Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362C18C/45883290ABD111EBB1A6715EF8AEA228/A28BF4DCC2EC11EFA5FC8795762E951A.roa
File: A28BF4DCC2EC11EFA5FC8795762E951A.roa (raw, json)
Hash identifier: 5nefhldBN3nD70GC6Fi5X2Du7+gLcLi7RmQ9ZwAC3FM=
Subject key identifier: FD:27:84:8C:DA:60:6A:18:68:1A:9E:04:DA:5E:D5:6C:92:F0:C0:76
Certificate issuer: /CN=F362C18CAF/serialNumber=63E0BB6B3433CD5D71A42B0169BDB01E20E4557F
Certificate serial: 0587
Authority key identifier: 63:E0:BB:6B:34:33:CD:5D:71:A4:2B:01:69:BD:B0:1E:20:E4:55:7F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Y-C7azQzzV1xpCsBab2wHiDkVX8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362C18C/45883290ABD111EBB1A6715EF8AEA228/A28BF4DCC2EC11EFA5FC8795762E951A.roa
Signing time: Wed 25 Dec 2024 18:18:27 +0000
ROA not before: Wed 25 Dec 2024 18:18:23 +0000
ROA not after: Tue 31 Dec 2024 18:18:23 +0000
asID: 328528
IP address blocks: 102.220.212.0/24 maxlen: 24
102.220.213.0/24 maxlen: 24
102.220.214.0/24 maxlen: 24
102.220.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1415 (0x587)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362C18CAF
Validity
Not Before: Dec 25 18:18:23 2024 GMT
Not After : Dec 31 18:18:23 2024 GMT
Subject: CN=676c4c73-1e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:dc:e4:e2:b4:09:e4:a9:cc:ef:cc:f1:cb:16:
51:4a:d9:0d:c5:fb:77:b8:22:42:8b:41:15:71:08:
ce:4e:7b:61:d5:d2:4d:a9:b1:bf:66:4e:3c:9b:d2:
8e:56:4f:3b:2c:27:a3:02:08:c7:11:d4:92:0e:bc:
d2:25:d5:59:1a:67:cc:95:2c:88:7f:96:73:06:a6:
94:89:af:f8:13:70:f8:79:79:0c:51:e6:02:d0:12:
62:3b:5a:41:e8:7a:e2:f9:80:68:0b:66:82:78:b2:
ce:4c:59:fd:a8:83:31:0d:06:53:a7:64:e5:31:a0:
90:16:55:f9:ea:ca:cb:db:52:54:2b:a9:99:ea:de:
e6:e3:b4:95:ec:3e:e9:73:69:cb:8d:26:de:65:01:
b7:9d:56:60:f7:ff:a9:5d:9b:a1:66:26:39:be:6e:
88:c2:c2:ab:50:3b:66:23:4a:3e:06:87:49:62:9e:
2f:7b:8c:7c:b8:85:23:0d:f9:4d:50:98:ea:5c:39:
92:a3:55:ab:a5:44:c6:88:43:e9:f1:e2:e8:0b:30:
32:71:bd:89:05:ee:93:6a:66:91:db:ae:b8:68:5d:
6c:9a:cf:44:08:81:e3:46:4d:56:05:10:02:45:cb:
22:10:52:7b:22:13:8a:54:d2:82:af:80:7a:94:ca:
49:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:27:84:8C:DA:60:6A:18:68:1A:9E:04:DA:5E:D5:6C:92:F0:C0:76
X509v3 Authority Key Identifier:
keyid:63:E0:BB:6B:34:33:CD:5D:71:A4:2B:01:69:BD:B0:1E:20:E4:55:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362C18C/45883290ABD111EBB1A6715EF8AEA228/Y-C7azQzzV1xpCsBab2wHiDkVX8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Y-C7azQzzV1xpCsBab2wHiDkVX8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362C18C/45883290ABD111EBB1A6715EF8AEA228/A28BF4DCC2EC11EFA5FC8795762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.220.212.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:95:e6:41:b3:93:c5:e7:5c:b7:2f:35:8d:f9:56:d8:be:15:
79:f5:27:74:2e:18:8b:4d:8e:27:5f:ec:14:cc:36:2f:dc:24:
4b:32:ff:82:2f:1a:fd:43:5e:2f:d7:78:bf:3d:49:5b:dc:ed:
29:e2:bc:e0:a4:05:3b:d8:cf:49:55:0d:7f:bf:a2:32:ad:17:
d1:ff:d7:bc:4b:42:6f:06:2b:05:dc:4f:a0:37:e3:49:80:79:
e2:da:ae:cf:a6:b9:88:d2:be:9f:1a:78:b9:53:7f:40:0f:45:
75:8b:1c:c6:6f:f6:94:13:e6:1a:c6:fe:75:27:18:79:34:e0:
21:90:aa:99:05:48:8f:46:b4:41:d3:0f:96:5b:c6:22:a3:fd:
23:1e:89:9f:4f:2c:33:a9:76:04:f8:86:ff:59:96:a6:0e:b0:
0d:66:16:3a:ec:cc:c0:b6:a8:8f:a9:64:6b:30:46:1d:62:bd:
a5:12:02:83:5f:69:bf:15:03:dd:41:73:dd:a2:df:50:da:a8:
38:86:4a:5e:26:12:15:59:7a:02:6c:a3:6c:6f:ca:21:4e:cc:
fd:4e:0c:bb:e1:7b:a2:1c:b4:55:5e:33:67:71:f4:c6:9c:34:
74:2b:96:62:0d:6c:3c:57:60:8a:fa:69:52:12:a7:35:b4:b0:
84:e5:a3:37
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBYcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MkMxOENBRjExMC8GA1UEBRMoNjNFMEJCNkIzNDMzQ0Q1RDcxQTQyQjAxNjlCREIw
MUUyMEU0NTU3RjAeFw0yNDEyMjUxODE4MjNaFw0yNDEyMzExODE4MjNaMBgxFjAU
BgNVBAMTDTY3NmM0YzczLTFlM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC93OTitAnkqczvzPHLFlFK2Q3F+3e4IkKLQRVxCM5Oe2HV0k2psb9mTjyb
0o5WTzssJ6MCCMcR1JIOvNIl1VkaZ8yVLIh/lnMGppSJr/gTcPh5eQxR5gLQEmI7
WkHoeuL5gGgLZoJ4ss5MWf2ogzENBlOnZOUxoJAWVfnqysvbUlQrqZnq3ubjtJXs
PulzacuNJt5lAbedVmD3/6ldm6FmJjm+bojCwqtQO2YjSj4Gh0lini97jHy4hSMN
+U1QmOpcOZKjVaulRMaIQ+nx4ugLMDJxvYkF7pNqZpHbrrhoXWyaz0QIgeNGTVYF
EAJFyyIQUnsiE4pU0oKvgHqUyklvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU/SeE
jNpgahhoGp4E2l7VbJLwwHYwHwYDVR0jBBgwFoAUY+C7azQzzV1xpCsBab2wHiDk
VX8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjJDMThDLzQ1ODgzMjkwQUJEMTExRUJCMUE2NzE1RUY4QUVBMjI4L1ktQzdh
elF6elYxeHBDc0JhYjJ3SGlEa1ZYOC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1ktQzdhelF6elYxeHBDc0JhYjJ3SGlEa1ZYOC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjJDMThDLzQ1ODgzMjkwQUJEMTExRUJCMUE2NzE1RUY4
QUVBMjI4L0EyOEJGNERDQzJFQzExRUZBNUZDODc5NTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm3NQwDQYJKoZIhvcNAQEL
BQADggEBAFyV5kGzk8XnXLcvNY35Vti+FXn1J3QuGItNjidf7BTMNi/cJEsy/4Iv
Gv1DXi/XeL89SVvc7SnivOCkBTvYz0lVDX+/ojKtF9H/17xLQm8GKwXcT6A340mA
eeLars+muYjSvp8aeLlTf0APRXWLHMZv9pQT5hrG/nUnGHk04CGQqpkFSI9GtEHT
D5ZbxiKj/SMeiZ9PLDOpdgT4hv9ZlqYOsA1mFjrszMC2qI+pZGswRh1ivaUSAoNf
ab8VA91Bc92i31DaqDiGSl4mEhVZegJso2xvyiFOzP1ODLvhe6IctFVeM2dx9Mac
NHQrlmINbDxXYIr6aVISpzW0sITlozc=
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:07:58 2025 by rpki-client