Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F17503B0FADB11EEB617A4FD007001B1.roa
File: F17503B0FADB11EEB617A4FD007001B1.roa (raw, json)
Hash identifier: 2sJdvEO6JjFyORi89M1L/DPRcAmc7fYMNNQfbxyx7nw=
Subject key identifier: E9:E2:E5:EA:1D:83:3E:B5:9D:C1:74:69:E1:8F:71:04:15:54:3A:B0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AC21
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F17503B0FADB11EEB617A4FD007001B1.roa
Signing time: Mon 15 Apr 2024 03:55:05 +0000
ROA not before: Mon 15 Apr 2024 03:55:02 +0000
ROA not after: Wed 24 Apr 2024 03:55:02 +0000
asID: 142062
IP address blocks: 154.206.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44065 (0xac21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 03:55:02 2024 GMT
Not After : Apr 24 03:55:02 2024 GMT
Subject: CN=661ca519-76f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:77:6b:c4:ba:ed:38:78:e6:56:b8:06:c2:b7:
11:ff:ab:7d:c6:2d:d3:f1:03:8d:2d:45:84:60:b3:
22:49:8f:3c:ab:3b:ac:6a:7b:a0:b3:4a:3d:20:c9:
d4:e9:cc:99:fa:a7:09:70:d3:6c:8c:d5:05:4a:61:
b2:a1:09:6e:73:06:4d:ae:7e:6f:2e:25:a1:83:e0:
87:b3:51:63:aa:a8:02:fa:d5:e2:fe:90:a9:59:8a:
44:76:75:f6:0e:cd:5d:ff:bd:8f:ff:d1:1c:a8:6c:
27:26:45:a5:06:b9:f6:a1:e9:f9:a2:44:68:62:76:
65:9d:a0:89:0a:80:b9:36:66:b8:19:42:b8:fd:a1:
bc:0f:02:7e:9f:0f:c5:5a:eb:d7:e4:e6:4e:b9:92:
52:22:f2:d4:99:33:16:97:1d:4b:41:3d:df:6f:76:
33:db:12:bc:d3:ec:87:98:d5:7b:3c:60:b4:d2:5e:
10:94:de:c5:f4:8f:83:c2:7d:96:f9:cc:7b:00:ef:
a2:d7:d7:1f:69:cc:be:86:2f:70:10:51:8a:e7:14:
51:fe:2d:3c:b2:ac:2c:aa:3b:de:b6:44:f8:f9:c5:
57:94:81:e4:f5:95:13:31:ef:c4:45:bc:c8:6f:d6:
e8:cf:a5:ba:75:0f:60:9e:17:21:4e:42:f1:26:e0:
e0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:E2:E5:EA:1D:83:3E:B5:9D:C1:74:69:E1:8F:71:04:15:54:3A:B0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F17503B0FADB11EEB617A4FD007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.222.0/24
Signature Algorithm: sha256WithRSAEncryption
64:0a:72:68:43:65:95:e9:e8:dd:39:bd:87:99:4c:e4:9c:d6:
e2:50:73:de:71:1b:34:ee:03:b9:59:ea:db:dc:2d:6e:31:bd:
6d:2d:c0:c8:5d:11:07:42:f5:d8:b8:4b:9f:ce:53:37:5c:09:
78:ec:bb:e6:74:7f:d9:5f:91:4a:0c:18:80:ea:81:c9:49:7b:
76:6c:37:3d:56:89:27:64:d6:c3:96:9e:13:ef:4b:c2:7e:ae:
c2:35:01:23:31:ca:1f:ed:92:77:b4:37:b9:1c:b6:ec:5d:2a:
90:f0:43:d1:07:67:04:02:4e:06:6d:2d:ac:6d:c7:3d:f5:5a:
bc:33:f2:5e:42:b4:ba:b5:b9:e8:b4:3b:dd:33:06:d0:02:e7:
22:29:b8:74:7e:03:d4:6c:9e:58:09:fb:df:66:c4:3b:b4:78:
ba:35:c6:9a:1c:26:40:b5:d4:8d:0a:b9:91:d9:68:d7:fa:b2:
92:98:3f:7d:8d:4a:88:7b:6e:1f:48:3c:89:64:f6:11:ca:70:
94:3f:cf:a3:7d:e4:8b:2e:92:d2:ea:10:39:68:01:05:b7:20:
51:97:50:43:6b:6a:49:86:16:21:79:e1:d2:12:42:99:73:a5:
03:27:b7:03:99:25:76:95:14:d6:f0:fc:da:3c:42:df:5d:ae:
7d:4a:28:49
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKwhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE1MDM1NTAyWhcNMjQwNDI0MDM1NTAyWjAYMRYw
FAYDVQQDEw02NjFjYTUxOS03NmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuXdrxLrtOHjmVrgGwrcR/6t9xi3T8QONLUWEYLMiSY88qzusanugs0o9
IMnU6cyZ+qcJcNNsjNUFSmGyoQlucwZNrn5vLiWhg+CHs1FjqqgC+tXi/pCpWYpE
dnX2Ds1d/72P/9EcqGwnJkWlBrn2oen5okRoYnZlnaCJCoC5Nma4GUK4/aG8DwJ+
nw/FWuvX5OZOuZJSIvLUmTMWlx1LQT3fb3Yz2xK80+yHmNV7PGC00l4QlN7F9I+D
wn2W+cx7AO+i19cfacy+hi9wEFGK5xRR/i08sqwsqjvetkT4+cVXlIHk9ZUTMe/E
RbzIb9boz6W6dQ9gnhchTkLxJuDgowIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOni
5eodgz61ncF0aeGPcQQVVDqwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMTc1MDNCMEZBREIxMUVFQjYxN0E0RkQwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7eMA0GCSqGSIb3DQEB
CwUAA4IBAQBkCnJoQ2WV6ejdOb2HmUzknNbiUHPecRs07gO5Werb3C1uMb1tLcDI
XREHQvXYuEufzlM3XAl47LvmdH/ZX5FKDBiA6oHJSXt2bDc9VoknZNbDlp4T70vC
fq7CNQEjMcof7ZJ3tDe5HLbsXSqQ8EPRB2cEAk4GbS2sbcc99Vq8M/JeQrS6tbno
tDvdMwbQAuciKbh0fgPUbJ5YCfvfZsQ7tHi6NcaaHCZAtdSNCrmR2WjX+rKSmD99
jUqIe24fSDyJZPYRynCUP8+jfeSLLpLS6hA5aAEFtyBRl1BDa2pJhhYheeHSEkKZ
c6UDJ7cDmSV2lRTW8PzaPELfXa59SihJ
-----END CERTIFICATE-----
Generated at Wed Apr 24 12:34:44 2024 by rpki-client on console-ams.rpki-client.org