Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD405B02FB9A11EE8F841912017001B1.roa
File: BD405B02FB9A11EE8F841912017001B1.roa (raw, json)
Hash identifier: qXo95Gj4UWr2CuFprNuAx2UsySr3ts1U7nsFOYpSsAw=
Subject key identifier: CF:43:ED:D8:69:83:4E:8B:62:B6:DB:58:57:6E:EA:D9:B2:0A:29:C8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AD15
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD405B02FB9A11EE8F841912017001B1.roa
Signing time: Tue 16 Apr 2024 02:40:51 +0000
ROA not before: Tue 16 Apr 2024 02:40:48 +0000
ROA not after: Thu 25 Apr 2024 02:40:48 +0000
asID: 132325
IP address blocks: 154.212.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44309 (0xad15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 02:40:48 2024 GMT
Not After : Apr 25 02:40:48 2024 GMT
Subject: CN=661de533-c1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0d:09:2e:b4:51:aa:19:61:09:de:09:18:9a:
f1:17:2a:7a:e7:e8:8a:a2:98:9f:53:c1:61:c2:d1:
6c:6e:f4:57:70:0e:53:a3:94:6d:24:55:8e:52:cd:
f6:e2:c9:c4:f9:80:89:ac:67:95:ad:b1:16:40:88:
ac:77:e2:8e:0c:ae:c4:8b:e1:04:a0:25:a8:3a:47:
c9:a2:36:d8:25:b0:44:1b:52:a3:9d:7d:65:e8:69:
21:e6:ab:f4:8d:47:87:b1:da:b6:e8:76:c8:a3:98:
23:3b:26:f3:78:e0:67:7c:9a:e4:56:8f:2c:cb:6a:
c3:84:b4:2e:4a:a7:9f:2e:7c:7e:d3:4b:bf:fd:da:
02:70:5d:83:0f:f5:0b:06:a0:40:ee:91:5e:21:10:
02:67:94:f7:5b:0d:bd:d5:09:a9:2b:cd:55:94:f8:
63:8c:16:19:23:4b:69:e7:86:53:42:9c:e4:e8:c8:
11:ba:8f:45:c6:db:3f:9c:a4:e9:51:bf:4b:e6:0a:
b0:88:7d:21:6d:a9:fb:89:2f:93:d1:4a:74:ce:c2:
92:31:b6:67:16:bf:64:1d:db:b1:64:1b:ce:9b:44:
3a:05:23:30:66:5a:f6:0e:29:ec:87:09:e5:f1:37:
62:4f:51:7f:92:2e:d6:a3:1b:b0:cb:4b:dd:48:1f:
b2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:43:ED:D8:69:83:4E:8B:62:B6:DB:58:57:6E:EA:D9:B2:0A:29:C8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD405B02FB9A11EE8F841912017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.147.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:b4:25:28:2f:e9:e8:27:06:cf:25:ea:79:1e:60:9f:3d:be:
fb:84:58:88:96:41:aa:b7:b1:5d:3b:2b:14:d5:7e:d2:24:15:
ff:ed:01:2d:0e:a9:bf:c8:02:0b:98:64:c1:a1:36:c7:0e:7f:
67:5c:c1:ae:16:52:02:a0:02:7b:a8:80:ff:bf:36:b7:ff:bf:
7f:51:b4:e8:0a:6f:0b:c2:d6:0e:1f:54:d4:c2:fd:fe:6b:3b:
39:0f:fb:99:f6:12:46:8d:03:30:6f:90:76:67:0d:c0:ca:30:
34:98:08:21:be:c0:c5:ea:98:cb:a7:6a:27:65:3e:50:c2:36:
d9:5c:5b:40:25:42:70:88:62:a4:d0:4c:3d:49:0f:3b:26:16:
d9:ea:da:b0:d5:00:35:c0:a1:df:d8:8d:d5:96:c8:d1:39:fe:
34:46:a0:61:80:26:bd:0a:49:4f:95:96:70:3d:cf:81:d1:ee:
6e:a1:5f:fc:35:ec:bc:e6:62:ba:cc:4a:68:83:cf:7c:fd:bf:
c0:2c:4b:e5:72:4b:84:ab:8d:93:88:39:b7:62:5e:fc:06:5e:
7b:19:0a:b0:2c:a2:43:c8:85:1b:0f:d7:37:74:e7:7b:58:a3:
ee:4f:17:01:05:c7:0b:60:7e:26:9c:86:aa:89:d9:14:6a:23:
c2:3a:1e:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK0VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE2MDI0MDQ4WhcNMjQwNDI1MDI0MDQ4WjAYMRYw
FAYDVQQDEw02NjFkZTUzMy1jMWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAog0JLrRRqhlhCd4JGJrxFyp65+iKopifU8FhwtFsbvRXcA5To5RtJFWO
Us324snE+YCJrGeVrbEWQIisd+KODK7Ei+EEoCWoOkfJojbYJbBEG1KjnX1l6Gkh
5qv0jUeHsdq26HbIo5gjOybzeOBnfJrkVo8sy2rDhLQuSqefLnx+00u//doCcF2D
D/ULBqBA7pFeIRACZ5T3Ww291QmpK81VlPhjjBYZI0tp54ZTQpzk6MgRuo9Fxts/
nKTpUb9L5gqwiH0hban7iS+T0Up0zsKSMbZnFr9kHduxZBvOm0Q6BSMwZlr2Dins
hwnl8TdiT1F/ki7Woxuwy0vdSB+yFQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM9D
7dhpg06LYrbbWFdu6tmyCinIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRDQwNUIwMkZCOUExMUVFOEY4NDE5MTIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtSTMA0GCSqGSIb3DQEB
CwUAA4IBAQBatCUoL+noJwbPJep5HmCfPb77hFiIlkGqt7FdOysU1X7SJBX/7QEt
Dqm/yAILmGTBoTbHDn9nXMGuFlICoAJ7qID/vza3/79/UbToCm8LwtYOH1TUwv3+
azs5D/uZ9hJGjQMwb5B2Zw3AyjA0mAghvsDF6pjLp2onZT5QwjbZXFtAJUJwiGKk
0Ew9SQ87JhbZ6tqw1QA1wKHf2I3VlsjROf40RqBhgCa9CklPlZZwPc+B0e5uoV/8
Ney85mK6zEpog898/b/ALEvlckuEq42TiDm3Yl78Bl57GQqwLKJDyIUbD9c3dOd7
WKPuTxcBBccLYH4mnIaqidkUaiPCOh4I
-----END CERTIFICATE-----
Generated at Thu Apr 25 10:41:11 2024 by rpki-client on console-ams.rpki-client.org