Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3644DAB/B511F7E4F24911ECA2791192F1222468/BB5C2232F2D511EC8B99CFD2F1222468.roa
File: BB5C2232F2D511EC8B99CFD2F1222468.roa (raw, json)
Hash identifier: 4da53lEBvU41qUZZq0/XJfftOqd8uKKu9e/IXKfBsV0=
Subject key identifier: B4:09:79:43:7F:61:04:2F:CB:74:33:44:35:55:72:72:A4:D4:86:11
Certificate issuer: /CN=F3644DABAF/serialNumber=5D5C2A96B2E372B0AC47F48DBDC7D7FD1FBDB132
Certificate serial: 04
Authority key identifier: 5D:5C:2A:96:B2:E3:72:B0:AC:47:F4:8D:BD:C7:D7:FD:1F:BD:B1:32
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/XVwqlrLjcrCsR_SNvcfX_R-9sTI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3644DAB/B511F7E4F24911ECA2791192F1222468/BB5C2232F2D511EC8B99CFD2F1222468.roa
Signing time: Thu 23 Jun 2022 09:20:33 +0000
ROA not before: Thu 23 Jun 2022 09:20:29 +0000
ROA not after: Fri 31 Mar 2023 09:20:29 +0000
asID: 329050
IP address blocks: 102.216.21.0/24 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3644DABAF/serialNumber=5D5C2A96B2E372B0AC47F48DBDC7D7FD1FBDB132
Validity
Not Before: Jun 23 09:20:29 2022 GMT
Not After : Mar 31 09:20:29 2023 GMT
Subject: CN=62b43061-3780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4f:16:cd:d0:04:a8:b6:a9:e6:eb:06:90:94:
69:93:9b:b1:53:9f:69:c0:54:53:a8:0f:82:15:97:
f1:3e:67:19:75:6b:07:7e:1f:cb:15:e8:19:b8:c3:
20:93:0c:b8:09:f2:6e:12:24:d0:43:94:5f:ac:64:
cc:db:d5:70:79:49:d6:c1:ff:9c:f6:f2:14:34:5d:
1c:d4:48:95:f9:9a:4d:6b:e2:b7:cc:88:f8:06:f2:
d4:03:0a:e0:54:48:8b:b7:08:26:64:7c:93:83:3e:
a1:71:ca:48:5f:92:50:35:e6:5f:df:3a:fb:20:c9:
cc:33:b9:c5:42:44:c8:a5:6e:dd:5b:9f:73:f3:64:
d7:6f:77:3e:25:ed:6c:27:99:55:ba:14:8f:10:b3:
92:c3:79:b9:e1:d8:4e:f4:45:3f:d7:38:a6:e6:36:
e4:35:7b:f5:d9:8f:55:65:25:e8:f3:4b:a9:ce:4c:
a3:55:a2:c1:0f:20:ad:d2:38:b9:7a:eb:e8:be:18:
96:8b:4f:d2:1c:c3:0a:0f:3b:b7:62:65:cb:b8:a8:
33:31:ce:26:ca:2d:6a:e7:01:73:f3:f1:00:be:ee:
3b:c1:87:a6:06:4f:71:80:75:47:f3:02:47:6a:6a:
cd:ee:9f:a1:e0:87:a3:07:56:dd:65:83:f5:da:7b:
b0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:09:79:43:7F:61:04:2F:CB:74:33:44:35:55:72:72:A4:D4:86:11
X509v3 Authority Key Identifier:
keyid:5D:5C:2A:96:B2:E3:72:B0:AC:47:F4:8D:BD:C7:D7:FD:1F:BD:B1:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3644DAB/B511F7E4F24911ECA2791192F1222468/XVwqlrLjcrCsR_SNvcfX_R-9sTI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XVwqlrLjcrCsR_SNvcfX_R-9sTI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3644DAB/B511F7E4F24911ECA2791192F1222468/BB5C2232F2D511EC8B99CFD2F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.216.21.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:99:1b:9c:34:fc:00:65:01:c9:c7:11:40:9b:a9:fe:60:62:
