Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C62AFFDEFADB11EE94A20CFD007001B1.roa
File: C62AFFDEFADB11EE94A20CFD007001B1.roa (raw, json)
Hash identifier: mk1urFgkmMwlU16bGI0936tFt2Xw3yVFqeu5F8mf89I=
Subject key identifier: CD:F1:93:C4:5F:54:DC:CD:E6:94:07:46:42:24:0C:B0:BE:72:80:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AC1F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C62AFFDEFADB11EE94A20CFD007001B1.roa
Signing time: Mon 15 Apr 2024 03:53:53 +0000
ROA not before: Mon 15 Apr 2024 03:53:49 +0000
ROA not after: Wed 24 Apr 2024 03:53:49 +0000
asID: 142062
IP address blocks: 154.206.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44063 (0xac1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 03:53:49 2024 GMT
Not After : Apr 24 03:53:49 2024 GMT
Subject: CN=661ca4d0-9f24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0e:40:b9:29:e4:f3:07:f5:1e:d1:8a:af:ac:
08:4e:d9:18:17:56:19:bb:9e:6e:9b:58:92:40:b2:
84:2c:fe:4d:94:da:16:b8:a3:51:c3:52:56:d7:dc:
22:f0:81:e4:ae:60:d2:4c:57:43:e1:91:ac:80:94:
bb:6f:64:2f:fc:70:fd:9d:7c:e3:9e:8f:52:87:cd:
62:f2:58:72:98:05:45:ce:b5:9a:18:85:44:6e:c2:
30:30:db:61:16:78:1e:d6:cb:9e:98:ea:50:60:54:
bf:23:eb:e5:38:3e:e1:e0:16:48:bc:6d:b1:d3:b0:
6e:90:ba:11:f5:19:8c:0b:e2:7a:ee:cc:ce:a9:fa:
b7:ac:68:fb:db:f4:b7:ad:ee:dc:fc:30:46:b6:7b:
b6:fc:8e:91:77:95:a9:1a:23:af:4f:3d:99:04:ae:
9c:e6:57:af:87:6b:9a:64:cf:f0:21:e7:f8:3c:78:
9b:3c:5f:6b:0a:0b:9d:c1:44:9d:19:34:79:b6:30:
cc:f6:dd:50:a0:ab:78:a9:34:ab:f6:d8:d2:4c:62:
bd:fd:ae:de:cd:c4:0e:d2:f3:33:18:26:98:6a:fd:
5e:d3:0d:17:c7:8e:e2:df:65:aa:02:a9:a0:29:ba:
1c:af:cd:6c:86:70:46:c5:5f:2b:21:06:ba:2c:a6:
58:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F1:93:C4:5F:54:DC:CD:E6:94:07:46:42:24:0C:B0:BE:72:80:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C62AFFDEFADB11EE94A20CFD007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.221.0/24
Signature Algorithm: sha256WithRSAEncryption
05:96:17:69:8d:fa:e8:48:c3:df:dc:e2:85:a0:6d:b7:ab:77:
dc:25:35:cc:7f:a9:12:21:65:07:20:4b:ff:17:2e:f1:42:5a:
58:1c:e4:5f:22:a0:b4:f6:98:4b:27:ef:c0:96:46:7a:e8:5d:
76:c4:5b:91:be:fc:41:e5:c8:c4:c4:64:cb:4d:8d:38:52:a0:
8c:1d:26:69:4d:51:e4:d0:1c:1c:4f:f9:1e:64:81:d7:60:81:
1e:fd:bc:e0:f7:c5:4c:25:88:9a:a5:c1:35:f1:ee:e6:58:06:
aa:6e:0c:93:09:34:f4:3f:46:6e:d0:05:04:d6:a1:f8:95:92:
81:ba:94:de:1b:37:50:29:a4:3f:52:e5:04:27:06:ec:e5:82:
69:e1:e4:06:17:34:3b:78:2e:1e:12:93:90:70:e3:81:ff:fc:
50:3a:ca:01:f5:dd:d5:29:91:00:c9:13:79:21:63:92:03:16:
c2:64:24:2a:04:95:37:47:09:d2:74:23:a5:03:d2:fa:cf:a4:
c1:a9:20:eb:32:44:b4:c6:5e:c6:7d:33:6d:b3:c2:92:bd:14:
b4:3b:69:71:9c:95:a4:a9:2e:41:4c:f2:c8:c3:7f:86:00:84:
36:31:39:ac:f2:1a:51:1a:35:0a:90:6a:fd:73:27:66:84:45:
72:08:d1:dc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKwfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDM1MzQ5WhcNMjQwNDI0MDM1MzQ5WjAYMRYw
FAYDVQQDEw02NjFjYTRkMC05ZjI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvA5AuSnk8wf1HtGKr6wITtkYF1YZu55um1iSQLKELP5NlNoWuKNRw1JW
19wi8IHkrmDSTFdD4ZGsgJS7b2Qv/HD9nXzjno9Sh81i8lhymAVFzrWaGIVEbsIw
MNthFnge1suemOpQYFS/I+vlOD7h4BZIvG2x07BukLoR9RmMC+J67szOqfq3rGj7
2/S3re7c/DBGtnu2/I6Rd5WpGiOvTz2ZBK6c5levh2uaZM/wIef4PHibPF9rCgud
wUSdGTR5tjDM9t1QoKt4qTSr9tjSTGK9/a7ezcQO0vMzGCaYav1e0w0Xx47i32Wq
AqmgKbocr81shnBGxV8rIQa6LKZYlwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM3x
k8RfVNzN5pQHRkIkDLC+coA+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNjJBRkZERUZBREIxMUVFOTRBMjBDRkQwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7dMA0GCSqGSIb3DQEB
CwUAA4IBAQAFlhdpjfroSMPf3OKFoG23q3fcJTXMf6kSIWUHIEv/Fy7xQlpYHORf
IqC09phLJ+/AlkZ66F12xFuRvvxB5cjExGTLTY04UqCMHSZpTVHk0BwcT/keZIHX
YIEe/bzg98VMJYiapcE18e7mWAaqbgyTCTT0P0Zu0AUE1qH4lZKBupTeGzdQKaQ/
UuUEJwbs5YJp4eQGFzQ7eC4eEpOQcOOB//xQOsoB9d3VKZEAyRN5IWOSAxbCZCQq
BJU3RwnSdCOlA9L6z6TBqSDrMkS0xl7GfTNts8KSvRS0O2lxnJWkqS5BTPLIw3+G
AIQ2MTms8hpRGjUKkGr9cydmhEVyCNHc
-----END CERTIFICATE-----
Generated at Wed Apr 24 12:34:44 2024 by rpki-client on console-ams.rpki-client.org