Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D62064880F3011EFA36CA22A017001B1.roa
File: D62064880F3011EFA36CA22A017001B1.roa (raw, json)
Hash identifier: +2QaMdYH5j6SXe5kUHMFBURSBHm17g4dkoroIGGHijQ=
Subject key identifier: A9:B5:6F:63:CA:52:95:E2:5C:7D:94:DF:46:F0:E3:28:4F:E3:64:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B6D3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D62064880F3011EFA36CA22A017001B1.roa
Signing time: Sat 11 May 2024 00:53:10 +0000
ROA not before: Sat 11 May 2024 00:00:06 +0000
ROA not after: Tue 21 May 2024 00:00:06 +0000
asID: 44559
IP address blocks: 154.198.160.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46803 (0xb6d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 11 00:00:06 2024 GMT
Not After : May 21 00:00:06 2024 GMT
Subject: CN=663ec176-eb7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:91:8b:a6:d2:b2:88:8b:fc:95:dd:81:f2:e7:
c3:fb:70:7a:9a:07:07:d9:95:2b:33:78:4c:b6:47:
71:f1:94:97:95:2a:88:d2:9b:24:57:22:dd:ad:e3:
7a:e9:f0:5d:7d:ed:33:b7:41:e0:43:66:69:61:a4:
f3:1f:e2:1d:35:cd:20:98:8f:70:27:d6:c9:d5:6c:
45:0f:5c:47:03:15:52:eb:83:3f:38:55:57:b1:84:
91:e8:d3:9f:ea:4e:44:13:c2:4b:ca:c6:d8:09:53:
aa:85:62:63:86:39:e3:cb:28:c0:80:ba:27:79:79:
4e:bf:e5:3a:98:f3:c9:0d:3d:6a:ce:e2:b0:bc:f1:
6e:87:ec:bb:bc:e5:89:0e:85:1d:ee:28:56:52:c2:
12:bc:01:de:e3:2d:fa:8a:46:ce:31:6e:7d:77:ba:
b6:ef:47:6d:fb:e3:2a:b6:97:17:a9:e2:0e:c7:27:
21:99:a4:6a:9f:a7:f5:ca:df:24:b4:8f:4a:1f:5b:
b0:f6:b9:76:b7:95:25:44:e1:4e:81:f0:f4:77:d7:
65:58:45:f5:7a:ca:94:8b:0c:c1:b3:25:33:a8:80:
67:c9:8f:6f:e9:7e:49:13:26:22:ce:7e:bc:ac:a1:
06:7b:5c:68:89:42:51:4e:8e:10:c2:1e:0b:95:1b:
f5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B5:6F:63:CA:52:95:E2:5C:7D:94:DF:46:F0:E3:28:4F:E3:64:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D62064880F3011EFA36CA22A017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.160.0/22
Signature Algorithm: sha256WithRSAEncryption
52:e7:8c:0c:b4:e8:44:cb:a8:f4:14:9c:7d:4b:0c:60:b1:cd:
03:bb:ba:c1:3b:27:c3:93:01:27:e8:93:01:df:9f:4d:20:4b:
ec:42:8b:c2:47:57:89:19:b5:86:ce:a5:8f:ff:44:39:78:8b:
43:21:5d:9a:92:22:23:aa:7a:3a:df:53:a9:0e:6e:60:3b:b9:
1a:a9:79:8b:9e:2b:6b:21:71:e5:90:9b:63:07:09:7f:be:11:
a0:44:a9:6c:08:86:c0:76:67:90:e3:c8:b2:aa:fe:25:57:a4:
6d:f1:ac:94:47:76:9f:d2:02:e2:42:f6:31:fe:2c:1e:8c:61:
61:f5:d3:d8:ed:9c:25:7c:91:83:0a:ad:c1:ff:da:f5:70:4e:
11:43:62:ce:ef:f2:e8:f4:fe:4f:4e:d0:ee:1c:03:33:a2:2b:
3c:5f:b7:99:69:fa:eb:50:e6:22:eb:26:38:92:96:6c:c3:a2:
1a:61:52:a6:4a:b1:d0:de:6e:ac:39:96:85:30:24:fa:3e:32:
e1:e8:34:16:36:ab:54:84:c0:df:8c:e0:05:d7:66:14:c6:ff:
e0:63:40:f1:33:8c:41:da:23:49:ad:8c:4f:0d:35:3b:8f:f4:
97:4c:b6:6d:94:9b:2e:64:d6:1a:6a:ec:bc:a0:4c:1f:71:be:
dd:eb:db:c3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALbTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTExMDAwMDA2WhcNMjQwNTIxMDAwMDA2WjAYMRYw
FAYDVQQDEw02NjNlYzE3Ni1lYjdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzJGLptKyiIv8ld2B8ufD+3B6mgcH2ZUrM3hMtkdx8ZSXlSqI0pskVyLd
reN66fBdfe0zt0HgQ2ZpYaTzH+IdNc0gmI9wJ9bJ1WxFD1xHAxVS64M/OFVXsYSR
6NOf6k5EE8JLysbYCVOqhWJjhjnjyyjAgLoneXlOv+U6mPPJDT1qzuKwvPFuh+y7
vOWJDoUd7ihWUsISvAHe4y36ikbOMW59d7q270dt++MqtpcXqeIOxychmaRqn6f1
yt8ktI9KH1uw9rl2t5UlROFOgfD0d9dlWEX1esqUiwzBsyUzqIBnyY9v6X5JEyYi
zn68rKEGe1xoiUJRTo4Qwh4LlRv1DwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKm1
b2PKUpXiXH2U30bw4yhP42S6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENjIwNjQ4ODBGMzAxMUVGQTM2Q0EyMkEwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsagMA0GCSqGSIb3DQEB
CwUAA4IBAQBS54wMtOhEy6j0FJx9Swxgsc0Du7rBOyfDkwEn6JMB359NIEvsQovC
R1eJGbWGzqWP/0Q5eItDIV2akiIjqno631OpDm5gO7kaqXmLnitrIXHlkJtjBwl/
vhGgRKlsCIbAdmeQ48iyqv4lV6Rt8ayUR3af0gLiQvYx/iwejGFh9dPY7ZwlfJGD
Cq3B/9r1cE4RQ2LO7/Lo9P5PTtDuHAMzois8X7eZafrrUOYi6yY4kpZsw6IaYVKm
SrHQ3m6sOZaFMCT6PjLh6DQWNqtUhMDfjOAF12YUxv/gY0DxM4xB2iNJrYxPDTU7
j/SXTLZtlJsuZNYaauy8oEwfcb7d69vD
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:49:11 2024 by rpki-client on console-fra.rpki-client.org