Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F9139ECF70211EEB0C7C572775412E6.roa
File: 9F9139ECF70211EEB0C7C572775412E6.roa (raw, json)
Hash identifier: PEHYSCFYLDXbBpVW+OG8TKyRqWS2aWoxz16IuxrMHgI=
Subject key identifier: 10:3B:50:25:52:AB:F4:A2:B4:97:3F:F0:E6:A2:6D:AE:BC:D0:F1:FD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AAB4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F9139ECF70211EEB0C7C572775412E6.roa
Signing time: Wed 10 Apr 2024 06:21:53 +0000
ROA not before: Wed 10 Apr 2024 06:21:50 +0000
ROA not after: Wed 01 May 2024 06:21:50 +0000
asID: 44559
IP address blocks: 154.203.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43700 (0xaab4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 10 06:21:50 2024 GMT
Not After : May 1 06:21:50 2024 GMT
Subject: CN=66163001-f1d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:91:bb:82:57:9a:af:88:49:12:ba:eb:4d:87:
bc:e3:f4:84:70:63:c5:e2:60:3b:1a:03:08:88:ec:
55:3f:67:60:36:87:91:20:62:0e:1f:1f:98:38:3f:
dd:3e:17:b6:ee:1e:34:d9:6e:e3:8c:21:dc:0d:0e:
92:bc:06:87:f8:88:90:e0:bd:6a:79:73:e0:14:76:
1b:85:53:87:01:17:1d:95:14:7c:42:85:96:16:f8:
11:b0:44:91:9e:0d:6f:d3:e6:7e:94:d2:00:b4:a0:
f4:00:08:82:97:f7:c9:d7:b7:33:c1:97:3a:e0:c3:
d8:dd:f6:76:b0:ea:df:cd:03:82:db:87:de:da:ca:
d3:e1:52:7f:34:f5:51:b3:4e:9b:99:62:57:4e:05:
6e:3a:93:f9:c9:dd:74:ed:80:77:dc:dd:3a:3c:d4:
a2:56:03:bb:b1:7b:9c:a5:e9:20:fd:c1:85:53:50:
96:b8:d1:04:22:01:b7:5b:f5:3d:09:de:7a:d2:e7:
43:32:0a:a1:80:3a:82:90:9b:2a:6e:ff:ee:a7:de:
14:9e:74:57:ed:08:12:07:88:96:cd:9f:c1:1d:56:
b0:87:f4:28:5f:2a:85:f8:83:40:90:c3:27:2e:df:
ed:62:52:32:5d:4f:42:19:f5:79:d7:d3:f7:3d:e1:
63:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:3B:50:25:52:AB:F4:A2:B4:97:3F:F0:E6:A2:6D:AE:BC:D0:F1:FD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F9139ECF70211EEB0C7C572775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.224.0/20
Signature Algorithm: sha256WithRSAEncryption
aa:ee:d6:0b:81:f9:29:fe:c3:bf:e3:cf:b6:33:44:9f:72:01:
9b:8e:61:c0:f8:50:43:44:44:60:93:3b:4a:a2:67:fc:51:96:
24:88:88:4f:35:89:03:6b:61:78:30:2a:28:fd:8e:f5:f3:e2:
a2:64:da:d6:c9:e2:38:41:bc:2d:55:05:7f:b7:a2:bc:5a:0c:
1e:65:f8:e0:98:b1:1f:f5:47:7f:71:f9:ec:96:04:45:ca:ee:
2f:c3:2f:d0:92:f7:c7:07:cb:c8:cf:a3:8a:db:24:b6:62:61:
a1:fb:78:80:fb:45:2e:32:fd:55:54:02:1f:c7:61:cd:6e:92:
a2:c9:65:43:02:58:79:4d:ce:10:66:60:ab:18:9f:e7:d0:67:
85:8d:b3:ff:b0:17:a3:75:94:d3:29:6d:bf:10:89:33:6b:ca:
f3:7f:69:f3:87:84:b9:66:20:b4:b6:06:cb:c7:37:c2:d0:ca:
4b:f7:de:e0:c5:6f:ac:00:01:1a:55:f3:c0:9f:e9:9f:cc:9e:
5c:7d:83:ba:43:59:e0:58:cc:51:d5:2d:4b:3c:16:b0:02:19:
3e:1b:df:86:d7:12:ed:f1:62:d9:f9:05:b9:1a:98:5b:10:7a:
b8:fc:0d:37:dd:00:55:ee:e6:74:54:61:8f:92:bb:ae:f3:73:
9b:af:3b:91
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKq0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDEwMDYyMTUwWhcNMjQwNTAxMDYyMTUwWjAYMRYw
FAYDVQQDEw02NjE2MzAwMS1mMWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA05G7glear4hJErrrTYe84/SEcGPF4mA7GgMIiOxVP2dgNoeRIGIOHx+Y
OD/dPhe27h402W7jjCHcDQ6SvAaH+IiQ4L1qeXPgFHYbhVOHARcdlRR8QoWWFvgR
sESRng1v0+Z+lNIAtKD0AAiCl/fJ17czwZc64MPY3fZ2sOrfzQOC24fe2srT4VJ/
NPVRs06bmWJXTgVuOpP5yd107YB33N06PNSiVgO7sXucpekg/cGFU1CWuNEEIgG3
W/U9Cd560udDMgqhgDqCkJsqbv/up94UnnRX7QgSB4iWzZ/BHVawh/QoXyqF+INA
kMMnLt/tYlIyXU9CGfV519P3PeFjcQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBA7
UCVSq/SitJc/8Oaiba680PH9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RjkxMzlFQ0Y3MDIxMUVFQjBDN0M1NzI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsvgMA0GCSqGSIb3DQEB
CwUAA4IBAQCq7tYLgfkp/sO/48+2M0SfcgGbjmHA+FBDRERgkztKomf8UZYkiIhP
NYkDa2F4MCoo/Y718+KiZNrWyeI4QbwtVQV/t6K8WgweZfjgmLEf9Ud/cfnslgRF
yu4vwy/QkvfHB8vIz6OK2yS2YmGh+3iA+0UuMv1VVAIfx2HNbpKiyWVDAlh5Tc4Q
ZmCrGJ/n0GeFjbP/sBejdZTTKW2/EIkza8rzf2nzh4S5ZiC0tgbLxzfC0MpL997g
xW+sAAEaVfPAn+mfzJ5cfYO6Q1ngWMxR1S1LPBawAhk+G9+G1xLt8WLZ+QW5Gphb
EHq4/A033QBV7uZ0VGGPkruu83ObrzuR
-----END CERTIFICATE-----
Generated at Wed May 1 15:29:50 2024 by rpki-client on console-fra.rpki-client.org