Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7BBE37EFAC811EEB86B5056017001B1.roa
File: E7BBE37EFAC811EEB86B5056017001B1.roa (raw, json)
Hash identifier: XyPy75eofOovxaILFrXqz+QzqkfeHE4r6/Z+iYw8iUA=
Subject key identifier: 31:FE:26:FC:22:C9:B4:B8:69:C0:03:C1:06:C7:F7:D5:3C:25:A4:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: ABE7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7BBE37EFAC811EEB86B5056017001B1.roa
Signing time: Mon 15 Apr 2024 01:38:48 +0000
ROA not before: Mon 15 Apr 2024 01:38:45 +0000
ROA not after: Wed 24 Apr 2024 01:38:45 +0000
asID: 142062
IP address blocks: 154.206.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44007 (0xabe7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 01:38:45 2024 GMT
Not After : Apr 24 01:38:45 2024 GMT
Subject: CN=661c8528-2492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fc:45:c4:f7:db:45:76:39:d2:7e:29:9d:2c:
90:36:f7:71:80:3b:f5:fe:61:ab:56:60:5c:0f:6c:
e4:d9:ef:2b:a7:10:32:f5:4e:3b:27:8d:4b:2c:3f:
ed:8b:0a:7d:07:87:6a:c9:d3:8e:0e:cf:ed:26:b9:
1b:ed:e6:a6:98:83:de:a8:e1:f9:d0:71:d8:26:f2:
b2:39:df:79:5c:63:77:5b:3a:d7:71:7f:e4:7c:26:
54:77:b4:26:b8:da:e1:22:a3:4e:55:a5:78:dd:60:
7f:cc:84:74:84:58:5e:0c:ba:e2:ec:3c:83:0f:1d:
0a:07:63:aa:6b:3f:57:8f:50:e0:23:10:56:03:97:
55:5d:1b:fd:8c:06:e2:9a:22:ed:b3:bd:a1:9c:9a:
b7:52:ee:4b:3c:dc:4a:bc:ce:cb:72:c6:4e:b1:e3:
5f:88:f2:c0:2b:69:f5:f5:52:81:81:e1:c1:39:7c:
10:3a:25:3c:85:b7:73:66:59:ae:c3:84:36:1b:4e:
1d:0a:23:c7:3f:0d:f9:39:30:0e:49:47:c7:90:c4:
43:93:d7:a3:7e:a6:ec:bd:1d:2e:35:22:46:57:93:
37:6c:ec:75:cc:e5:b7:33:63:03:4b:47:37:3f:05:
65:53:5f:7a:fb:00:41:e0:29:57:8b:36:0b:bf:72:
12:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:FE:26:FC:22:C9:B4:B8:69:C0:03:C1:06:C7:F7:D5:3C:25:A4:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7BBE37EFAC811EEB86B5056017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.193.0/24
Signature Algorithm: sha256WithRSAEncryption
54:77:8f:80:c1:e5:3a:ce:06:a9:0f:dc:cb:1a:a1:49:b1:c4:
e8:b9:ef:71:56:0c:a4:a5:73:27:f2:d8:91:41:9d:da:17:67:
43:17:bc:44:45:ed:48:54:3d:a4:12:00:2b:57:be:01:24:bd:
7c:90:37:81:67:c1:7a:65:c9:f3:16:31:1e:f6:b1:1d:54:d0:
96:7f:98:6c:ec:70:b1:f7:d4:6b:a4:a2:de:7e:4e:6f:9d:8f:
6c:0b:04:dd:d5:52:4f:f9:e9:11:62:a8:7a:4d:ee:58:dd:17:
2c:e7:0b:e0:1e:37:e8:82:f6:50:ad:27:3d:d8:84:59:b6:1a:
01:57:4c:bd:b1:2b:b7:63:6b:bf:05:32:ef:10:50:a1:c9:4a:
0d:69:20:7c:bb:ef:d5:ba:f5:cd:08:be:15:8a:0f:50:72:54:
a1:44:29:ff:61:2d:80:34:22:09:e7:1c:70:35:cf:38:ce:7c:
14:25:c8:95:1d:2f:d9:50:0c:a1:c5:d7:58:5c:d6:51:83:8f:
96:80:a7:c6:74:cd:b8:ba:30:da:20:62:e4:e5:bf:18:b3:d9:
8f:1e:e6:9a:38:6b:96:ff:bf:d0:41:03:68:ed:f7:cd:b0:42:
44:af:e2:93:37:22:09:72:70:14:20:cd:32:b3:7a:ea:7a:ee:
d4:a1:44:20
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKvnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDEzODQ1WhcNMjQwNDI0MDEzODQ1WjAYMRYw
FAYDVQQDEw02NjFjODUyOC0yNDkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1PxFxPfbRXY50n4pnSyQNvdxgDv1/mGrVmBcD2zk2e8rpxAy9U47J41L
LD/tiwp9B4dqydOODs/tJrkb7eammIPeqOH50HHYJvKyOd95XGN3WzrXcX/kfCZU
d7QmuNrhIqNOVaV43WB/zIR0hFheDLri7DyDDx0KB2Oqaz9Xj1DgIxBWA5dVXRv9
jAbimiLts72hnJq3Uu5LPNxKvM7LcsZOseNfiPLAK2n19VKBgeHBOXwQOiU8hbdz
Zlmuw4Q2G04dCiPHPw35OTAOSUfHkMRDk9ejfqbsvR0uNSJGV5M3bOx1zOW3M2MD
S0c3PwVlU196+wBB4ClXizYLv3ISEwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDH+
JvwiybS4acADwQbH99U8JaR9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FN0JCRTM3RUZBQzgxMUVFQjg2QjUwNTYwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7BMA0GCSqGSIb3DQEB
CwUAA4IBAQBUd4+AweU6zgapD9zLGqFJscToue9xVgykpXMn8tiRQZ3aF2dDF7xE
Re1IVD2kEgArV74BJL18kDeBZ8F6ZcnzFjEe9rEdVNCWf5hs7HCx99RrpKLefk5v
nY9sCwTd1VJP+ekRYqh6Te5Y3Rcs5wvgHjfogvZQrSc92IRZthoBV0y9sSu3Y2u/
BTLvEFChyUoNaSB8u+/VuvXNCL4Vig9QclShRCn/YS2ANCIJ5xxwNc84znwUJciV
HS/ZUAyhxddYXNZRg4+WgKfGdM24ujDaIGLk5b8Ys9mPHuaaOGuW/7/QQQNo7ffN
sEJEr+KTNyIJcnAUIM0ys3rqeu7UoUQg
-----END CERTIFICATE-----
Generated at Wed Apr 24 09:55:39 2024 by rpki-client on console-fra.rpki-client.org