Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D93D4A8AFAC911EE9071E05D017001B1.roa
File: D93D4A8AFAC911EE9071E05D017001B1.roa (raw, json)
Hash identifier: 21Px3SXyN5t48vZdc+nwblayHc0UrXMYLIls9gBr9gM=
Subject key identifier: 07:D6:FB:1D:F7:4B:B3:D8:00:81:FA:E3:61:3E:13:E0:B4:C7:5E:19
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: ABF1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D93D4A8AFAC911EE9071E05D017001B1.roa
Signing time: Mon 15 Apr 2024 01:45:33 +0000
ROA not before: Mon 15 Apr 2024 01:45:30 +0000
ROA not after: Wed 24 Apr 2024 01:45:30 +0000
asID: 142062
IP address blocks: 154.206.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44017 (0xabf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 01:45:30 2024 GMT
Not After : Apr 24 01:45:30 2024 GMT
Subject: CN=661c86bd-545f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:eb:58:e7:e5:78:7f:ef:85:fb:0c:5b:71:13:
07:ed:6c:f8:63:e7:72:ec:c6:eb:db:fd:8e:82:18:
74:82:72:c3:3a:ec:aa:7c:02:e2:71:f9:a8:63:e3:
87:1e:01:2b:cb:3a:eb:27:9a:47:df:48:a5:01:8a:
46:b7:e5:51:9f:b3:45:05:47:cb:d1:3e:2e:dc:63:
40:64:51:b4:b3:c6:03:61:3f:82:19:50:88:0e:26:
43:2d:5e:cd:4e:aa:0f:c6:3e:8b:d1:cd:6f:6a:58:
cf:e0:c5:bd:4d:1e:6f:89:37:53:b5:87:a4:92:fe:
9d:63:e6:ba:f5:d7:05:f3:b8:dd:3a:5c:fa:3f:b0:
a4:32:4b:04:53:e7:57:94:42:7d:d2:5a:e5:11:ab:
6e:4a:3a:4e:5c:59:43:5b:ec:b7:13:47:b4:5a:7a:
a4:aa:ae:35:36:33:1e:85:ae:e2:5e:26:b0:12:b8:
ba:39:9c:ee:a8:67:22:ce:0c:fd:a0:8c:75:f9:16:
a9:8d:c2:f0:36:6e:1c:8b:44:8e:ea:1a:44:95:3f:
3d:8a:4c:88:fc:ec:bb:39:19:47:e3:ea:1d:cc:84:
a1:95:94:24:1a:b9:18:13:cd:85:fb:82:19:04:05:
72:7c:4f:43:16:99:81:b6:fb:1b:f4:16:7a:6f:b7:
e0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D6:FB:1D:F7:4B:B3:D8:00:81:FA:E3:61:3E:13:E0:B4:C7:5E:19
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D93D4A8AFAC911EE9071E05D017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.198.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:31:60:07:5b:0a:4a:3c:05:b6:6b:4e:da:d0:51:5f:1c:1a:
19:c0:2b:95:b9:f9:d7:2a:35:2e:bb:8a:d4:da:a3:28:81:88:
c9:8d:93:8b:18:b3:4c:f3:f3:77:1a:b9:83:b8:ee:78:d9:20:
fe:4a:67:c1:b6:e5:34:a9:a6:30:61:0b:0a:55:61:35:73:e3:
a7:82:ee:be:9e:e5:45:02:2f:ee:62:38:a0:6d:1d:ef:d7:e8:
2d:4d:4d:9e:df:11:51:24:ba:6b:38:57:eb:e7:46:16:b2:91:
1e:03:9a:46:66:d3:df:3a:94:96:f9:6d:f8:0e:95:13:13:01:
2c:5e:43:81:6d:be:d4:b3:19:b1:01:7c:98:76:a9:d0:f7:d9:
02:4e:dc:15:7c:14:bc:6e:57:90:75:c3:e5:70:16:94:31:5a:
b5:8a:bf:44:47:18:05:97:1b:8e:0d:66:94:63:d8:87:c8:ff:
9a:16:41:7f:45:59:cb:d3:65:43:6f:00:44:3b:5b:20:2e:47:
fe:a0:f0:be:ad:ef:07:55:fb:e0:68:a5:3e:c0:67:f9:74:d3:
2d:a4:cc:ef:c6:30:0d:0e:0a:1a:c1:ae:fd:33:ba:47:36:4a:
7c:e9:bc:2f:2f:68:e7:40:70:78:0e:db:b6:f9:33:1d:7e:3d:
46:cf:ab:48
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKvxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDE0NTMwWhcNMjQwNDI0MDE0NTMwWjAYMRYw
FAYDVQQDEw02NjFjODZiZC01NDVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyutY5+V4f++F+wxbcRMH7Wz4Y+dy7Mbr2/2Oghh0gnLDOuyqfALicfmo
Y+OHHgEryzrrJ5pH30ilAYpGt+VRn7NFBUfL0T4u3GNAZFG0s8YDYT+CGVCIDiZD
LV7NTqoPxj6L0c1valjP4MW9TR5viTdTtYekkv6dY+a69dcF87jdOlz6P7CkMksE
U+dXlEJ90lrlEatuSjpOXFlDW+y3E0e0Wnqkqq41NjMeha7iXiawEri6OZzuqGci
zgz9oIx1+RapjcLwNm4ci0SO6hpElT89ikyI/Oy7ORlH4+odzIShlZQkGrkYE82F
+4IZBAVyfE9DFpmBtvsb9BZ6b7fg9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAfW
+x33S7PYAIH642E+E+C0x14ZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOTNENEE4QUZBQzkxMUVFOTA3MUUwNUQwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7GMA0GCSqGSIb3DQEB
CwUAA4IBAQChMWAHWwpKPAW2a07a0FFfHBoZwCuVufnXKjUuu4rU2qMogYjJjZOL
GLNM8/N3GrmDuO542SD+SmfBtuU0qaYwYQsKVWE1c+Ongu6+nuVFAi/uYjigbR3v
1+gtTU2e3xFRJLprOFfr50YWspEeA5pGZtPfOpSW+W34DpUTEwEsXkOBbb7Usxmx
AXyYdqnQ99kCTtwVfBS8bleQdcPlcBaUMVq1ir9ERxgFlxuODWaUY9iHyP+aFkF/
RVnL02VDbwBEO1sgLkf+oPC+re8HVfvgaKU+wGf5dNMtpMzvxjANDgoawa79M7pH
Nkp86bwvL2jnQHB4Dtu2+TMdfj1Gz6tI
-----END CERTIFICATE-----
Generated at Wed Apr 24 12:34:44 2024 by rpki-client on console-ams.rpki-client.org