Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/77C491D4D97D11EBAE26F85CF8AEA228.roa
File: 77C491D4D97D11EBAE26F85CF8AEA228.roa (raw, json)
Hash identifier: YMPAe6xbhPGxf4IpY5OC39DX9/Q+8GlX1uaPvf2LuGY=
Subject key identifier: C0:CF:EC:69:5A:94:A6:80:07:A5:53:2C:9D:A8:03:22:87:65:3F:7C
Certificate issuer: /CN=F364789CAF/serialNumber=D1F7C00EF3EB06E8817CFDC1DB96060407E49C0D
Certificate serial: 01B6
Authority key identifier: D1:F7:C0:0E:F3:EB:06:E8:81:7C:FD:C1:DB:96:06:04:07:E4:9C:0D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/0ffADvPrBuiBfP3B25YGBAfknA0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/77C491D4D97D11EBAE26F85CF8AEA228.roa
Signing time: Wed 30 Jun 2021 08:30:47 +0000
ROA not before: Wed 30 Jun 2021 08:30:42 +0000
ROA not after: Fri 30 Jun 2023 08:30:42 +0000
asID: 328608
IP address blocks: 102.219.64.0/22 maxlen: 24
102.223.44.0/22 maxlen: 24
102.223.196.0/22 maxlen: 24
102.223.199.0/24 maxlen: 24
2c0f:ebd0::/32 maxlen: 48
2c0f:ebd0:2100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 438 (0x1b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364789CAF/serialNumber=D1F7C00EF3EB06E8817CFDC1DB96060407E49C0D
Validity
Not Before: Jun 30 08:30:42 2021 GMT
Not After : Jun 30 08:30:42 2023 GMT
Subject: CN=60dc2bb7-7fc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:da:5f:77:d1:ba:3c:33:d2:df:60:68:d9:f4:
b4:f1:dc:1f:eb:6b:e0:b3:3e:09:a0:83:3b:30:f5:
cb:f6:fe:51:4a:27:b6:3e:ed:36:31:e5:85:e1:a1:
d2:0c:6d:ea:2d:87:6b:96:e4:8a:f4:68:76:7d:6e:
65:f3:f0:8a:8f:cb:2a:ae:47:e5:a3:12:87:cc:b3:
90:20:83:ef:99:2e:30:bb:d5:0b:b9:48:80:2d:63:
39:2f:60:11:b7:5d:23:63:2b:12:d1:53:c7:dd:8f:
73:af:a2:19:57:ef:ec:76:01:9f:22:72:c7:03:34:
2f:a3:89:bd:cb:34:b2:36:2c:84:cb:6e:23:b6:f7:
3c:22:b5:2a:c0:24:a3:0d:a9:d6:69:dd:5e:64:12:
96:8f:af:22:b2:a8:73:ba:86:57:f3:26:82:20:6c:
ff:12:a6:4a:38:d4:69:69:63:13:2c:80:b3:86:5b:
ab:e1:2c:ac:23:53:b7:31:d3:3d:ff:4f:5d:f9:83:
82:47:77:2c:cb:98:e7:42:ef:4c:a9:33:b9:bc:5c:
69:71:da:02:4f:82:61:92:46:aa:c6:56:a3:16:4e:
18:eb:7a:dc:ce:f0:a4:71:06:6b:c1:de:c7:c0:79:
36:f2:18:9f:a9:3d:c8:fa:81:68:89:87:0b:88:22:
f5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:CF:EC:69:5A:94:A6:80:07:A5:53:2C:9D:A8:03:22:87:65:3F:7C
X509v3 Authority Key Identifier:
keyid:D1:F7:C0:0E:F3:EB:06:E8:81:7C:FD:C1:DB:96:06:04:07:E4:9C:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/0ffADvPrBuiBfP3B25YGBAfknA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0ffADvPrBuiBfP3B25YGBAfknA0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364789C/72EFAF4C910111EABD3F2473F8AEA228/77C491D4D97D11EBAE26F85CF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.219.64.0/22
