Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDA73F36FB9A11EE8C24A512017001B1.roa
File: EDA73F36FB9A11EE8C24A512017001B1.roa (raw, json)
Hash identifier: PIzG42x9FbZTB9G2qf1tqV4ZuCM3+CC+ClBlMYCooxU=
Subject key identifier: DC:3B:37:76:1D:1E:DA:E4:F4:AC:7A:C1:67:9D:EB:46:82:5D:F7:7A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AD17
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDA73F36FB9A11EE8C24A512017001B1.roa
Signing time: Tue 16 Apr 2024 02:42:13 +0000
ROA not before: Tue 16 Apr 2024 02:42:09 +0000
ROA not after: Thu 25 Apr 2024 02:42:09 +0000
asID: 136778
IP address blocks: 154.212.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44311 (0xad17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 16 02:42:09 2024 GMT
Not After : Apr 25 02:42:09 2024 GMT
Subject: CN=661de584-18c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:63:41:56:8f:95:6e:c4:12:5c:26:26:86:d4:
e4:5a:88:2e:ba:f5:33:b2:99:e5:27:0b:a3:fa:b1:
28:c4:66:56:47:dc:c1:ba:db:60:b4:84:4a:25:76:
22:cc:d2:2f:86:88:4a:79:b7:37:57:04:13:19:4d:
66:df:9c:55:2e:27:5e:6c:13:6e:d9:88:ec:01:75:
29:9a:dd:0e:3c:c8:cb:1e:a6:16:94:bf:23:33:66:
b7:a6:ad:1f:83:94:e9:30:76:01:b2:38:90:d3:dc:
2f:9e:36:31:6d:96:3d:7a:ae:8d:1a:e8:f3:00:9d:
f0:84:12:82:ae:ce:11:63:ef:63:87:b9:df:cc:7d:
d3:7b:fc:41:9e:2e:91:04:62:55:6f:e6:66:c6:79:
fa:8c:0c:70:09:0f:98:52:d6:df:a8:08:72:8f:92:
73:50:dd:f0:73:32:c3:f8:b5:d5:50:19:da:c7:7e:
cb:0a:11:99:3c:e7:20:dc:cd:2d:2f:4e:c0:86:f5:
c4:58:de:ca:16:75:97:c2:59:14:8c:8e:75:80:ab:
f6:bf:bf:b5:89:11:86:58:36:7a:de:8b:76:c7:58:
65:60:34:52:84:95:35:72:d2:7c:ce:7f:12:7a:f9:
32:bd:8d:9f:f6:4c:5f:a6:de:7f:91:c9:9e:af:35:
cb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:3B:37:76:1D:1E:DA:E4:F4:AC:7A:C1:67:9D:EB:46:82:5D:F7:7A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDA73F36FB9A11EE8C24A512017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.146.0/24
Signature Algorithm: sha256WithRSAEncryption
03:e4:bd:b4:db:f8:1e:4c:a0:00:e0:06:16:80:00:f1:32:3b:
cf:02:31:81:ba:94:56:59:05:1a:08:e8:97:27:1b:5a:b1:db:
05:51:b1:61:3f:69:b1:a2:c2:0f:44:77:6a:a6:d5:af:80:8e:
5b:4e:db:29:7c:a2:c3:95:72:a4:92:0a:0c:57:09:92:1c:6a:
0b:1b:0a:69:9d:01:85:62:24:e1:59:1d:c8:62:83:f5:00:3f:
26:5a:7b:af:18:2e:84:4e:dc:67:a2:6f:99:2f:56:32:e8:8a:
06:c7:4c:16:21:1a:30:49:32:d2:a2:99:bc:1f:4a:3f:2c:e2:
48:6f:d3:db:c9:d1:36:cc:8d:d8:d3:68:80:a3:5f:8d:f6:6d:
0c:5c:19:99:ad:c1:a6:7c:d3:7e:0e:34:b4:9b:01:1e:ad:79:
e5:e1:a3:b2:69:be:f0:fa:58:2f:d2:cb:a0:61:0d:a2:0d:82:
5a:4f:69:0e:9c:1e:66:52:3f:da:a3:28:0b:de:1b:c7:92:3a:
47:28:b4:0d:a6:0e:db:00:a2:29:78:ae:ea:04:42:63:ec:f4:
89:17:bf:cf:57:87:91:32:1c:17:df:9c:1c:4e:e7:e5:40:1e:
7c:2d:37:9b:17:26:bf:8e:72:55:ec:67:f6:45:fc:73:bf:51:
31:a6:b5:dc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK0XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE2MDI0MjA5WhcNMjQwNDI1MDI0MjA5WjAYMRYw
FAYDVQQDEw02NjFkZTU4NC0xOGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvGNBVo+VbsQSXCYmhtTkWoguuvUzspnlJwuj+rEoxGZWR9zButtgtIRK
JXYizNIvhohKebc3VwQTGU1m35xVLidebBNu2YjsAXUpmt0OPMjLHqYWlL8jM2a3
pq0fg5TpMHYBsjiQ09wvnjYxbZY9eq6NGujzAJ3whBKCrs4RY+9jh7nfzH3Te/xB
ni6RBGJVb+Zmxnn6jAxwCQ+YUtbfqAhyj5JzUN3wczLD+LXVUBnax37LChGZPOcg
3M0tL07AhvXEWN7KFnWXwlkUjI51gKv2v7+1iRGGWDZ63ot2x1hlYDRShJU1ctJ8
zn8SevkyvY2f9kxfpt5/kcmerzXLGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNw7
N3YdHtrk9Kx6wWed60aCXfd6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FREE3M0YzNkZCOUExMUVFOEMyNEE1MTIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtSSMA0GCSqGSIb3DQEB
CwUAA4IBAQAD5L202/geTKAA4AYWgADxMjvPAjGBupRWWQUaCOiXJxtasdsFUbFh
P2mxosIPRHdqptWvgI5bTtspfKLDlXKkkgoMVwmSHGoLGwppnQGFYiThWR3IYoP1
AD8mWnuvGC6ETtxnom+ZL1Yy6IoGx0wWIRowSTLSopm8H0o/LOJIb9PbydE2zI3Y
02iAo1+N9m0MXBmZrcGmfNN+DjS0mwEerXnl4aOyab7w+lgv0sugYQ2iDYJaT2kO
nB5mUj/aoygL3hvHkjpHKLQNpg7bAKIpeK7qBEJj7PSJF7/PV4eRMhwX35wcTufl
QB58LTebFya/jnJV7Gf2Rfxzv1ExprXc
-----END CERTIFICATE-----
Generated at Thu Apr 25 10:41:11 2024 by rpki-client on console-ams.rpki-client.org