Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AFDE4F7411B511EFB0064E42017001B1.roa
File: AFDE4F7411B511EFB0064E42017001B1.roa (raw, json)
Hash identifier: Y1/nHyQ+IJLXd/bMPp7gGb72P9XhR/kGhX5p2mkaw0E=
Subject key identifier: 6E:50:66:A4:6E:25:09:30:1A:A9:E2:36:CE:DB:15:93:A7:3C:C0:6A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B75C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AFDE4F7411B511EFB0064E42017001B1.roa
Signing time: Tue 14 May 2024 05:49:11 +0000
ROA not before: Tue 14 May 2024 05:49:07 +0000
ROA not after: Tue 21 May 2024 05:49:07 +0000
asID: 142062
IP address blocks: 154.196.96.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46940 (0xb75c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 14 05:49:07 2024 GMT
Not After : May 21 05:49:07 2024 GMT
Subject: CN=6642fb57-d207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a3:33:48:02:ac:ab:1d:0f:f1:32:36:65:40:
d5:70:2f:ac:3e:f7:01:6e:0b:36:78:bd:04:23:8c:
7d:63:a8:78:d5:bf:51:9a:a9:88:c2:b9:1a:dd:ef:
a8:70:be:ea:63:7c:59:d9:da:6e:ca:0a:44:3d:96:
b2:5e:84:64:f5:1b:78:38:31:1d:28:01:fa:ec:91:
82:4e:e1:54:de:9d:0c:cf:73:7e:07:22:ec:cf:1a:
a0:be:c1:68:1f:dc:ce:4e:6d:3a:fe:d5:c9:30:c7:
8b:a2:85:27:f4:08:66:a9:61:4c:e5:04:c3:ab:2d:
9a:01:3c:48:e2:0f:e3:02:f4:c3:e4:44:3d:39:76:
26:9e:48:49:53:2c:9d:52:bc:73:0c:8e:11:a5:f7:
15:04:70:75:38:67:cd:96:0a:c9:6c:1d:75:b3:45:
be:bc:30:6a:3b:26:02:89:92:52:cc:8d:d5:10:e8:
05:71:30:28:71:66:b4:a8:44:66:02:21:94:aa:68:
38:52:ef:18:d5:7f:33:94:4d:b4:96:cb:39:08:22:
a9:62:4f:67:dc:16:1b:e4:5a:ff:6e:72:ea:d3:4c:
d5:45:3c:71:c5:27:ee:f4:40:e4:76:51:c6:98:e5:
c4:f7:0a:0c:48:4e:63:a8:d5:7e:3a:b3:e0:af:1d:
5a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:50:66:A4:6E:25:09:30:1A:A9:E2:36:CE:DB:15:93:A7:3C:C0:6A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AFDE4F7411B511EFB0064E42017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.96.0/19
Signature Algorithm: sha256WithRSAEncryption
b7:b5:85:6f:e1:d4:c2:9d:80:da:30:66:d6:90:32:39:09:40:
32:c9:a3:58:24:66:2d:bc:53:9d:b5:a7:61:66:ba:4d:8f:ae:
0f:f8:bb:2d:7d:24:24:80:bb:6a:0c:a5:d3:8e:cf:e0:09:c9:
ba:d9:67:a0:47:7c:b0:a1:07:42:d5:3a:a1:b7:4f:ad:a3:d3:
65:32:9b:06:59:1a:3e:af:0a:ec:b4:ec:66:9a:ad:c7:75:0e:
f5:3c:bc:ff:72:5f:20:1f:d1:f6:d6:d4:0b:26:df:8d:75:38:
44:f2:6d:03:df:ca:57:c7:b6:f1:b2:02:0a:9c:52:a9:f9:24:
48:42:c8:12:3d:02:2d:14:c9:3a:f5:01:8a:e5:1b:23:04:05:
9d:20:93:6a:18:e0:16:69:e8:51:54:73:1b:8f:5d:de:a0:8b:
4b:19:80:27:f9:6a:3c:51:41:77:b9:17:35:c8:c9:b3:36:3b:
9d:0b:6a:df:91:9c:c0:46:cd:51:f4:4e:e7:42:7c:6d:8f:42:
05:ff:89:7f:b7:c6:78:6f:ff:69:30:a2:78:37:eb:25:94:ef:
d3:64:b3:d7:99:98:0b:ba:c3:95:05:7e:ba:23:68:a2:0b:90:
01:75:a5:fa:a4:75:8d:9b:c2:d6:b9:6f:c3:db:72:9f:07:c7:
b3:8c:48:df
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALdcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTE0MDU0OTA3WhcNMjQwNTIxMDU0OTA3WjAYMRYw
FAYDVQQDEw02NjQyZmI1Ny1kMjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5aMzSAKsqx0P8TI2ZUDVcC+sPvcBbgs2eL0EI4x9Y6h41b9RmqmIwrka
3e+ocL7qY3xZ2dpuygpEPZayXoRk9Rt4ODEdKAH67JGCTuFU3p0Mz3N+ByLszxqg
vsFoH9zOTm06/tXJMMeLooUn9AhmqWFM5QTDqy2aATxI4g/jAvTD5EQ9OXYmnkhJ
UyydUrxzDI4RpfcVBHB1OGfNlgrJbB11s0W+vDBqOyYCiZJSzI3VEOgFcTAocWa0
qERmAiGUqmg4Uu8Y1X8zlE20lss5CCKpYk9n3BYb5Fr/bnLq00zVRTxxxSfu9EDk
dlHGmOXE9woMSE5jqNV+OrPgrx1a+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG5Q
ZqRuJQkwGqniNs7bFZOnPMBqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRkRFNEY3NDExQjUxMUVGQjAwNjRFNDIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmsRgMA0GCSqGSIb3DQEB
CwUAA4IBAQC3tYVv4dTCnYDaMGbWkDI5CUAyyaNYJGYtvFOdtadhZrpNj64P+Lst
fSQkgLtqDKXTjs/gCcm62WegR3ywoQdC1Tqht0+to9NlMpsGWRo+rwrstOxmmq3H
dQ71PLz/cl8gH9H21tQLJt+NdThE8m0D38pXx7bxsgIKnFKp+SRIQsgSPQItFMk6
9QGK5RsjBAWdIJNqGOAWaehRVHMbj13eoItLGYAn+Wo8UUF3uRc1yMmzNjudC2rf
kZzARs1R9E7nQnxtj0IF/4l/t8Z4b/9pMKJ4N+sllO/TZLPXmZgLusOVBX66I2ii
C5ABdaX6pHWNm8LWuW/D23KfB8ezjEjf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:19 2024 by rpki-client on console-ams.rpki-client.org