Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3645501/9CDFC738915111EAA5A73044F8AEA228/A33CFFC6A5F911EA90BE762CF8AEA228.roa
File: A33CFFC6A5F911EA90BE762CF8AEA228.roa (raw, json)
Hash identifier: X+s5+uVpsje6TZucm6P/gsf7v3LgbdSVUTAgn6HsEQI=
Subject key identifier: 0B:FB:D6:7C:2E:2A:3A:DD:5E:1D:DE:74:F1:96:4E:AD:3D:8C:DC:37
Certificate issuer: /CN=F3645501AF/serialNumber=0BBA40F550DE49EEC572917124EE008A24C44D0F
Certificate serial: 21
Authority key identifier: 0B:BA:40:F5:50:DE:49:EE:C5:72:91:71:24:EE:00:8A:24:C4:4D:0F
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/C7pA9VDeSe7FcpFxJO4AiiTETQ8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3645501/9CDFC738915111EAA5A73044F8AEA228/A33CFFC6A5F911EA90BE762CF8AEA228.roa
Signing time: Thu 04 Jun 2020 00:23:40 +0000
ROA not before: Thu 04 Jun 2020 00:00:33 +0000
ROA not after: Sat 04 Jun 2022 00:00:33 +0000
asID: 327705
IP address blocks: 196.220.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33 (0x21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3645501AF/serialNumber=0BBA40F550DE49EEC572917124EE008A24C44D0F
Validity
Not Before: Jun 4 00:00:33 2020 GMT
Not After : Jun 4 00:00:33 2022 GMT
Subject: CN=5ed83f0b-fe62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:91:bb:20:57:cf:9e:d4:13:22:64:29:d9:9e:
59:f6:a6:10:23:ab:52:db:03:0f:f7:04:5b:69:23:
18:d7:ac:2d:80:34:6e:07:94:57:cc:da:ab:cf:ec:
f1:60:fa:aa:7c:ac:e1:df:20:c8:ba:f7:f6:a7:3a:
e2:c0:57:90:b3:70:3c:43:ad:09:a5:b3:94:4d:3b:
24:cd:3d:3c:a9:68:f2:4c:0a:68:b6:bf:de:1f:fb:
54:15:cd:d4:c7:6f:23:12:97:95:f4:2b:67:32:5d:
34:a9:72:8d:4a:bc:fd:f0:f7:11:d5:7c:6f:a1:74:
6d:be:4e:af:8c:f4:60:c6:91:fd:e2:13:90:fa:97:
8f:8a:33:a0:e3:29:8a:d2:45:46:b2:49:e9:a3:d4:
ab:2d:98:b0:ea:42:01:44:25:23:06:bb:c8:42:03:
43:f9:be:b6:9b:61:a7:f1:49:c4:20:4b:70:b6:e5:
57:b6:5b:09:6f:2d:16:6d:24:6d:51:a0:96:00:40:
8b:50:95:d6:3f:1c:54:32:39:1f:52:14:8f:6e:fe:
fb:59:16:cc:65:1c:9e:f9:c5:cd:9a:72:8c:8e:ad:
ce:cf:c4:ae:cd:9a:18:5c:4e:7b:01:e5:d6:5e:88:
5c:ab:b8:dd:31:7c:c6:2b:d1:c6:f8:52:c0:a9:74:
f2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:FB:D6:7C:2E:2A:3A:DD:5E:1D:DE:74:F1:96:4E:AD:3D:8C:DC:37
X509v3 Authority Key Identifier:
keyid:0B:BA:40:F5:50:DE:49:EE:C5:72:91:71:24:EE:00:8A:24:C4:4D:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3645501/9CDFC738915111EAA5A73044F8AEA228/C7pA9VDeSe7FcpFxJO4AiiTETQ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/C7pA9VDeSe7FcpFxJO4AiiTETQ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3645501/9CDFC738915111EAA5A73044F8AEA228/A33CFFC6A5F911EA90BE762CF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.220.128.0/19
