Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3645721/4D8578E037FD11EDB8A2ADF9F1222468/201AA7569BBA11ED85E60781F1222468.roa
File: 201AA7569BBA11ED85E60781F1222468.roa (raw, json)
Hash identifier: Zto2ubmlB1WbD8spO5TAi4GgyNK6w1StYZdHyZDI1Ko=
Subject key identifier: 7A:AC:7B:9C:34:10:E4:C6:99:20:4E:EC:10:52:C5:E4:04:17:99:F2
Certificate issuer: /CN=F3645721AF/serialNumber=87F3ADC3A50A77763836AE8E37F5D938695711CA
Certificate serial: 8B
Authority key identifier: 87:F3:AD:C3:A5:0A:77:76:38:36:AE:8E:37:F5:D9:38:69:57:11:CA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/h_Otw6UKd3Y4Nq6ON_XZOGlXEco.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3645721/4D8578E037FD11EDB8A2ADF9F1222468/201AA7569BBA11ED85E60781F1222468.roa
Signing time: Tue 24 Jan 2023 07:38:42 +0000
ROA not before: Wed 25 Jan 2023 07:38:37 +0000
ROA not after: Thu 25 Jan 2024 07:38:37 +0000
asID: 328271
IP address blocks: 102.22.208.0/24 maxlen: 24
102.22.209.0/24 maxlen: 24
102.22.210.0/24 maxlen: 24
102.22.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139 (0x8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3645721AF/serialNumber=87F3ADC3A50A77763836AE8E37F5D938695711CA
Validity
Not Before: Jan 25 07:38:37 2023 GMT
Not After : Jan 25 07:38:37 2024 GMT
Subject: CN=63cf8b02-e9fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fd:6d:d4:37:2a:89:98:53:73:af:26:eb:53:
d2:57:33:7f:49:23:f3:fc:81:6e:33:92:a8:cf:a4:
47:bd:57:e4:e1:bd:e8:3d:80:20:93:80:4e:94:80:
a9:7b:a2:88:12:8c:22:ea:cb:75:a7:24:fa:49:05:
91:c9:54:32:49:27:94:7d:67:82:d2:72:b8:67:2e:
32:13:8a:b3:ce:cf:53:f3:e8:d3:a0:ae:f2:34:bc:
b6:e7:21:5a:c6:49:1d:6a:e8:9c:74:97:1b:b8:1e:
8d:fe:82:96:6c:bd:78:a0:4b:3e:7a:23:0b:a5:fa:
74:a3:07:56:42:dc:2d:c0:dc:65:db:59:5e:ca:09:
28:10:fa:27:7d:60:ab:6c:35:c4:7d:b5:0b:b1:8b:
c8:fe:93:bf:7b:1b:be:7b:69:b9:c6:23:9f:d6:13:
05:4d:3f:fc:77:59:02:37:37:26:d0:f8:c7:33:a6:
f8:0a:20:41:1f:cf:78:2f:29:a1:2a:6b:2e:38:02:
6c:aa:91:2f:e0:8b:5a:7d:fa:b9:09:21:c2:c2:53:
e8:46:81:1a:b6:86:6e:0d:be:07:3a:98:cf:aa:7f:
a3:ca:d6:6a:0b:63:f2:26:be:c9:73:b7:48:0d:e4:
21:7d:f0:ff:1d:77:a7:9a:7b:07:32:71:ad:c1:b9:
00:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:AC:7B:9C:34:10:E4:C6:99:20:4E:EC:10:52:C5:E4:04:17:99:F2
X509v3 Authority Key Identifier:
keyid:87:F3:AD:C3:A5:0A:77:76:38:36:AE:8E:37:F5:D9:38:69:57:11:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3645721/4D8578E037FD11EDB8A2ADF9F1222468/h_Otw6UKd3Y4Nq6ON_XZOGlXEco.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/h_Otw6UKd3Y4Nq6ON_XZOGlXEco.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3645721/4D8578E037FD11EDB8A2ADF9F1222468/201AA7569BBA11ED85E60781F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.22.208.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:03:40:e2:37:57:f9:db:9d:01:31:95:a8:5c:f5:64:c9:e3:
