Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/3A85454A211A11ECB33C2929D8A014CE.roa
File: 3A85454A211A11ECB33C2929D8A014CE.roa (raw, json)
Hash identifier: SDcxNn4uNq6rSlxuF2uw43NgU9b863eVGtNRiDgJiSY=
Subject key identifier: E4:03:C8:DD:13:DE:6F:6B:1C:25:AA:08:D0:32:56:AD:49:B1:AF:AE
Certificate issuer: /CN=F3621C06AF/serialNumber=1DD16FD68BFF7CAB1AB91C55DA61FC0CDFF41743
Certificate serial: 05
Authority key identifier: 1D:D1:6F:D6:8B:FF:7C:AB:1A:B9:1C:55:DA:61:FC:0C:DF:F4:17:43
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/3A85454A211A11ECB33C2929D8A014CE.roa
Signing time: Wed 29 Sep 2021 11:41:48 +0000
ROA not before: Wed 29 Sep 2021 11:41:44 +0000
ROA not after: Fri 29 Sep 2023 11:41:44 +0000
asID: 328327
IP address blocks: 102.140.64.0/20 maxlen: 24
2c0f:c00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3621C06AF/serialNumber=1DD16FD68BFF7CAB1AB91C55DA61FC0CDFF41743
Validity
Not Before: Sep 29 11:41:44 2021 GMT
Not After : Sep 29 11:41:44 2023 GMT
Subject: CN=615450fc-92f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7c:f4:be:f5:c8:66:fb:ea:5e:ba:e2:de:70:
9f:e0:4e:d6:95:92:90:75:5f:84:b8:7c:6b:01:d4:
6d:80:df:19:84:d9:d7:f2:98:32:80:da:79:76:95:
e5:1d:36:70:f4:56:d5:3c:30:24:ac:bb:22:e4:2b:
3d:99:41:58:0f:25:a8:f1:3d:22:58:32:79:1e:f5:
6c:5c:87:eb:0b:51:7d:d8:b8:8b:21:80:dc:26:bd:
ba:52:61:9a:36:d9:43:fa:4b:9c:ed:f3:5d:c6:a7:
8c:a5:5f:50:15:0f:4d:34:ca:04:31:a7:b9:84:d4:
a9:8e:ad:11:8f:90:ac:0d:32:69:03:85:6b:99:3d:
db:8b:66:a3:ab:8e:9c:08:1b:ad:0d:72:54:a5:7a:
6b:48:0e:40:11:cd:10:57:3c:f0:38:0e:2c:01:6f:
9d:f1:02:69:ad:81:7e:9d:56:b1:09:c0:16:95:b8:
2f:f7:f2:30:3d:95:e2:47:72:5a:bf:44:ad:f5:a0:
13:1f:ca:83:03:17:94:4e:a0:ca:8a:5c:85:bf:7b:
7d:b9:cc:34:4a:b0:a6:da:9c:9a:5a:7a:7e:a4:93:
1c:66:6b:b1:b3:f3:a0:28:84:80:9a:69:92:d9:35:
18:9f:7c:32:b5:11:32:1f:2d:4b:c4:f8:66:5f:7d:
52:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:03:C8:DD:13:DE:6F:6B:1C:25:AA:08:D0:32:56:AD:49:B1:AF:AE
X509v3 Authority Key Identifier:
keyid:1D:D1:6F:D6:8B:FF:7C:AB:1A:B9:1C:55:DA:61:FC:0C:DF:F4:17:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/HdFv1ov_fKsauRxV2mH8DN_0F0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HdFv1ov_fKsauRxV2mH8DN_0F0M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3621C06/58C9B78C205911EC991B6877D8A014CE/3A85454A211A11ECB33C2929D8A014CE.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.140.64.0/20
IPv6:
2c0f:c00::/32