Signature Algorithm: sha256WithRSAEncryption
85:e1:26:c6:63:04:5e:d8:a5:52:f1:4b:34:25:c3:f4:60:13:
19:90:36:8e:25:0a:96:44:eb:e5:fb:56:42:dc:a6:7b:9a:c6:
e8:46:d8:ac:a1:9e:d0:b6:6e:de:c6:91:69:a1:6b:08:03:22:
5a:ec:53:4f:df:8f:f7:d1:55:b9:a9:be:cf:2a:19:a1:dd:db:
61:97:e8:c7:76:31:f1:c5:13:1c:83:11:2a:51:ee:31:30:4c:
10:3e:e5:49:1b:d8:64:7b:b4:1f:69:00:10:6c:48:c0:cb:a1:
99:e0:bb:02:3c:95:90:3d:22:42:02:dd:38:dc:d6:f0:9e:62:
9e:f9:fa:c7:92:c4:84:3f:7a:ee:2f:6f:72:3d:62:74:04:79:
ca:09:c5:36:c0:db:8b:90:ff:1a:2d:36:a5:98:84:aa:24:a0:
a1:ce:99:8c:c0:d2:33:78:d7:80:2c:7b:c2:61:92:f3:98:b4:
8c:a4:c2:b0:61:ef:14:86:4e:ff:4c:59:52:02:f5:b2:de:22:
c5:bd:0f:3b:84:9f:70:6b:2d:21:51:c4:01:76:d4:b9:98:9c:
d9:60:71:c2:6e:66:53:1a:86:d3:49:91:66:50:69:27:e8:bc:
4a:ce:ed:d0:58:1d:a5:1f:1f:35:48:49:2d:19:c6:73:b5:d5:
a2:86:37:ce
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBITANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
NTUwMUFGMTEwLwYDVQQFEygwQkJBNDBGNTUwREU0OUVFQzU3MjkxNzEyNEVFMDA4
QTI0QzQ0RDBGMB4XDTIwMDYwNDAwMDAzM1oXDTIyMDYwNDAwMDAzM1owGDEWMBQG
A1UEAxMNNWVkODNmMGItZmU2MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMiRuyBXz57UEyJkKdmeWfamECOrUtsDD/cEW2kjGNesLYA0bgeUV8zaq8/s
8WD6qnys4d8gyLr39qc64sBXkLNwPEOtCaWzlE07JM09PKlo8kwKaLa/3h/7VBXN
1MdvIxKXlfQrZzJdNKlyjUq8/fD3EdV8b6F0bb5Or4z0YMaR/eITkPqXj4ozoOMp
itJFRrJJ6aPUqy2YsOpCAUQlIwa7yEIDQ/m+tpthp/FJxCBLcLblV7ZbCW8tFm0k
bVGglgBAi1CV1j8cVDI5H1IUj27++1kWzGUcnvnFzZpyjI6tzs/Ers2aGFxOewHl
1l6IXKu43TF8xivRxvhSwKl08gsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQL+9Z8
Lio63V4d3nTxlk6tPYzcNzAfBgNVHSMEGDAWgBQLukD1UN5J7sVykXEk7gCKJMRN
DzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDU1MDEvOUNERkM3Mzg5MTUxMTFFQUE1QTczMDQ0RjhBRUEyMjgvQzdwQTlW
RGVTZTdGY3BGeEpPNEFpaVRFVFE4LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQzdwQTlWRGVTZTdGY3BGeEpPNEFpaVRFVFE4LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDU1MDEvOUNERkM3Mzg5MTUxMTFFQUE1QTczMDQ0RjhB
RUEyMjgvQTMzQ0ZGQzZBNUY5MTFFQTkwQkU3NjJDRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcTcgDANBgkqhkiG9w0BAQsF
AAOCAQEAheEmxmMEXtilUvFLNCXD9GATGZA2jiUKlkTr5ftWQtyme5rG6EbYrKGe
0LZu3saRaaFrCAMiWuxTT9+P99FVuam+zyoZod3bYZfox3Yx8cUTHIMRKlHuMTBM
ED7lSRvYZHu0H2kAEGxIwMuhmeC7AjyVkD0iQgLdONzW8J5invn6x5LEhD967i9v
cj1idAR5ygnFNsDbi5D/Gi02pZiEqiSgoc6ZjMDSM3jXgCx7wmGS85i0jKTCsGHv
FIZO/0xZUgL1st4ixb0PO4SfcGstIVHEAXbUuZic2WBxwm5mUxqG00mRZlBpJ+i8
Ss7t0FgdpR8fNUhJLRnGc7XVooY3zg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:59 2023 by rpki-client on console-fra.rpki-client.org