+V2sSXKhu2ZI
vIbn7HfeIgssmE7DGTcZlpUJr5QZXyIOeHlX5gypyhHMQ8nAS5KRSZYdi7sBpLph
r25XE+0BPAGod7YTRdEcIcBeyvKeQ/5A
-----END CERTIFICATE-----
Generated at Wed Apr 24 09:55:38 2024 by rpki-client on console-fra.rpki-client.org