Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD35A40AA7DE11EF8D7164A7762E951A.roa
File: BD35A40AA7DE11EF8D7164A7762E951A.roa (raw, json)
Hash identifier: dvRRbGqoUFf3J/tktYhiTeiG95yd8Duv6qfnkOlu6GE=
Subject key identifier: 32:01:8F:2C:43:02:83:A8:68:F2:C3:1C:58:96:BB:7F:5E:B7:21:E5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010FE4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD35A40AA7DE11EF8D7164A7762E951A.roa
Signing time: Thu 21 Nov 2024 08:00:57 +0000
ROA not before: Sat 30 Nov 2024 08:00:53 +0000
ROA not after: Sat 30 Nov 2024 08:00:53 +0000
asID: 149014
IP address blocks: 154.223.168.0/22 maxlen: 24
Validation: Failed, certificate is not yet valid
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69604 (0x10fe4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 30 08:00:53 2024 GMT
Not After : Nov 30 08:00:53 2024 GMT
Subject: CN=673ee8b9-64df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:19:c3:94:0e:72:15:68:06:46:55:64:15:2a:
9e:b4:32:f5:9a:3d:5a:e7:6c:9c:33:c6:52:8d:9e:
fe:32:a0:33:56:fd:0a:98:85:46:92:7a:4c:e6:6e:
06:d0:e9:ee:a0:93:71:ac:77:2a:c3:ba:bd:95:7e:
00:6f:3f:57:7a:0e:c2:13:bc:92:d6:db:fa:7a:72:
61:ac:e9:01:72:86:bf:8c:86:2a:ac:1f:33:cd:e4:
ff:5e:66:ca:22:38:73:f2:ec:fe:33:d6:98:76:35:
41:6c:a7:cf:dc:a6:37:fa:bf:b3:d0:3c:c2:50:63:
9f:67:d5:9c:10:42:e4:21:9a:b6:8b:c7:f2:21:a0:
9d:9e:00:30:0f:51:e2:c9:dc:b8:83:5a:ef:bd:85:
09:d7:dc:c3:06:1d:85:29:28:22:cc:bc:54:5a:14:
70:6f:47:35:52:57:f9:04:fc:38:33:07:b2:2a:59:
6e:fa:f1:f2:1c:5f:79:04:53:5f:bb:1e:86:b9:2c:
cc:cb:27:71:7c:bb:b5:9d:75:25:3c:9a:8b:cf:73:
ca:b7:f4:ae:91:06:e6:97:97:13:0d:ac:46:9d:15:
c8:5b:2c:09:78:4b:1f:60:c9:ce:fd:86:59:b3:c5:
87:7d:12:b6:96:e1:d6:45:db:d1:31:0a:9b:21:ca:
da:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:01:8F:2C:43:02:83:A8:68:F2:C3:1C:58:96:BB:7F:5E:B7:21:E5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD35A40AA7DE11EF8D7164A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:14:a8:0d:d6:6b:72:ea:37:40:d2:bc:c0:36:bb:ed:87:fc:
f5:89:24:87:d7:c4:9d:f5:ec:5d:9c:eb:db:f3:d8:ee:9b:dd:
ac:05:0e:01:bd:30:b9:9a:d9:6c:4d:44:19:2f:07:30:dd:af:
40:01:99:45:62:f4:ed:1e:57:08:7f:b5:fa:3f:e0:ea:ed:6c:
f6:fa:8e:97:b1:38:4b:9d:f5:55:37:ff:1b:aa:dd:d5:e8:e2:
f5:1c:32:db:7f:8c:02:2b:7d:a9:f9:5a:4e:32:38:87:cb:8b:
e4:67:e6:cb:34:a7:95:04:05:de:d6:71:88:21:45:25:da:26:
f2:ba:85:4d:f3:04:e1:83:3d:7f:0e:04:0a:85:56:32:70:77:
9f:31:83:82:87:70:4a:8d:19:dd:0f:3b:99:d4:52:7c:5a:e0:
91:32:e2:77:ee:b3:f8:7a:9b:93:51:0a:6f:2c:62:f1:82:23:
6d:52:38:cb:e6:bd:9a:8d:b8:6b:a0:dc:bd:95:00:53:e8:79:
ac:d9:d9:ec:d3:3c:8c:e8:d8:e3:1a:f2:f5:58:d6:b5:07:d6:
6f:75:c8:be:1b:87:4d:ab:c6:58:44:8e:8c:fd:74:6f:6e:5b:
da:cd:9e:74:56:a2:bd:5f:0d:3f:1b:67:58:4b:31:4a:2b:5a:
fc:27:40:c9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ/kMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTMwMDgwMDUzWhcNMjQxMTMwMDgwMDUzWjAYMRYw
FAYDVQQDEw02NzNlZThiOS02NGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArxnDlA5yFWgGRlVkFSqetDL1mj1a52ycM8ZSjZ7+MqAzVv0KmIVGknpM
5m4G0OnuoJNxrHcqw7q9lX4Abz9Xeg7CE7yS1tv6enJhrOkBcoa/jIYqrB8zzeT/
XmbKIjhz8uz+M9aYdjVBbKfP3KY3+r+z0DzCUGOfZ9WcEELkIZq2i8fyIaCdngAw
D1Hiydy4g1rvvYUJ19zDBh2FKSgizLxUWhRwb0c1Ulf5BPw4MweyKllu+vHyHF95
BFNfux6GuSzMyydxfLu1nXUlPJqLz3PKt/SukQbml5cTDaxGnRXIWywJeEsfYMnO
/YZZs8WHfRK2luHWRdvRMQqbIcratQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDIB
jyxDAoOoaPLDHFiWu39etyHlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRDM1QTQwQUE3REUxMUVGOEQ3MTY0QTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmt+oMA0GCSqGSIb3DQEB
CwUAA4IBAQCtFKgN1mty6jdA0rzANrvth/z1iSSH18Sd9exdnOvb89jum92sBQ4B
vTC5mtlsTUQZLwcw3a9AAZlFYvTtHlcIf7X6P+Dq7Wz2+o6XsThLnfVVN/8bqt3V
6OL1HDLbf4wCK32p+VpOMjiHy4vkZ+bLNKeVBAXe1nGIIUUl2ibyuoVN8wThgz1/
DgQKhVYycHefMYOCh3BKjRndDzuZ1FJ8WuCRMuJ37rP4epuTUQpvLGLxgiNtUjjL
5r2ajbhroNy9lQBT6Hms2dns0zyM6NjjGvL1WNa1B9Zvdci+G4dNq8ZYRI6M/XRv
blvazZ50VqK9Xw0/G2dYSzFKK1r8J0DJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:25 2024 by rpki-client on console-ams.rpki-client.org