f4:2d:ba:bf:fc:96:6e:97:76:ac:46:28:bc:35:3a:e5:07:84:
4c:7c:a2:30:20:74:4e:5b:26:86:4d:bb:87:05:24:86:86:27:
b4:ef:2f:67:9c:30:3b:e0:7f:fb:d6:d0:f4:91:fc:04:fb:c3:
9c:c9:03:20:3e:33:be:30:33:7a:00:9c:96:0d:d8:40:2d:ee:
ae:86:d5:7d:0e:4e:bb:ea:01:54:ab:f0:dd:e6:2d:63:2d:13:
de:b3:66:e8:03:1b:3c:72:62:38:17:48:62:4f:56:93:61:2f:
84:41:78:2f:33:84:9f:38:0c:81:05:55:ef:27:31:96:4f:fd:
f6:6e:8c:d6:40:85:1a:9e:e7:76:60:42:01:85:83:81:7a:b8:
15:28:59:ed:a1:da:37:b0:ba:f7:87:e6:d5:ee:b5:9c:bc:f8:
b1:f5:85:f3:c3:df:79:22:fe:da:00:92:ca:48:32:44:fa:52:
f9:a0:c4:e8:41:71:4c:bb:c3:c5:76:ee:3d:8d:12:61:6b:cf:
91:28:03:c2:f1:67:b3:07:53:d8:5d:64:91:0d:71:dc:0d:35:
62:93:52:76:06:ad:eb:ed:72:61:b7:2a:2e:65:fd:f8:a9:99:
39:8a:88:af
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
NERBQkFGMTEwLwYDVQQFEyg1RDVDMkE5NkIyRTM3MkIwQUM0N0Y0OERCREM3RDdG
RDFGQkRCMTMyMB4XDTIyMDYyMzA5MjAyOVoXDTIzMDMzMTA5MjAyOVowGDEWMBQG
A1UEAwwNNjJiNDMwNjEtMzc4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1PFs3QBKi2qebrBpCUaZObsVOfacBUU6gPghWX8T5nGXVrB34fyxXoGbjD
IJMMuAnybhIk0EOUX6xkzNvVcHlJ1sH/nPbyFDRdHNRIlfmaTWvit8yI+Aby1AMK
4FRIi7cIJmR8k4M+oXHKSF+SUDXmX986+yDJzDO5xUJEyKVu3Vufc/Nk1293PiXt
bCeZVboUjxCzksN5ueHYTvRFP9c4puY25DV79dmPVWUl6PNLqc5Mo1WiwQ8grdI4
uXrr6L4YlotP0hzDCg87t2Jly7ioMzHOJsotaucBc/PxAL7uO8GHpgZPcYB1R/MC
R2pqze6foeCHowdW3WWD9dp7sE8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBS0CXlD
f2EEL8t0M0Q1VXJypNSGETAfBgNVHSMEGDAWgBRdXCqWsuNysKxH9I29x9f9H72x
MjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDREQUIvQjUxMUY3RTRGMjQ5MTFFQ0EyNzkxMTkyRjEyMjI0NjgvWFZ3cWxy
TGpjckNzUl9TTnZjZlhfUi05c1RJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWFZ3cWxyTGpjckNzUl9TTnZjZlhfUi05c1RJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDREQUIvQjUxMUY3RTRGMjQ5MTFFQ0EyNzkxMTkyRjEy
MjI0NjgvQkI1QzIyMzJGMkQ1MTFFQzhCOTlDRkQyRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbYFTANBgkqhkiG9w0BAQsF
AAOCAQEAwZkbnDT8AGUByccRQJup/mBi9C26v/yWbpd2rEYovDU65QeETHyiMCB0
Tlsmhk27hwUkhoYntO8vZ5wwO+B/+9bQ9JH8BPvDnMkDID4zvjAzegCclg3YQC3u
robVfQ5Ou+oBVKvw3eYtYy0T3rNm6AMbPHJiOBdIYk9Wk2EvhEF4LzOEnzgMgQVV
7ycxlk/99m6M1kCFGp7ndmBCAYWDgXq4FShZ7aHaN7C694fm1e61nLz4sfWF88Pf
eSL+2gCSykgyRPpS+aDE6EFxTLvDxXbuPY0SYWvPkSgDwvFnswdT2F1kkQ1x3A01
YpNSdgat6+1yYbcqLmX9+KmZOYqIrw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:59 2023 by rpki-client on console-fra.rpki-client.org