Signature Algorithm: sha256WithRSAEncryption
6c:57:1c:ba:02:33:1e:d8:89:21:f5:bf:55:4d:c1:f3:3c:89:
eb:1d:4b:b7:d8:e8:95:e7:a9:22:b6:2a:82:8c:67:16:46:04:
4b:b8:a4:da:e5:74:4e:8c:fe:e4:42:c2:30:87:75:42:b9:fc:
b8:06:c0:3a:3b:45:34:20:f9:e5:73:c6:86:c1:40:7e:33:85:
5c:24:b8:5f:b4:48:b9:6e:78:44:59:8e:d8:11:d1:4b:74:f5:
3f:9a:6b:a8:94:94:40:ff:97:4b:f2:00:79:d2:9f:a9:88:69:
00:c4:70:83:dd:60:b1:7b:3f:87:6a:12:75:f0:78:5f:81:51:
62:dd:a8:76:6b:48:5e:61:f1:3e:56:a5:e9:4c:0e:75:a4:3c:
94:ea:c6:1c:d8:bd:58:1e:8f:73:d2:85:df:c9:df:91:b3:23:
b1:7f:34:5a:ef:3c:b1:cc:72:69:6b:47:87:50:6f:82:1a:2e:
1b:f5:da:d0:8f:7b:2a:9a:26:54:c4:ee:db:12:23:2c:e3:b6:
83:e2:c1:ba:93:09:57:c1:e5:33:b1:ca:aa:a3:ac:49:38:24:
3a:27:e9:8c:8a:03:2f:18:66:24:cb:a3:0f:d1:c4:e0:f4:ca:
29:3b:ec:00:76:6b:28:0c:b2:d2:e0:fe:a6:db:cf:e7:b3:c5:
77:0d:e5:04
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYy
MUMwNkFGMTEwLwYDVQQFEygxREQxNkZENjhCRkY3Q0FCMUFCOTFDNTVEQTYxRkMw
Q0RGRjQxNzQzMB4XDTIxMDkyOTExNDE0NFoXDTIzMDkyOTExNDE0NFowGDEWMBQG
A1UEAwwNNjE1NDUwZmMtOTJmNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANB89L71yGb76l664t5wn+BO1pWSkHVfhLh8awHUbYDfGYTZ1/KYMoDaeXaV
5R02cPRW1TwwJKy7IuQrPZlBWA8lqPE9IlgyeR71bFyH6wtRfdi4iyGA3Ca9ulJh
mjbZQ/pLnO3zXcanjKVfUBUPTTTKBDGnuYTUqY6tEY+QrA0yaQOFa5k924tmo6uO
nAgbrQ1yVKV6a0gOQBHNEFc88DgOLAFvnfECaa2Bfp1WsQnAFpW4L/fyMD2V4kdy
Wr9ErfWgEx/KgwMXlE6gyopchb97fbnMNEqwptqcmlp6fqSTHGZrsbPzoCiEgJpp
ktk1GJ98MrURMh8tS8T4Zl99UosCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTkA8jd
E95vaxwlqgjQMlatSbGvrjAfBgNVHSMEGDAWgBQd0W/Wi/98qxq5HFXaYfwM3/QX
QzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjFDMDYvNThDOUI3OEMyMDU5MTFFQzk5MUI2ODc3RDhBMDE0Q0UvSGRGdjFv
dl9mS3NhdVJ4VjJtSDhETl8wRjBNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSGRGdjFvdl9mS3NhdVJ4VjJtSDhETl8wRjBNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjFDMDYvNThDOUI3OEMyMDU5MTFFQzk5MUI2ODc3RDhB
MDE0Q0UvM0E4NTQ1NEEyMTFBMTFFQ0IzM0MyOTI5RDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBGaMQDANBAIAAjAHAwUALA8M
ADANBgkqhkiG9w0BAQsFAAOCAQEAbFccugIzHtiJIfW/VU3B8zyJ6x1Lt9joleep
IrYqgoxnFkYES7ik2uV0Toz+5ELCMId1Qrn8uAbAOjtFNCD55XPGhsFAfjOFXCS4
X7RIuW54RFmO2BHRS3T1P5prqJSUQP+XS/IAedKfqYhpAMRwg91gsXs/h2oSdfB4
X4FRYt2odmtIXmHxPlal6UwOdaQ8lOrGHNi9WB6Pc9KF38nfkbMjsX80Wu88scxy
aWtHh1BvghouG/Xa0I97KpomVMTu2xIjLOO2g+LBupMJV8HlM7HKqqOsSTgkOifp
jIoDLxhmJMujD9HE4PTKKTvsAHZrKAyy0uD+ptvP57PFdw3lBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org