02:22:42:a6:59:89:45:26:80:f9:8d:83:c8:19:9d:36:94:55:
1f:c3:04:0b:ec:4a:eb:e4:42:42:9d:63:c0:16:7c:9e:9d:f0:
62:f5:8e:f0:90:db:35:be:b1:22:79:68:24:01:9f:4d:5e:64:
23:ec:03:01:fc:2a:bc:6a:c3:0c:da:58:8e:fe:84:e8:81:6a:
f2:8e:09:c2:3a:93:3d:26:5d:c4:f0:e7:d1:f0:a7:83:f6:ba:
89:58:51:f1:99:1c:d8:1c:b0:fb:cb:35:ea:90:36:73:af:38:
96:25:85:19:d6:d7:8a:5b:4b:83:ea:1f:a9:22:29:0d:ec:92:
de:94:2f:16:04:9c:8e:1b:a3:ad:61:dd:78:38:5b:80:ad:da:
cc:3b:bf:70:09:1e:43:a4:fb:2b:0d:0b:90:62:9e:ee:d7:e5:
51:d9:c6:17:a9:ce:61:61:9a:96:d1:47:d8:f5:62:da:92:0c:
ee:43:66:8f:c2:56:37:e7:1a:33:b8:ad:df:f8:0a:b8:2d:0f:
44:16:25:4a:54:56:29:2b:9e:2e:e7:b6:72:b4:19:1a:8e:86:
aa:eb:70:47:1b:4f:5b:c0:b9:35:c2:30:ae:03:25:6f:b1:05:
c5:fc:68:bd
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAIswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NDU3MjFBRjExMC8GA1UEBRMoODdGM0FEQzNBNTBBNzc3NjM4MzZBRThFMzdGNUQ5
Mzg2OTU3MTFDQTAeFw0yMzAxMjUwNzM4MzdaFw0yNDAxMjUwNzM4MzdaMBgxFjAU
BgNVBAMMDTYzY2Y4YjAyLWU5ZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDM/W3UNyqJmFNzrybrU9JXM39JI/P8gW4zkqjPpEe9V+Thveg9gCCTgE6U
gKl7oogSjCLqy3WnJPpJBZHJVDJJJ5R9Z4LScrhnLjITirPOz1Pz6NOgrvI0vLbn
IVrGSR1q6Jx0lxu4Ho3+gpZsvXigSz56Iwul+nSjB1ZC3C3A3GXbWV7KCSgQ+id9
YKtsNcR9tQuxi8j+k797G757abnGI5/WEwVNP/x3WQI3NybQ+MczpvgKIEEfz3gv
KaEqay44AmyqkS/gi1p9+rkJIcLCU+hGgRq2hm4Nvgc6mM+qf6PK1moLY/Imvslz
t0gN5CF98P8dd6eaewcyca3BuQCLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUeqx7
nDQQ5MaZIE7sEFLF5AQXmfIwHwYDVR0jBBgwFoAUh/Otw6UKd3Y4Nq6ON/XZOGlX
EcowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ1NzIxLzREODU3OEUwMzdGRDExRURCOEEyQURGOUYxMjIyNDY4L2hfT3R3
NlVLZDNZNE5xNk9OX1haT0dsWEVjby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2hfT3R3NlVLZDNZNE5xNk9OX1haT0dsWEVjby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ1NzIxLzREODU3OEUwMzdGRDExRURCOEEyQURGOUYx
MjIyNDY4LzIwMUFBNzU2OUJCQTExRUQ4NUU2MDc4MUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmFtAwDQYJKoZIhvcNAQEL
BQADggEBAFoDQOI3V/nbnQExlahc9WTJ4wIiQqZZiUUmgPmNg8gZnTaUVR/DBAvs
SuvkQkKdY8AWfJ6d8GL1jvCQ2zW+sSJ5aCQBn01eZCPsAwH8KrxqwwzaWI7+hOiB
avKOCcI6kz0mXcTw59Hwp4P2uolYUfGZHNgcsPvLNeqQNnOvOJYlhRnW14pbS4Pq
H6kiKQ3skt6ULxYEnI4bo61h3Xg4W4Ct2sw7v3AJHkOk+ysNC5Binu7X5VHZxhep
zmFhmpbRR9j1YtqSDO5DZo/CVjfnGjO4rd/4CrgtD0QWJUpUVikrni7ntnK0GRqO
hqrrcEcbT1vAuTXCMK4DJW+xBcX8aL0=
-----END CERTIFICATE-----
Generated at Fri Jan 26 03:25:01 2024 by rpki-client on console-ams.rpki-client.org