Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCCBC8AC0F3011EF8FAA382B017001B1.roa
File: FCCBC8AC0F3011EF8FAA382B017001B1.roa (raw, json)
Hash identifier: zbTlHoReoJL3Eb5ZZeTuIDMQNMreEE0fPCMyO39bZhs=
Subject key identifier: 66:E6:DE:7C:4B:D9:8E:74:74:38:0A:6E:D8:80:35:2B:20:94:32:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B6D5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCCBC8AC0F3011EF8FAA382B017001B1.roa
Signing time: Sat 11 May 2024 00:54:15 +0000
ROA not before: Sat 11 May 2024 00:00:11 +0000
ROA not after: Tue 21 May 2024 00:00:11 +0000
asID: 44559
IP address blocks: 154.207.0.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46805 (0xb6d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 11 00:00:11 2024 GMT
Not After : May 21 00:00:11 2024 GMT
Subject: CN=663ec1b6-2f1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c5:a6:4a:9e:9e:81:b4:7f:4f:64:e7:88:fd:
b2:d9:92:56:45:ef:2b:d6:25:2a:57:07:cc:1b:58:
55:bd:84:20:f9:05:f6:90:c3:69:3b:da:2a:6d:71:
3a:07:bd:d3:7c:3e:f4:f8:48:68:68:99:e0:bb:60:
e0:08:8e:38:bf:c4:36:0a:e4:08:21:28:47:a9:10:
3e:f0:f9:ab:24:eb:a1:3c:eb:40:8e:d6:bb:f5:99:
1d:d5:5b:17:ba:f2:a7:f3:b2:b5:3a:98:76:7b:1a:
7f:53:3f:c7:9e:9c:55:bd:f4:a5:d3:ac:1d:5c:7d:
1d:25:62:9d:47:2f:5a:c9:67:74:d3:ce:e3:37:3b:
85:9c:70:7b:f4:40:4d:11:ed:61:80:90:ad:16:f4:
a6:32:a2:ea:15:6f:c0:e6:66:9c:ee:8b:dc:10:a8:
52:70:57:c0:f3:b8:04:8c:9e:6d:d2:a1:ef:4e:63:
f7:a8:3b:7f:28:4a:99:40:b1:96:a3:af:83:5f:e7:
75:94:3a:44:33:01:50:af:a0:3e:7f:46:40:7e:31:
e1:43:10:ad:3a:3e:f5:b4:d5:a2:44:db:ae:7f:4c:
36:a6:ed:36:a7:6a:3d:6f:8c:0a:19:b2:bb:13:0b:
eb:df:59:09:ce:20:b0:93:d1:3b:50:31:9f:4f:a9:
75:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E6:DE:7C:4B:D9:8E:74:74:38:0A:6E:D8:80:35:2B:20:94:32:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCCBC8AC0F3011EF8FAA382B017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.0.0/19
Signature Algorithm: sha256WithRSAEncryption
aa:e5:96:d1:a0:04:2c:91:54:b0:19:ae:a0:15:e7:a8:82:c7:
41:89:72:17:42:6f:0f:86:e6:03:42:67:7e:5a:f7:9f:aa:45:
10:78:b0:ca:8f:8b:20:03:95:bb:38:8e:18:cf:ff:32:57:6e:
9b:f2:3a:9f:4b:2e:c2:95:ce:b5:b0:0b:ca:8a:4b:3e:9d:1d:
c2:23:f6:22:6c:c0:14:c1:06:19:09:0a:fc:30:49:15:da:c4:
26:d7:bf:76:1e:88:bb:f9:0c:84:1b:1b:bf:7e:37:10:dd:c0:
05:2c:42:10:e5:14:48:46:ac:d8:5f:b7:23:bf:e7:47:93:b9:
1c:a2:84:07:05:61:99:62:b5:3b:75:5f:e2:2f:08:db:c6:7d:
63:1a:b6:e9:cf:14:42:2b:bd:d1:a3:c8:9c:d1:28:30:ab:69:
3d:86:1a:25:cc:4a:45:d0:fb:a5:87:65:ab:9d:d1:21:b0:a2:
18:d5:82:73:77:c0:e0:ab:44:5e:fd:19:e9:49:db:80:d2:d0:
f4:2e:bd:5c:90:f5:3c:93:d2:1e:13:9f:aa:ea:f2:a8:49:c2:
1c:9b:af:5b:57:7e:3f:f1:65:6d:50:15:9a:00:7d:c7:6c:28:
14:f4:eb:b2:db:6c:44:4a:de:b8:9b:da:f9:45:9b:cd:db:e8:
c3:e9:ee:96
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALbVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTExMDAwMDExWhcNMjQwNTIxMDAwMDExWjAYMRYw
FAYDVQQDEw02NjNlYzFiNi0yZjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu8WmSp6egbR/T2TniP2y2ZJWRe8r1iUqVwfMG1hVvYQg+QX2kMNpO9oq
bXE6B73TfD70+EhoaJngu2DgCI44v8Q2CuQIIShHqRA+8PmrJOuhPOtAjta79Zkd
1VsXuvKn87K1Oph2exp/Uz/HnpxVvfSl06wdXH0dJWKdRy9ayWd0087jNzuFnHB7
9EBNEe1hgJCtFvSmMqLqFW/A5mac7ovcEKhScFfA87gEjJ5t0qHvTmP3qDt/KEqZ
QLGWo6+DX+d1lDpEMwFQr6A+f0ZAfjHhQxCtOj71tNWiRNuuf0w2pu02p2o9b4wK
GbK7Ewvr31kJziCwk9E7UDGfT6l1SQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGbm
3nxL2Y50dDgKbtiANSsglDJPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQ0NCQzhBQzBGMzAxMUVGOEZBQTM4MkIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFms8AMA0GCSqGSIb3DQEB
CwUAA4IBAQCq5ZbRoAQskVSwGa6gFeeogsdBiXIXQm8PhuYDQmd+WvefqkUQeLDK
j4sgA5W7OI4Yz/8yV26b8jqfSy7Clc61sAvKiks+nR3CI/YibMAUwQYZCQr8MEkV
2sQm1792Hoi7+QyEGxu/fjcQ3cAFLEIQ5RRIRqzYX7cjv+dHk7kcooQHBWGZYrU7
dV/iLwjbxn1jGrbpzxRCK73Ro8ic0Sgwq2k9hholzEpF0Pulh2WrndEhsKIY1YJz
d8Dgq0Re/RnpSduA0tD0Lr1ckPU8k9IeE5+q6vKoScIcm69bV34/8WVtUBWaAH3H
bCgU9Ouy22xESt64m9r5RZvN2+jD6e6W
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:49:24 2024 by rpki-client on console-fra.rpki-client.org