Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C41ED5FA014111EF82FAA322017001B1.roa
File: C41ED5FA014111EF82FAA322017001B1.roa (raw, json)
Hash identifier: vDXIvspPhz+9DTwL70DwwiqCkqMFzcQ6UDl/D92NpHs=
Subject key identifier: 9A:CA:88:27:9D:4F:1A:25:E9:F4:B3:F3:A9:E8:B6:B3:26:2F:B4:4A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AED5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C41ED5FA014111EF82FAA322017001B1.roa
Signing time: Tue 23 Apr 2024 07:19:05 +0000
ROA not before: Tue 23 Apr 2024 07:19:01 +0000
ROA not after: Sat 11 May 2024 07:19:01 +0000
asID: 138915
IP address blocks: 154.205.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44757 (0xaed5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 23 07:19:01 2024 GMT
Not After : May 11 07:19:01 2024 GMT
Subject: CN=662760e9-a541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9a:56:d4:6c:24:df:4e:49:ad:49:49:88:52:
f6:5f:bb:4e:7e:f1:72:e7:fe:ea:9d:e8:2e:0a:09:
a4:08:c9:70:2b:a4:9b:9b:bc:90:b2:59:e5:68:45:
7f:5d:ea:c4:3f:05:b4:44:14:27:7b:77:a6:ca:a9:
0f:c2:b5:21:91:41:4a:d1:30:43:0d:3f:4f:35:8b:
4c:e1:55:ad:e4:16:2c:d4:76:d7:8a:86:28:f9:c6:
ac:07:36:5f:c4:3a:7f:6f:a3:8b:20:46:2e:01:f4:
e9:37:18:f4:8d:a6:a4:f7:42:a5:bf:75:b3:08:e2:
e5:32:e1:26:f0:c5:e1:eb:8c:54:b1:f8:45:07:e6:
f0:71:9d:87:05:92:c7:30:09:83:7e:88:4a:53:d7:
e6:0d:9b:05:81:ce:2b:d7:71:fa:e9:80:e7:60:8f:
8a:f2:f9:40:68:f9:ec:a7:80:67:4b:4b:d2:a4:0c:
c3:b9:80:da:2f:3b:85:0a:5f:fe:c9:5d:0f:9f:6d:
5a:77:38:c3:71:59:13:f4:e3:51:2d:09:3d:a5:2d:
54:7a:10:0f:1c:51:3b:46:c4:9e:d4:af:e9:9b:dc:
a0:fa:56:9e:bd:ab:cf:29:85:7f:9c:9b:aa:32:5b:
5f:28:16:bc:92:1c:47:1f:15:43:2b:f3:c4:83:5a:
bf:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CA:88:27:9D:4F:1A:25:E9:F4:B3:F3:A9:E8:B6:B3:26:2F:B4:4A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C41ED5FA014111EF82FAA322017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.158.0/24
Signature Algorithm: sha256WithRSAEncryption
35:0a:67:20:f6:74:48:c1:07:a5:42:da:1f:18:96:3a:7e:3d:
d8:a1:e4:80:6b:fd:d5:2d:37:61:d6:3c:64:31:14:3d:70:f9:
d1:d6:be:f3:64:4e:ee:cd:68:fd:14:28:45:cc:f0:7f:89:9b:
78:8f:39:5c:77:e5:91:bf:74:b4:b3:59:59:aa:48:17:46:c0:
be:d9:87:50:21:87:0c:a5:53:42:71:1f:11:83:af:5e:85:3d:
22:13:42:58:8a:28:12:e5:af:44:1f:b4:72:95:ce:39:a0:b0:
57:d4:8f:bf:10:fa:a0:52:87:f8:6a:ce:b5:be:50:c4:fb:22:
2c:d4:b9:f5:11:f3:c7:94:e4:e1:02:59:f8:75:5a:69:3b:06:
3c:03:33:0c:62:98:59:25:c9:5e:81:07:0b:5d:54:c1:e5:2c:
62:7a:95:d8:68:51:95:06:15:69:05:c2:b6:0a:c0:2c:45:09:
11:c8:a3:98:33:cb:5f:9c:f3:f9:0e:7d:de:56:06:7c:69:15:
44:18:23:21:8c:b7:1f:ec:95:74:9a:55:f9:4e:05:e0:bb:16:
4f:cf:42:d9:78:cc:d5:f6:9f:e7:4a:9a:bd:ac:18:4c:79:83:
7a:d6:9b:e4:a5:a5:c3:c4:5f:9a:fb:f8:d1:a8:21:8c:d1:2b:
20:ae:3d:77
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK7VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDIzMDcxOTAxWhcNMjQwNTExMDcxOTAxWjAYMRYw
FAYDVQQDEw02NjI3NjBlOS1hNTQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz5pW1Gwk305JrUlJiFL2X7tOfvFy5/7qneguCgmkCMlwK6Sbm7yQslnl
aEV/XerEPwW0RBQne3emyqkPwrUhkUFK0TBDDT9PNYtM4VWt5BYs1HbXioYo+cas
BzZfxDp/b6OLIEYuAfTpNxj0jaak90Klv3WzCOLlMuEm8MXh64xUsfhFB+bwcZ2H
BZLHMAmDfohKU9fmDZsFgc4r13H66YDnYI+K8vlAaPnsp4BnS0vSpAzDuYDaLzuF
Cl/+yV0Pn21adzjDcVkT9ONRLQk9pS1UehAPHFE7RsSe1K/pm9yg+laevavPKYV/
nJuqMltfKBa8khxHHxVDK/PEg1q/SwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJrK
iCedTxol6fSz86notrMmL7RKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNDFFRDVGQTAxNDExMUVGODJGQUEzMjIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2eMA0GCSqGSIb3DQEB
CwUAA4IBAQA1Cmcg9nRIwQelQtofGJY6fj3YoeSAa/3VLTdh1jxkMRQ9cPnR1r7z
ZE7uzWj9FChFzPB/iZt4jzlcd+WRv3S0s1lZqkgXRsC+2YdQIYcMpVNCcR8Rg69e
hT0iE0JYiigS5a9EH7Rylc45oLBX1I+/EPqgUof4as61vlDE+yIs1Ln1EfPHlOTh
Aln4dVppOwY8AzMMYphZJclegQcLXVTB5SxiepXYaFGVBhVpBcK2CsAsRQkRyKOY
M8tfnPP5Dn3eVgZ8aRVEGCMhjLcf7JV0mlX5TgXguxZPz0LZeMzV9p/nSpq9rBhM
eYN61pvkpaXDxF+a+/jRqCGM0Ssgrj13
-----END CERTIFICATE-----
Generated at Sun May 12 01:39:48 2024 by rpki-client on console-fra.rpki-client.org