Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2CFE7B2128311EFAE889A50017001B1.roa
File: D2CFE7B2128311EFAE889A50017001B1.roa (raw, json)
Hash identifier: 85PmXU6EgT7icgyddgkeUY2QL+nzeRo2ckWUtL1jitg=
Subject key identifier: 70:03:EF:C0:BF:BF:DC:70:E5:C5:3D:B3:E9:26:FB:6A:7E:80:31:A2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B78F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2CFE7B2128311EFAE889A50017001B1.roa
Signing time: Wed 15 May 2024 06:24:46 +0000
ROA not before: Wed 15 May 2024 06:24:43 +0000
ROA not after: Sun 26 May 2024 06:24:43 +0000
asID: 139471
IP address blocks: 154.220.224.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46991 (0xb78f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 15 06:24:43 2024 GMT
Not After : May 26 06:24:43 2024 GMT
Subject: CN=6644552e-b760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ab:df:b6:01:f3:41:82:2d:ff:d0:03:72:f9:
67:2b:a3:b1:69:52:01:00:ad:59:c4:6b:4f:82:b8:
73:66:7a:73:b8:2c:3f:3a:1d:a0:a1:6e:f5:e3:ff:
88:81:84:d6:16:ce:aa:e8:0c:a9:93:13:44:48:95:
ec:ef:93:a3:d4:6c:e2:5f:5d:e1:4f:f9:93:22:ac:
2c:e5:15:56:8d:0a:c0:f9:5c:0c:26:52:2a:01:d9:
1d:22:71:b2:1b:0e:26:af:df:4d:e3:55:0f:d9:88:
73:0b:5f:fc:04:f5:7b:62:34:24:48:02:76:ca:78:
ff:a7:4d:fa:1b:db:03:4b:c0:71:f7:59:45:56:01:
24:8e:0d:89:fb:d1:0e:28:67:ab:8d:a7:a8:b7:6c:
ed:61:aa:d2:87:e8:7e:26:88:d8:c0:93:a8:f8:f4:
fc:b1:10:36:c9:df:d5:37:d0:13:5c:f7:96:f8:ef:
d1:d8:88:e0:49:d7:76:db:54:20:5f:7c:26:31:3e:
aa:f3:04:93:ef:d7:93:88:ef:6d:54:e2:ab:21:61:
99:86:7a:a7:57:d5:19:f9:85:7a:78:7b:e3:03:82:
87:d8:aa:b1:19:e4:ee:69:33:83:23:7f:fe:96:59:
f0:3c:c9:43:2e:13:ae:22:ad:86:1f:4b:5f:8d:a2:
6e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:03:EF:C0:BF:BF:DC:70:E5:C5:3D:B3:E9:26:FB:6A:7E:80:31:A2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2CFE7B2128311EFAE889A50017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.224.0/19
Signature Algorithm: sha256WithRSAEncryption
3b:b5:c9:e6:21:4a:10:1a:65:97:34:b6:a0:1f:bb:9e:92:d7:
19:88:b9:8d:57:94:fd:88:23:c6:1a:9c:be:ca:90:90:2f:b4:
bb:73:b3:c9:8b:a0:1e:9b:dd:17:7f:12:e0:d3:a5:17:d2:b1:
66:b5:4f:47:c7:5c:62:5b:50:02:7f:05:37:b2:9a:ee:f9:3e:
b8:13:7c:cb:6e:39:d6:11:b2:bd:65:04:b7:c9:12:e4:a6:72:
88:a6:58:a0:86:6e:17:71:b2:56:ac:7e:c4:e8:67:7d:fd:19:
49:5d:f0:59:a8:d7:cd:2d:54:37:c3:c2:fe:93:7b:27:3e:ec:
cc:8e:e2:7b:cb:e9:68:80:19:59:63:04:e5:08:24:bf:d5:ba:
ac:77:db:68:2a:3e:35:d7:2a:4b:b6:bd:d7:a9:49:15:32:de:
1e:fc:52:ac:0d:b2:03:9b:21:fa:9b:17:ec:8f:38:5d:e2:9a:
2e:82:42:40:31:9f:f3:dc:ca:fa:5a:8c:0a:33:69:85:f9:0a:
47:36:e1:1e:e2:ce:7d:c8:f9:4a:66:97:19:d8:ab:63:18:83:
50:44:ac:fa:19:90:8e:f9:39:f4:11:0b:68:28:1b:5f:62:21:
a4:ad:b3:0a:8d:4a:9f:cc:2c:60:54:ae:72:bf:04:1a:53:97:
c6:73:73:6f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALePMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTE1MDYyNDQzWhcNMjQwNTI2MDYyNDQzWjAYMRYw
FAYDVQQDEw02NjQ0NTUyZS1iNzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtKvftgHzQYIt/9ADcvlnK6OxaVIBAK1ZxGtPgrhzZnpzuCw/Oh2goW71
4/+IgYTWFs6q6AypkxNESJXs75Oj1GziX13hT/mTIqws5RVWjQrA+VwMJlIqAdkd
InGyGw4mr99N41UP2YhzC1/8BPV7YjQkSAJ2ynj/p036G9sDS8Bx91lFVgEkjg2J
+9EOKGerjaeot2ztYarSh+h+JojYwJOo+PT8sRA2yd/VN9ATXPeW+O/R2IjgSdd2
21QgX3wmMT6q8wST79eTiO9tVOKrIWGZhnqnV9UZ+YV6eHvjA4KH2KqxGeTuaTOD
I3/+llnwPMlDLhOuIq2GH0tfjaJugwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHAD
78C/v9xw5cU9s+km+2p+gDGiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMkNGRTdCMjEyODMxMUVGQUU4ODlBNTAwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtzgMA0GCSqGSIb3DQEB
CwUAA4IBAQA7tcnmIUoQGmWXNLagH7uektcZiLmNV5T9iCPGGpy+ypCQL7S7c7PJ
i6Aem90XfxLg06UX0rFmtU9Hx1xiW1ACfwU3spru+T64E3zLbjnWEbK9ZQS3yRLk
pnKIplighm4XcbJWrH7E6Gd9/RlJXfBZqNfNLVQ3w8L+k3snPuzMjuJ7y+logBlZ
YwTlCCS/1bqsd9toKj411ypLtr3XqUkVMt4e/FKsDbIDmyH6mxfsjzhd4pougkJA
MZ/z3Mr6WowKM2mF+QpHNuEe4s59yPlKZpcZ2KtjGINQRKz6GZCO+Tn0EQtoKBtf
YiGkrbMKjUqfzCxgVK5yvwQaU5fGc3Nv
-----END CERTIFICATE-----
Generated at Mon May 27 02:19:00 2024 by rpki-client on console-fra.rpki-client.org