Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E57D57A0EB111EFA67B5524017001B1.roa
File: 8E57D57A0EB111EFA67B5524017001B1.roa (raw, json)
Hash identifier: TDcxr99rziTbxKK6HZMuxMcVOt6/upOEI9cyAJaIs3g=
Subject key identifier: 4E:AF:67:C8:56:0D:B2:ED:62:E6:17:1A:9A:BF:AE:93:53:8F:85:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B6C2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E57D57A0EB111EFA67B5524017001B1.roa
Signing time: Fri 10 May 2024 09:42:03 +0000
ROA not before: Fri 10 May 2024 09:42:00 +0000
ROA not after: Mon 20 May 2024 09:42:00 +0000
asID: 142062
IP address blocks: 154.206.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46786 (0xb6c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 10 09:42:00 2024 GMT
Not After : May 20 09:42:00 2024 GMT
Subject: CN=663debeb-e85e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5c:5a:df:ef:b3:d1:dd:dc:25:d0:dd:43:eb:
67:79:fd:4c:76:06:ae:11:16:15:81:bc:c2:50:cc:
63:e4:e5:8e:a8:df:57:5f:49:40:52:58:f5:48:c7:
72:26:58:c0:18:8e:39:0b:66:ce:78:a2:65:1c:d6:
5c:d3:b1:03:3e:09:d6:40:8e:95:a9:1c:4c:c8:ca:
9d:7d:d6:ee:55:2e:23:df:48:5c:f4:ff:f1:70:04:
2b:ed:2d:98:df:ad:58:f2:41:da:67:9e:49:10:b3:
90:f2:f2:6a:0a:7d:84:7b:db:ca:2a:d7:58:14:90:
77:0f:3a:53:ce:b6:65:c5:8f:f5:68:a7:01:71:8f:
14:db:37:c7:2a:4a:5e:d7:54:3e:ca:a2:72:e1:ee:
d1:6c:0c:1f:92:8a:3a:4f:5a:66:bd:1e:0f:a6:7a:
a3:ac:9c:18:ef:e5:c9:cc:89:a4:1d:84:4f:b2:db:
b8:74:81:7f:c4:14:78:cb:cd:ea:57:d5:db:56:85:
a0:43:2a:d6:a6:e0:2a:8f:c3:ab:c1:c2:0d:c3:fe:
99:ac:52:33:73:5d:3b:7a:ac:75:24:59:0d:d4:27:
35:52:96:e7:07:7b:45:28:dd:e7:45:f6:d3:f0:fb:
89:e3:62:90:8d:c4:5d:6b:c8:d3:a7:76:f1:dc:f1:
2a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:AF:67:C8:56:0D:B2:ED:62:E6:17:1A:9A:BF:AE:93:53:8F:85:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E57D57A0EB111EFA67B5524017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.196.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:05:de:32:f4:b5:24:4c:2b:1e:f1:7a:c0:ec:b7:c5:33:7c:
82:ad:bb:39:1e:d5:4c:69:69:1c:9f:20:8a:70:5f:65:26:d2:
24:9e:61:94:81:da:ed:9a:18:8f:a3:22:76:f3:ca:08:b9:38:
ea:52:2c:89:77:2f:fb:43:bd:ca:f8:cf:0e:db:1d:b8:92:a5:
f9:89:2f:77:ff:1a:e3:84:82:65:7a:77:4e:f5:b7:05:db:4b:
8f:b9:3e:7c:41:ca:58:74:57:ce:6b:ad:1b:a4:5a:3d:bc:41:
98:6d:2d:1e:d6:29:19:c5:2c:1c:6a:91:e6:0a:eb:1a:e0:52:
19:8d:2e:ea:40:69:7f:35:2c:96:aa:ee:cf:99:6c:9f:85:09:
55:4d:55:16:75:98:07:fc:dd:8e:94:ea:6f:0b:7e:7d:ac:41:
eb:d3:2e:29:d8:e9:87:16:f1:4f:36:7c:bd:53:f3:78:24:1c:
81:78:c1:0c:16:30:46:ba:5c:71:e9:6f:78:68:46:11:e0:bf:
53:fd:eb:47:5b:0b:d8:15:50:c5:bc:06:b9:b4:c2:fb:37:c4:
35:a7:ec:03:7d:97:e3:40:86:fa:82:59:44:68:da:a8:05:fb:
39:30:b5:c2:fb:e1:31:9d:5b:bb:f9:7f:73:cd:27:cc:ba:d9:
39:dd:5c:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALbCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTEwMDk0MjAwWhcNMjQwNTIwMDk0MjAwWjAYMRYw
FAYDVQQDEw02NjNkZWJlYi1lODVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtlxa3++z0d3cJdDdQ+tnef1MdgauERYVgbzCUMxj5OWOqN9XX0lAUlj1
SMdyJljAGI45C2bOeKJlHNZc07EDPgnWQI6VqRxMyMqdfdbuVS4j30hc9P/xcAQr
7S2Y361Y8kHaZ55JELOQ8vJqCn2Ee9vKKtdYFJB3DzpTzrZlxY/1aKcBcY8U2zfH
Kkpe11Q+yqJy4e7RbAwfkoo6T1pmvR4PpnqjrJwY7+XJzImkHYRPstu4dIF/xBR4
y83qV9XbVoWgQyrWpuAqj8OrwcINw/6ZrFIzc107eqx1JFkN1Cc1UpbnB3tFKN3n
RfbT8PuJ42KQjcRda8jTp3bx3PEqIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE6v
Z8hWDbLtYuYXGpq/rpNTj4UwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RTU3RDU3QTBFQjExMUVGQTY3QjU1MjQwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7EMA0GCSqGSIb3DQEB
CwUAA4IBAQA8Bd4y9LUkTCse8XrA7LfFM3yCrbs5HtVMaWkcnyCKcF9lJtIknmGU
gdrtmhiPoyJ288oIuTjqUiyJdy/7Q73K+M8O2x24kqX5iS93/xrjhIJlendO9bcF
20uPuT58QcpYdFfOa60bpFo9vEGYbS0e1ikZxSwcapHmCusa4FIZjS7qQGl/NSyW
qu7PmWyfhQlVTVUWdZgH/N2OlOpvC359rEHr0y4p2OmHFvFPNny9U/N4JByBeMEM
FjBGulxx6W94aEYR4L9T/etHWwvYFVDFvAa5tML7N8Q1p+wDfZfjQIb6gllEaNqo
Bfs5MLXC++ExnVu7+X9zzSfMutk53VzA
-----END CERTIFICATE-----
Generated at Tue May 21 02:40:33 2024 by rpki-client on console-ams.rpki-client.org