Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF295C04FBA211EE97D71456017001B1.roa
File: BF295C04FBA211EE97D71456017001B1.roa (raw, json)
Hash identifier: iSd3bIjvtFCps1IJHNrrUaQKysJY+XlQZCURlXzgb5E=
Subject key identifier: 89:DE:46:AF:68:5F:BC:AC:08:3F:2B:1A:2F:9A:47:30:59:B2:53:B7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AD53
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF295C04FBA211EE97D71456017001B1.roa
Signing time: Tue 16 Apr 2024 03:38:11 +0000
ROA not before: Tue 16 Apr 2024 03:38:07 +0000
ROA not after: Wed 24 Apr 2024 03:38:07 +0000
asID: 142062
IP address blocks: 154.206.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44371 (0xad53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 03:38:07 2024 GMT
Not After : Apr 24 03:38:07 2024 GMT
Subject: CN=661df2a2-2a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:99:59:b1:a6:da:77:70:91:ea:0a:17:51:3b:
fd:14:41:91:26:61:e1:4c:8c:dc:5d:63:22:b0:ba:
19:a0:c4:dd:49:34:b0:c2:a4:1a:a1:64:fe:f3:b1:
eb:28:ae:dd:36:57:f8:6e:24:40:91:ca:e6:bc:b2:
40:d6:21:c3:0d:52:29:98:57:50:14:f2:1c:00:e7:
4c:88:6e:21:38:81:0e:43:4c:18:14:69:4a:fc:d4:
67:78:47:50:b8:90:fa:16:17:11:60:9c:25:06:09:
2e:68:be:65:16:ad:a2:66:f1:77:52:83:09:cc:1f:
7e:5d:1a:fa:ce:6e:20:72:ed:02:87:af:ba:a0:9c:
86:07:4f:56:f3:82:0a:fa:bd:69:38:77:2a:41:64:
15:61:f9:e7:bd:74:df:49:37:e6:66:f8:b0:d3:24:
15:18:b2:2b:3f:2b:88:a2:19:37:7d:a3:5a:c7:23:
11:26:85:15:97:cd:7c:db:22:ff:51:97:93:ac:9c:
87:99:3d:ab:1c:ab:0b:2b:15:aa:68:d4:62:8f:75:
b7:28:38:f9:13:be:29:21:f2:3d:fb:e7:ed:2e:cf:
8a:e8:2e:40:bf:3d:16:14:91:52:6c:5a:9b:99:bd:
77:9a:d3:b3:cb:be:53:b8:3c:3b:db:ba:ef:5f:17:
ba:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DE:46:AF:68:5F:BC:AC:08:3F:2B:1A:2F:9A:47:30:59:B2:53:B7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF295C04FBA211EE97D71456017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:be:34:51:e0:6c:80:ee:64:1c:3d:df:bc:0b:86:1c:0f:46:
1a:a0:b4:4c:5b:77:e3:ad:08:04:dc:1f:24:f6:1a:95:20:ce:
20:24:55:f9:63:8b:97:95:a8:b6:6e:c6:57:85:ac:09:a1:48:
d2:7e:41:ee:80:d1:d5:d1:2d:34:9e:79:10:ba:23:8e:a9:9d:
b5:42:45:8e:6f:5d:82:f5:9e:db:41:50:28:05:5a:1b:fb:4c:
98:f8:6f:48:51:e5:1c:f9:1a:e6:36:c0:11:8d:07:3c:18:1a:
40:9c:fa:86:02:2b:96:69:29:81:4f:71:74:39:88:61:17:e5:
e1:cf:ca:0e:a6:9e:ef:ab:18:ad:fa:7c:20:2d:83:e7:b7:27:
f2:a5:48:7a:69:f3:cf:d7:65:a7:45:d9:28:3f:18:e2:6d:a8:
03:9f:1c:0b:a8:58:74:c2:25:cd:6e:91:04:0f:70:3e:f8:b8:
72:95:3a:11:29:d0:a9:46:22:8a:d4:d5:38:f1:cc:ee:41:35:
6a:33:64:7a:a5:86:5f:19:80:cd:27:2f:46:46:90:1c:7c:93:
8b:b3:3b:2a:19:24:91:66:23:31:44:85:cb:2a:13:71:2c:fa:
13:cc:f0:93:21:99:52:78:87:10:d6:4e:1a:e2:49:8b:8d:37:
20:60:79:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK1TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE2MDMzODA3WhcNMjQwNDI0MDMzODA3WjAYMRYw
FAYDVQQDEw02NjFkZjJhMi0yYTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArJlZsabad3CR6goXUTv9FEGRJmHhTIzcXWMisLoZoMTdSTSwwqQaoWT+
87HrKK7dNlf4biRAkcrmvLJA1iHDDVIpmFdQFPIcAOdMiG4hOIEOQ0wYFGlK/NRn
eEdQuJD6FhcRYJwlBgkuaL5lFq2iZvF3UoMJzB9+XRr6zm4gcu0Ch6+6oJyGB09W
84IK+r1pOHcqQWQVYfnnvXTfSTfmZviw0yQVGLIrPyuIohk3faNaxyMRJoUVl818
2yL/UZeTrJyHmT2rHKsLKxWqaNRij3W3KDj5E74pIfI9++ftLs+K6C5Avz0WFJFS
bFqbmb13mtOzy75TuDw727rvXxe6wwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIne
Rq9oX7ysCD8rGi+aRzBZslO3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjI5NUMwNEZCQTIxMUVFOTdENzE0NTYwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7GMA0GCSqGSIb3DQEB
CwUAA4IBAQBavjRR4GyA7mQcPd+8C4YcD0YaoLRMW3fjrQgE3B8k9hqVIM4gJFX5
Y4uXlai2bsZXhawJoUjSfkHugNHV0S00nnkQuiOOqZ21QkWOb12C9Z7bQVAoBVob
+0yY+G9IUeUc+RrmNsARjQc8GBpAnPqGAiuWaSmBT3F0OYhhF+Xhz8oOpp7vqxit
+nwgLYPntyfypUh6afPP12WnRdkoPxjibagDnxwLqFh0wiXNbpEED3A++LhylToR
KdCpRiKK1NU48czuQTVqM2R6pYZfGYDNJy9GRpAcfJOLszsqGSSRZiMxRIXLKhNx
LPoTzPCTIZlSeIcQ1k4a4kmLjTcgYHnC
-----END CERTIFICATE-----
Generated at Wed Apr 24 12:34:44 2024 by rpki-client on console-ams.rpki-client.org