Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B84D1D0FACA11EEB0127064017001B1.roa
File: 9B84D1D0FACA11EEB0127064017001B1.roa (raw, json)
Hash identifier: kM6yVPgNozoejVTtNkSWi2SzZ+SjVsPMQL7UqgMlCYA=
Subject key identifier: 6D:8D:4F:20:35:8F:73:CC:E0:4F:EE:68:D7:5B:79:87:E3:A3:65:9C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: ABF9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B84D1D0FACA11EEB0127064017001B1.roa
Signing time: Mon 15 Apr 2024 01:50:59 +0000
ROA not before: Mon 15 Apr 2024 01:50:56 +0000
ROA not after: Wed 24 Apr 2024 01:50:56 +0000
asID: 142062
IP address blocks: 154.206.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44025 (0xabf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 01:50:56 2024 GMT
Not After : Apr 24 01:50:56 2024 GMT
Subject: CN=661c8803-485e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f8:e7:d9:d6:ef:f0:73:94:21:14:e0:c7:01:
63:06:df:ca:13:1d:38:43:7c:70:c5:d3:bf:63:0b:
42:c5:d5:c8:02:eb:53:8e:4f:e5:df:57:0a:96:74:
9a:67:04:c8:f5:99:aa:ab:dc:01:20:92:e7:af:32:
98:ff:64:f0:ab:0d:f4:bd:ab:cd:da:9a:3f:28:5e:
d9:eb:48:ad:94:05:91:8e:8d:82:1c:db:f8:7c:30:
2a:55:b2:2f:1f:79:cf:0e:db:a9:6a:69:76:d5:50:
2a:3a:12:c6:26:97:fa:ee:ee:bf:c8:73:1c:a1:b0:
14:b7:8e:f8:0f:08:a7:8c:b2:e2:62:29:e1:80:a9:
ec:d3:55:ce:3f:5a:77:69:41:ea:d2:72:02:d7:cb:
af:8d:96:34:7e:dc:52:61:28:11:45:d3:cb:7a:92:
b2:da:82:35:a4:34:e9:17:ae:07:bd:51:5b:4e:22:
47:7a:75:76:5f:f5:01:f6:18:b1:c1:4f:16:be:75:
70:e4:0d:ad:1f:9c:6f:4c:91:98:98:50:50:70:0b:
dd:00:b7:63:ca:18:ad:db:aa:df:22:cf:67:82:ed:
a6:c7:cb:a4:81:c0:1c:e0:cc:a6:3f:34:24:bc:37:
27:91:4b:b3:5b:90:3e:3c:c0:a9:a9:44:d2:2b:bc:
32:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8D:4F:20:35:8F:73:CC:E0:4F:EE:68:D7:5B:79:87:E3:A3:65:9C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B84D1D0FACA11EEB0127064017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.202.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:82:e4:18:ce:5a:84:91:5f:82:6e:1d:13:04:ce:e9:6d:6a:
63:31:75:6d:01:8d:0c:c6:2f:87:b6:ea:4b:6c:4b:1c:89:aa:
7c:b0:25:f8:d7:20:50:95:21:1b:3e:49:33:aa:5e:ac:09:11:
64:30:62:bd:2c:b1:8b:85:0e:34:d3:19:72:1f:7a:18:14:62:
d0:47:51:d6:06:3f:1d:87:3e:6b:f4:a2:6e:4d:2e:8b:b0:38:
c3:89:88:b7:99:78:c4:e4:35:08:be:8b:74:07:03:17:09:22:
c9:9e:ba:6a:c7:ed:42:e7:cb:53:37:27:18:1d:d2:e6:35:2f:
31:82:ed:d9:28:8e:e2:96:2f:25:b2:9c:c1:a3:49:8c:a3:d6:
e2:29:e8:9f:cc:0e:2a:b0:ee:31:d5:40:7c:94:c4:75:95:11:
12:dc:a1:55:0f:81:3d:46:89:9f:a7:3c:33:a0:7b:4a:d5:ea:
3a:55:88:2b:8d:ad:b1:9f:f1:9a:e5:45:5f:9a:2b:d5:1d:dc:
05:81:ba:6f:29:42:19:8b:39:cc:1d:52:ec:31:37:ec:77:30:
50:ae:60:5d:fd:39:7c:8e:6f:e1:30:07:d1:d7:e4:8c:ad:54:
d0:77:a6:31:49:3a:e2:fe:18:00:68:19:7b:a7:ca:3c:52:ed:
52:cc:f4:0d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKv5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDE1MDU2WhcNMjQwNDI0MDE1MDU2WjAYMRYw
FAYDVQQDEw02NjFjODgwMy00ODVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4Pjn2dbv8HOUIRTgxwFjBt/KEx04Q3xwxdO/YwtCxdXIAutTjk/l31cK
lnSaZwTI9Zmqq9wBIJLnrzKY/2Twqw30vavN2po/KF7Z60itlAWRjo2CHNv4fDAq
VbIvH3nPDtupaml21VAqOhLGJpf67u6/yHMcobAUt474DwinjLLiYinhgKns01XO
P1p3aUHq0nIC18uvjZY0ftxSYSgRRdPLepKy2oI1pDTpF64HvVFbTiJHenV2X/UB
9hixwU8WvnVw5A2tH5xvTJGYmFBQcAvdALdjyhit26rfIs9ngu2mx8ukgcAc4Mym
PzQkvDcnkUuzW5A+PMCpqUTSK7wyKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG2N
TyA1j3PM4E/uaNdbeYfjo2WcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85Qjg0RDFEMEZBQ0ExMUVFQjAxMjcwNjQwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7KMA0GCSqGSIb3DQEB
CwUAA4IBAQC1guQYzlqEkV+Cbh0TBM7pbWpjMXVtAY0Mxi+HtupLbEsciap8sCX4
1yBQlSEbPkkzql6sCRFkMGK9LLGLhQ400xlyH3oYFGLQR1HWBj8dhz5r9KJuTS6L
sDjDiYi3mXjE5DUIvot0BwMXCSLJnrpqx+1C58tTNycYHdLmNS8xgu3ZKI7ili8l
spzBo0mMo9biKeifzA4qsO4x1UB8lMR1lRES3KFVD4E9RomfpzwzoHtK1eo6VYgr
ja2xn/Ga5UVfmivVHdwFgbpvKUIZiznMHVLsMTfsdzBQrmBd/Tl8jm/hMAfR1+SM
rVTQd6YxSTri/hgAaBl7p8o8Uu1SzPQN
-----END CERTIFICATE-----
Generated at Wed Apr 24 09:55:39 2024 by rpki-client on console-fra.rpki-client.org