Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D11AFB4EFACA11EEA8A23B65017001B1.roa
File: D11AFB4EFACA11EEA8A23B65017001B1.roa (raw, json)
Hash identifier: rHH5vdiwxc0dEq44Bvg7pZrAaxQJMCCcXZ0AJ1CNVNc=
Subject key identifier: 4D:0A:DF:D4:DD:31:9D:EE:08:7B:05:71:DC:14:F1:86:FE:3A:0D:3D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: ABFB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D11AFB4EFACA11EEA8A23B65017001B1.roa
Signing time: Mon 15 Apr 2024 01:52:29 +0000
ROA not before: Mon 15 Apr 2024 01:52:26 +0000
ROA not after: Wed 24 Apr 2024 01:52:26 +0000
asID: 142062
IP address blocks: 154.206.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44027 (0xabfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 01:52:26 2024 GMT
Not After : Apr 24 01:52:26 2024 GMT
Subject: CN=661c885d-7c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:67:f0:0a:b4:35:fb:44:26:f2:42:f1:dd:f8:
b7:3b:16:13:eb:10:37:71:16:c2:da:e4:60:ff:99:
ee:67:7b:b2:48:3a:ce:96:69:8f:6a:cd:dd:73:3a:
ef:1b:3f:a1:c9:19:6f:5a:db:26:6a:a6:27:ee:81:
8a:28:30:ab:6e:96:75:d8:73:eb:07:06:54:2b:c8:
6f:a8:45:39:b0:c3:63:76:f0:32:80:03:5e:c8:f0:
41:59:ad:57:30:95:a5:06:37:42:3b:58:67:8e:76:
30:de:67:10:80:8c:7b:42:fd:ab:0a:78:60:6c:cb:
25:0c:d3:ce:ed:22:94:74:61:1a:34:34:b4:57:3a:
f0:4d:15:c2:e1:2e:73:03:99:bd:96:19:9f:f7:8f:
3f:23:d3:7e:00:9c:34:b6:a6:92:5e:a0:73:70:1d:
44:2f:60:86:e1:a6:9b:c1:c3:18:9f:e6:2d:08:7c:
f1:80:86:a0:c1:c0:1b:d3:6e:86:ff:c0:79:44:c0:
c9:9c:e4:2f:91:77:b9:38:40:0a:eb:08:41:72:8d:
9c:b4:43:e7:f8:13:08:70:e0:5b:ea:6d:7c:70:aa:
63:39:4f:e4:89:b3:ba:1c:d7:32:6b:80:14:fc:1a:
2b:40:00:11:93:b1:6d:1a:b9:56:e7:e1:f1:9f:07:
f0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0A:DF:D4:DD:31:9D:EE:08:7B:05:71:DC:14:F1:86:FE:3A:0D:3D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D11AFB4EFACA11EEA8A23B65017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.203.0/24
Signature Algorithm: sha256WithRSAEncryption
30:c7:95:7e:6a:46:41:92:2e:93:f1:e4:3d:42:7f:27:40:b1:
38:b3:36:37:15:ed:e3:73:1f:ff:7f:bf:ae:d7:67:95:87:3d:
58:3f:2f:67:ac:4c:8c:b8:13:41:0a:ee:87:f8:fa:0e:bf:0e:
fe:c3:50:0a:7e:af:07:eb:1b:c2:85:53:3a:fb:d2:de:ef:60:
ef:3b:1b:f0:38:fd:5d:34:2b:35:32:84:b4:1e:a8:c9:52:f3:
99:98:e0:2d:70:5c:dd:90:a7:12:43:76:eb:a0:b6:49:87:5b:
05:98:ab:bf:e4:1c:e7:80:36:30:f7:62:8b:f8:f5:00:29:37:
38:49:93:c0:68:91:34:50:91:f4:2c:42:a6:07:cc:2e:ed:c5:
9e:23:70:96:3c:21:f8:2c:0c:89:00:45:71:c7:66:63:ad:3a:
92:bb:bd:05:9f:3c:f6:8b:53:51:f6:7a:d5:a1:6c:9a:85:d3:
68:91:c9:73:8f:65:9e:ad:d2:cc:40:82:af:b0:d8:a6:37:38:
3c:6a:d1:0e:e4:25:8f:9f:2f:b6:c1:f3:04:3a:77:e2:66:7e:
66:69:ea:71:f2:90:26:5e:49:87:ab:c8:da:b9:1d:c8:16:dd:
ff:74:7f:e9:55:0a:b6:c7:79:f2:d1:af:27:0a:28:5a:6c:23:
30:d7:e5:56
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKv7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDE1MjI2WhcNMjQwNDI0MDE1MjI2WjAYMRYw
FAYDVQQDEw02NjFjODg1ZC03YzEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsGfwCrQ1+0Qm8kLx3fi3OxYT6xA3cRbC2uRg/5nuZ3uySDrOlmmPas3d
czrvGz+hyRlvWtsmaqYn7oGKKDCrbpZ12HPrBwZUK8hvqEU5sMNjdvAygANeyPBB
Wa1XMJWlBjdCO1hnjnYw3mcQgIx7Qv2rCnhgbMslDNPO7SKUdGEaNDS0VzrwTRXC
4S5zA5m9lhmf948/I9N+AJw0tqaSXqBzcB1EL2CG4aabwcMYn+YtCHzxgIagwcAb
026G/8B5RMDJnOQvkXe5OEAK6whBco2ctEPn+BMIcOBb6m18cKpjOU/kibO6HNcy
a4AU/BorQAARk7FtGrlW5+HxnwfwLQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE0K
39TdMZ3uCHsFcdwU8Yb+Og09MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMTFBRkI0RUZBQ0ExMUVFQThBMjNCNjUwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7LMA0GCSqGSIb3DQEB
CwUAA4IBAQAwx5V+akZBki6T8eQ9Qn8nQLE4szY3Fe3jcx//f7+u12eVhz1YPy9n
rEyMuBNBCu6H+PoOvw7+w1AKfq8H6xvChVM6+9Le72DvOxvwOP1dNCs1MoS0HqjJ
UvOZmOAtcFzdkKcSQ3broLZJh1sFmKu/5BzngDYw92KL+PUAKTc4SZPAaJE0UJH0
LEKmB8wu7cWeI3CWPCH4LAyJAEVxx2ZjrTqSu70Fnzz2i1NR9nrVoWyahdNokclz
j2WerdLMQIKvsNimNzg8atEO5CWPny+2wfMEOnfiZn5maepx8pAmXkmHq8jauR3I
Ft3/dH/pVQq2x3ny0a8nCihabCMw1+VW
-----END CERTIFICATE-----
Generated at Wed Apr 24 09:55:39 2024 by rpki-client on console-fra.rpki-client.org