Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D21E23F0FBA511EE9804296E017001B1.roa
File: D21E23F0FBA511EE9804296E017001B1.roa (raw, json)
Hash identifier: RN9Jn4t0KPeqdCLFRWcGaDaJg2JxCQ1SZlH+p0OMPQo=
Subject key identifier: F2:07:7D:5D:AB:4B:7C:16:2D:9E:D8:CC:E3:0A:0A:9B:08:89:80:A6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AD75
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D21E23F0FBA511EE9804296E017001B1.roa
Signing time: Tue 16 Apr 2024 04:00:11 +0000
ROA not before: Tue 16 Apr 2024 04:00:07 +0000
ROA not after: Wed 24 Apr 2024 04:00:07 +0000
asID: 142062
IP address blocks: 154.206.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44405 (0xad75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 04:00:07 2024 GMT
Not After : Apr 24 04:00:07 2024 GMT
Subject: CN=661df7cb-8562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:47:cf:a1:a8:a7:8e:86:55:03:ad:dc:4a:10:
b3:0e:7d:bf:11:03:71:5e:f5:10:f7:6d:26:2b:0d:
64:6a:45:a6:ec:7b:2a:75:6a:9a:75:43:a7:64:98:
46:79:d2:c9:09:8f:b2:0a:8a:5d:c3:5d:8a:35:06:
3a:5f:b5:0d:d5:52:86:1c:9a:93:a1:03:c1:99:7b:
6b:94:40:76:8b:dd:67:fb:4a:15:d4:11:f3:6d:53:
35:ed:bf:7b:29:33:ee:c9:53:1a:69:77:b0:9a:7f:
70:8f:76:c8:96:ea:f8:84:85:9c:09:cc:f3:0f:2d:
3c:ec:78:6b:23:79:c7:b1:c7:a2:59:e1:5f:bd:eb:
39:18:b4:28:9c:e7:09:e7:bc:34:a4:b5:16:11:8d:
93:3d:3d:c8:05:d7:9a:32:30:cd:f3:5a:4b:6e:c5:
d9:6e:ec:93:a1:27:40:37:e4:dd:3a:7c:ea:1c:72:
82:dd:1e:23:9c:c3:ba:5e:45:b5:66:81:1e:ec:06:
e0:2b:02:3f:db:31:26:f4:ed:5c:a0:ad:71:6c:41:
90:62:5c:48:29:19:54:28:b1:60:71:d9:a3:21:a6:
16:17:83:a1:e5:41:cf:44:dc:e1:7a:84:a3:5d:15:
85:54:67:fd:9d:a2:72:1b:7c:64:a3:42:f1:c0:0d:
65:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:07:7D:5D:AB:4B:7C:16:2D:9E:D8:CC:E3:0A:0A:9B:08:89:80:A6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D21E23F0FBA511EE9804296E017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.215.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:3d:58:d7:ad:2f:2a:8b:d8:b8:44:51:58:bf:be:49:15:e4:
e6:05:0e:31:d5:c8:c3:bd:c0:dc:82:2d:0d:bf:ad:9b:fd:8e:
8a:cb:f8:e8:6a:0e:76:00:43:4c:d9:90:57:85:a1:73:39:a7:
bb:18:21:fd:44:e9:6a:d0:94:f8:65:05:16:18:85:bc:e1:49:
25:d7:b6:a6:01:b4:9f:02:10:b7:cb:c7:ef:f2:94:7c:9b:5a:
9f:84:f7:3d:4a:96:15:33:ca:7e:ec:d3:46:b5:54:ca:b6:df:
1e:0a:6d:0b:e8:cc:b1:19:00:37:39:a3:69:15:fa:69:4c:dd:
5c:57:7f:70:cc:a0:ad:70:01:03:2d:c4:00:63:bf:05:2b:fa:
9d:4a:c8:b7:c1:90:2a:66:90:89:e5:3f:0b:7f:ea:76:97:a4:
42:7d:6c:61:30:9d:df:af:54:8c:2e:18:e4:92:47:bc:b5:ed:
73:18:64:d3:e9:eb:f9:15:81:fa:e8:47:21:6c:86:19:b0:1f:
30:c4:67:f5:88:0e:a9:15:3a:f9:ff:9f:f9:be:0f:34:a1:0f:
c9:9d:1c:e2:d5:2e:27:92:6c:35:b8:e0:6a:a4:68:cb:85:4a:
15:06:c9:72:8a:c8:bb:6e:3f:0b:93:1f:42:c2:bc:8b:dd:3a:
c7:3d:ce:14
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK11MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE2MDQwMDA3WhcNMjQwNDI0MDQwMDA3WjAYMRYw
FAYDVQQDEw02NjFkZjdjYi04NTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqEfPoainjoZVA63cShCzDn2/EQNxXvUQ920mKw1kakWm7HsqdWqadUOn
ZJhGedLJCY+yCopdw12KNQY6X7UN1VKGHJqToQPBmXtrlEB2i91n+0oV1BHzbVM1
7b97KTPuyVMaaXewmn9wj3bIlur4hIWcCczzDy087HhrI3nHsceiWeFfves5GLQo
nOcJ57w0pLUWEY2TPT3IBdeaMjDN81pLbsXZbuyToSdAN+TdOnzqHHKC3R4jnMO6
XkW1ZoEe7AbgKwI/2zEm9O1coK1xbEGQYlxIKRlUKLFgcdmjIaYWF4Oh5UHPRNzh
eoSjXRWFVGf9naJyG3xko0LxwA1ljwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPIH
fV2rS3wWLZ7YzOMKCpsIiYCmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMjFFMjNGMEZCQTUxMUVFOTgwNDI5NkUwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7XMA0GCSqGSIb3DQEB
CwUAA4IBAQBaPVjXrS8qi9i4RFFYv75JFeTmBQ4x1cjDvcDcgi0Nv62b/Y6Ky/jo
ag52AENM2ZBXhaFzOae7GCH9ROlq0JT4ZQUWGIW84Ukl17amAbSfAhC3y8fv8pR8
m1qfhPc9SpYVM8p+7NNGtVTKtt8eCm0L6MyxGQA3OaNpFfppTN1cV39wzKCtcAED
LcQAY78FK/qdSsi3wZAqZpCJ5T8Lf+p2l6RCfWxhMJ3fr1SMLhjkkke8te1zGGTT
6ev5FYH66EchbIYZsB8wxGf1iA6pFTr5/5/5vg80oQ/JnRzi1S4nkmw1uOBqpGjL
hUoVBslyisi7bj8Lkx9CwryL3TrHPc4U
-----END CERTIFICATE-----
Generated at Wed Apr 24 09:55:39 2024 by rpki-client on console-fra.rpki-client.org