Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C1AF313C0EA911EFA3AD6663017001B1.roa
File: C1AF313C0EA911EFA3AD6663017001B1.roa (raw, json)
Hash identifier: CVvNR5KXjR6PW9MW0u0ISoufwMFbNswquPKwHDpx8Os=
Subject key identifier: E4:F6:58:74:7F:CC:40:14:88:3F:7F:74:97:1C:EA:AF:29:9D:49:5C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B666
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C1AF313C0EA911EFA3AD6663017001B1.roa
Signing time: Fri 10 May 2024 08:46:13 +0000
ROA not before: Fri 10 May 2024 08:46:10 +0000
ROA not after: Mon 20 May 2024 08:46:10 +0000
asID: 142062
IP address blocks: 154.206.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46694 (0xb666)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 10 08:46:10 2024 GMT
Not After : May 20 08:46:10 2024 GMT
Subject: CN=663dded5-88be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:15:71:0b:08:2c:e8:58:97:71:ea:04:26:b1:
9c:78:61:d3:54:6d:92:b0:9c:f9:6b:d1:52:dc:eb:
c6:18:f9:cd:ef:83:55:c7:31:7a:7f:1a:81:3c:2f:
98:18:6b:73:a5:01:cf:61:c6:63:00:43:31:18:1e:
9b:07:b8:1c:e3:d2:43:69:94:ae:41:45:6b:d8:3f:
67:d6:e3:d0:cf:63:1d:bb:70:42:7f:93:96:b1:46:
48:21:01:9d:d1:2a:63:ab:d1:7b:63:02:df:6b:65:
79:26:f7:1b:2f:39:08:27:28:26:ee:09:14:e7:26:
15:b8:ec:ff:6c:6c:a7:21:f1:0d:87:fb:5e:b5:5c:
58:89:2e:8b:be:ad:a4:7c:69:5a:1e:34:5b:b8:ba:
37:94:0c:24:db:00:4f:c9:e7:d1:4f:71:2b:46:86:
a5:17:6f:48:85:5a:13:2f:ac:d2:6c:59:78:d6:b1:
60:64:54:65:42:06:8f:85:3c:1c:67:da:15:91:4e:
e0:08:69:a1:89:c9:3b:27:f4:8e:39:c4:09:48:cb:
9b:c3:8b:e1:50:c1:88:40:68:3e:4b:76:96:fe:fd:
30:65:a7:f1:d1:f8:d7:5c:f2:11:15:c5:4d:e0:fa:
f7:9e:1c:56:14:b9:07:40:d0:17:88:53:f6:7c:a7:
42:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F6:58:74:7F:CC:40:14:88:3F:7F:74:97:1C:EA:AF:29:9D:49:5C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C1AF313C0EA911EFA3AD6663017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.205.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:8a:9c:3a:60:17:ea:3d:37:b6:7a:a1:fa:26:05:55:69:5a:
85:74:6b:70:1d:bd:08:3c:81:7e:50:2e:f9:9b:65:0d:a2:93:
0c:96:b2:6a:5e:65:99:5b:13:cd:fa:1e:ae:5b:c6:f1:f8:3b:
b6:97:87:74:d6:7f:9d:ad:da:00:33:ef:d5:99:ae:fd:65:7a:
08:5c:b1:89:78:c4:67:05:12:34:42:b2:bc:f0:2b:c9:2e:6b:
35:de:78:ba:f2:5c:4c:f5:27:0c:e7:e2:17:56:5a:3f:8a:f6:
fd:50:5d:19:3a:75:53:44:79:ad:e2:ae:94:03:5c:57:73:45:
2f:a5:6c:ae:63:ff:2b:bc:ee:94:b7:ce:2c:77:9b:ba:f5:26:
b5:77:4a:c8:16:1a:e7:59:6d:1d:01:c6:8e:79:0d:e7:e1:a0:
01:1f:61:58:95:9f:b5:5c:3a:b9:5b:2a:62:99:1c:8f:f3:95:
eb:61:46:e1:f9:81:ea:f0:0c:2e:04:be:e1:8f:a2:95:09:14:
02:4e:23:c2:62:bf:19:7b:d1:5e:8f:3b:0e:6c:da:1c:d7:ff:
6f:9b:f7:48:5a:3f:37:82:b7:ac:c9:ac:55:f2:82:78:38:5e:
63:63:f5:59:97:17:bd:1c:8f:8a:07:02:49:02:ea:5d:a3:18:
dd:d1:8a:63
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALZmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTEwMDg0NjEwWhcNMjQwNTIwMDg0NjEwWjAYMRYw
FAYDVQQDEw02NjNkZGVkNS04OGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsRVxCwgs6FiXceoEJrGceGHTVG2SsJz5a9FS3OvGGPnN74NVxzF6fxqB
PC+YGGtzpQHPYcZjAEMxGB6bB7gc49JDaZSuQUVr2D9n1uPQz2Mdu3BCf5OWsUZI
IQGd0Spjq9F7YwLfa2V5JvcbLzkIJygm7gkU5yYVuOz/bGynIfENh/tetVxYiS6L
vq2kfGlaHjRbuLo3lAwk2wBPyefRT3ErRoalF29IhVoTL6zSbFl41rFgZFRlQgaP
hTwcZ9oVkU7gCGmhick7J/SOOcQJSMubw4vhUMGIQGg+S3aW/v0wZafx0fjXXPIR
FcVN4Pr3nhxWFLkHQNAXiFP2fKdCxwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOT2
WHR/zEAUiD9/dJcc6q8pnUlcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMUFGMzEzQzBFQTkxMUVGQTNBRDY2NjMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7NMA0GCSqGSIb3DQEB
CwUAA4IBAQDOipw6YBfqPTe2eqH6JgVVaVqFdGtwHb0IPIF+UC75m2UNopMMlrJq
XmWZWxPN+h6uW8bx+Du2l4d01n+drdoAM+/Vma79ZXoIXLGJeMRnBRI0QrK88CvJ
Lms13ni68lxM9ScM5+IXVlo/ivb9UF0ZOnVTRHmt4q6UA1xXc0UvpWyuY/8rvO6U
t84sd5u69Sa1d0rIFhrnWW0dAcaOeQ3n4aABH2FYlZ+1XDq5WypimRyP85XrYUbh
+YHq8AwuBL7hj6KVCRQCTiPCYr8Ze9FejzsObNoc1/9vm/dIWj83gresyaxV8oJ4
OF5jY/VZlxe9HI+KBwJJAupdoxjd0Ypj
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:48:59 2024 by rpki-client on console-fra.rpki-client.org