102.223.44.0/22
102.223.196.0/22
IPv6:
2c0f:ebd0::/32
Signature Algorithm: sha256WithRSAEncryption
2f:7e:c8:98:57:66:a6:3c:31:53:6c:87:d3:8d:05:33:c0:0d:
50:af:ea:b6:92:97:00:46:97:9f:e9:78:07:1b:31:71:08:8b:
80:80:6e:b9:42:f9:73:a3:95:0d:24:49:ab:48:d8:4e:ad:c2:
35:63:87:d7:54:ba:d9:ee:25:f8:93:25:56:bc:35:95:be:94:
39:28:67:95:6e:04:93:e0:f7:c5:b9:a5:5c:45:8a:d1:15:bd:
42:39:40:ce:d5:d1:18:66:fb:34:79:f2:6f:58:a8:83:49:b3:
f5:74:c8:c2:bb:3e:c0:43:6c:d1:88:a0:aa:6c:9b:b7:75:69:
3d:d4:11:0a:b2:ea:2c:07:81:e7:a8:71:b8:75:0a:7e:8a:0c:
e7:a4:b4:5f:98:5d:bd:66:ed:87:cc:0f:2b:09:e2:e5:b7:86:
31:3a:1a:19:f3:37:e5:b8:79:65:2a:75:01:0e:fa:43:1e:c1:
6b:72:44:be:9b:aa:e3:43:e1:b5:63:29:69:1b:eb:e1:fa:5a:
be:a2:f1:0e:3c:87:a8:6f:a7:a3:6d:b6:ac:6e:f6:85:5c:1b:
56:a2:3b:98:0b:d9:32:a0:e8:a3:d9:9d:d4:da:65:53:e2:fd:
01:9e:56:32:cb:7a:ca:f3:d7:19:9b:85:cf:65:d6:1a:04:6d:
45:62:43:cd
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICAbYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDc4OUNBRjExMC8GA1UEBRMoRDFGN0MwMEVGM0VCMDZFODgxN0NGREMxREI5NjA2
MDQwN0U0OUMwRDAeFw0yMTA2MzAwODMwNDJaFw0yMzA2MzAwODMwNDJaMBgxFjAU
BgNVBAMTDTYwZGMyYmI3LTdmYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCz2l930bo8M9LfYGjZ9LTx3B/ra+CzPgmggzsw9cv2/lFKJ7Y+7TYx5YXh
odIMbeoth2uW5Ir0aHZ9bmXz8IqPyyquR+WjEofMs5Agg++ZLjC71Qu5SIAtYzkv
YBG3XSNjKxLRU8fdj3OvohlX7+x2AZ8icscDNC+jib3LNLI2LITLbiO29zwitSrA
JKMNqdZp3V5kEpaPryKyqHO6hlfzJoIgbP8Spko41GlpYxMsgLOGW6vhLKwjU7cx
0z3/T135g4JHdyzLmOdC70ypM7m8XGlx2gJPgmGSRqrGVqMWThjretzO8KRxBmvB
3sfAeTbyGJ+pPcj6gWiJhwuIIvUxAgMBAAGjggLAMIICvDAdBgNVHQ4EFgQUwM/s
aVqUpoAHpVMsnagDIodlP3wwHwYDVR0jBBgwFoAU0ffADvPrBuiBfP3B25YGBAfk
nA0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ3ODlDLzcyRUZBRjRDOTEwMTExRUFCRDNGMjQ3M0Y4QUVBMjI4LzBmZkFE
dlByQnVpQmZQM0IyNVlHQkFma25BMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzBmZkFEdlByQnVpQmZQM0IyNVlHQkFma25BMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ3ODlDLzcyRUZBRjRDOTEwMTExRUFCRDNGMjQ3M0Y4
QUVBMjI4Lzc3QzQ5MUQ0RDk3RDExRUJBRTI2Rjg1Q0Y4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAJm20ADBAJm3ywDBAJm38Qw
DQQCAAIwBwMFACwP69AwDQYJKoZIhvcNAQELBQADggEBAC9+yJhXZqY8MVNsh9ON
BTPADVCv6raSlwBGl5/peAcbMXEIi4CAbrlC+XOjlQ0kSatI2E6twjVjh9dUutnu
JfiTJVa8NZW+lDkoZ5VuBJPg98W5pVxFitEVvUI5QM7V0Rhm+zR58m9YqINJs/V0
yMK7PsBDbNGIoKpsm7d1aT3UEQqy6iwHgeeocbh1Cn6KDOektF+YXb1m7YfMDysJ
4uW3hjE6GhnzN+W4eWUqdQEO+kMewWtyRL6bquND4bVjKWkb6+H6Wr6i8Q48h6hv
p6Nttqxu9oVcG1aiO5gL2TKg6KPZndTaZVPi/QGeVjLLesrz1xmbhc9l1hoEbUVi
Q80=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:56 2023 by rpki-client on console-ams.rpki-client.org