Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7C67346FBA611EE930831FA007001B1.roa
File: E7C67346FBA611EE930831FA007001B1.roa (raw, json)
Hash identifier: hHotaqHgvJ9pfFi/e4oyz5KsWrxLwEDOKMtZL+t2i+Y=
Subject key identifier: 30:BA:E3:AD:28:A3:07:00:90:2C:32:BF:91:72:D4:F6:C4:4C:36:54
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AD81
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7C67346FBA611EE930831FA007001B1.roa
Signing time: Tue 16 Apr 2024 04:07:57 +0000
ROA not before: Tue 16 Apr 2024 04:07:53 +0000
ROA not after: Wed 24 Apr 2024 04:07:53 +0000
asID: 142062
IP address blocks: 154.206.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44417 (0xad81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 04:07:53 2024 GMT
Not After : Apr 24 04:07:53 2024 GMT
Subject: CN=661df99d-d257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ab:c4:9c:16:fc:2c:3d:f4:cf:1d:3c:9e:b6:
d7:4a:f2:bb:0c:89:94:3a:a1:b8:ff:54:69:e5:43:
07:b3:99:e3:9c:fd:64:d6:f0:34:31:f8:52:15:52:
6d:3c:2d:51:bd:df:d9:e6:1e:a6:c8:d2:62:b1:bd:
9e:2c:e1:a9:6e:e8:54:70:93:e5:54:96:ea:2d:e7:
6c:47:43:c8:19:cf:54:2d:da:6d:d4:e6:30:69:a7:
e7:d2:9f:d2:f3:7c:ab:1e:5d:c2:55:3e:38:cb:42:
9e:01:f2:52:a4:94:75:b9:b4:63:c9:85:b9:cc:72:
26:6b:07:6a:78:27:4d:f6:d9:6f:49:56:18:7c:67:
69:6b:69:ac:b7:43:3d:ad:fb:0a:6e:83:f7:74:cf:
db:83:70:29:d8:89:94:d3:39:13:0d:8b:de:3d:c9:
55:4e:95:f4:2d:60:11:76:e9:82:d9:a2:13:8a:c0:
aa:db:bc:25:84:5c:03:1c:9e:4c:6c:90:f7:03:f9:
57:07:9a:78:aa:be:be:b5:0b:66:a6:02:c5:64:b5:
35:8b:17:c5:4d:ae:d6:85:c3:e2:e8:e1:49:8f:27:
02:5b:58:f4:43:1c:cb:65:ee:f7:46:0b:59:c4:72:
66:f8:2e:68:33:8c:55:b5:de:bb:af:b3:a9:c2:cb:
4a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:BA:E3:AD:28:A3:07:00:90:2C:32:BF:91:72:D4:F6:C4:4C:36:54
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7C67346FBA611EE930831FA007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.221.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:13:3b:b4:6a:04:07:1a:46:17:da:cd:7e:52:fe:16:fb:6d:
8a:a3:56:5e:aa:41:fe:25:f6:a8:ae:fa:b0:e9:81:81:17:f3:
00:23:11:d9:b5:60:24:93:93:66:48:05:5d:67:eb:c0:cf:9f:
91:42:b1:c3:b8:3c:b0:38:ff:31:a3:21:fe:f3:0c:94:6d:74:
97:45:e0:6b:34:06:57:1e:03:8e:d7:b7:b5:94:46:6d:57:b4:
d0:53:25:ad:fa:e2:97:66:a9:93:87:7e:b3:ce:fe:e1:b4:fc:
bb:52:17:7a:ae:e8:ae:4b:13:3e:4d:d9:b7:25:69:54:3c:8b:
ea:bf:50:b9:ac:31:83:14:f0:f9:99:6e:4f:2c:b8:75:84:9f:
1c:0d:70:b6:54:5a:9c:3f:ee:65:a8:b2:24:e1:55:a2:e9:6c:
44:86:96:59:03:1e:c6:2a:c2:25:31:db:3c:07:c4:73:71:01:
11:0d:f1:02:cc:a1:78:23:eb:1c:ed:a2:cd:58:10:42:45:d7:
a9:f8:3e:4a:bc:a6:71:29:85:22:de:38:f6:ab:42:4f:cd:2e:
00:2b:68:d3:82:3f:81:c2:1f:48:b1:bb:e3:0e:26:b0:d1:d5:
1b:f4:fa:06:32:bd:4e:98:58:05:bd:f6:4c:b6:c5:aa:69:e3:
3f:99:05:5c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK2BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE2MDQwNzUzWhcNMjQwNDI0MDQwNzUzWjAYMRYw
FAYDVQQDEw02NjFkZjk5ZC1kMjU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmqvEnBb8LD30zx08nrbXSvK7DImUOqG4/1Rp5UMHs5njnP1k1vA0MfhS
FVJtPC1Rvd/Z5h6myNJisb2eLOGpbuhUcJPlVJbqLedsR0PIGc9ULdpt1OYwaafn
0p/S83yrHl3CVT44y0KeAfJSpJR1ubRjyYW5zHImawdqeCdN9tlvSVYYfGdpa2ms
t0M9rfsKboP3dM/bg3Ap2ImU0zkTDYvePclVTpX0LWARdumC2aITisCq27wlhFwD
HJ5MbJD3A/lXB5p4qr6+tQtmpgLFZLU1ixfFTa7WhcPi6OFJjycCW1j0QxzLZe73
RgtZxHJm+C5oM4xVtd67r7OpwstKPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDC6
460oowcAkCwyv5Fy1PbETDZUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FN0M2NzM0NkZCQTYxMUVFOTMwODMxRkEwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7dMA0GCSqGSIb3DQEB
CwUAA4IBAQCOEzu0agQHGkYX2s1+Uv4W+22Ko1ZeqkH+Jfaorvqw6YGBF/MAIxHZ
tWAkk5NmSAVdZ+vAz5+RQrHDuDywOP8xoyH+8wyUbXSXReBrNAZXHgOO17e1lEZt
V7TQUyWt+uKXZqmTh36zzv7htPy7Uhd6ruiuSxM+Tdm3JWlUPIvqv1C5rDGDFPD5
mW5PLLh1hJ8cDXC2VFqcP+5lqLIk4VWi6WxEhpZZAx7GKsIlMds8B8RzcQERDfEC
zKF4I+sc7aLNWBBCRdep+D5KvKZxKYUi3jj2q0JPzS4AK2jTgj+Bwh9IsbvjDiaw
0dUb9PoGMr1OmFgFvfZMtsWqaeM/mQVc
-----END CERTIFICATE-----
Generated at Wed Apr 24 09:55:39 2024 by rpki-client on console-fra.rpki-client.org