Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364AE1C/23AC93DEE34F11ED9FACB09D2F6D8C1D/F909C4BEE38311ED96F5D9B92F6D8C1D.roa
File: F909C4BEE38311ED96F5D9B92F6D8C1D.roa (raw, json)
Hash identifier: RQFeMfXbCx1jOfBiP9Jj3Y0DLHPJFxPtulZHJrkpnv4=
Subject key identifier: 45:58:EF:CF:7B:BE:FF:28:72:57:D2:17:05:6F:92:52:E6:94:F7:3E
Certificate issuer: /CN=F364AE1CAF/serialNumber=BFDC2F2FDC5CA7DD086A4B9AC52CE3BDDBC5A977
Certificate serial: 02
Authority key identifier: BF:DC:2F:2F:DC:5C:A7:DD:08:6A:4B:9A:C5:2C:E3:BD:DB:C5:A9:77
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/v9wvL9xcp90IakuaxSzjvdvFqXc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364AE1C/23AC93DEE34F11ED9FACB09D2F6D8C1D/F909C4BEE38311ED96F5D9B92F6D8C1D.roa
Signing time: Tue 25 Apr 2023 16:12:28 +0000
ROA not before: Tue 25 Apr 2023 16:12:23 +0000
ROA not after: Sun 31 Mar 2024 16:12:23 +0000
asID: 37415
IP address blocks: 41.222.216.0/22 maxlen: 24
2c0f:eca0::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364AE1CAF/serialNumber=BFDC2F2FDC5CA7DD086A4B9AC52CE3BDDBC5A977
Validity
Not Before: Apr 25 16:12:23 2023 GMT
Not After : Mar 31 16:12:23 2024 GMT
Subject: CN=6447fbec-3c9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:17:fb:36:35:93:a5:dc:d7:05:f5:90:51:bc:
b5:c8:0a:d4:f9:e4:a1:45:2f:7d:0e:a1:d4:61:38:
82:48:fe:17:01:86:09:c6:df:d8:bb:36:6f:53:2c:
20:2d:c9:4a:79:b7:67:c1:64:df:ce:2d:ec:97:00:
f3:8d:86:87:6d:8e:b5:41:6d:91:8e:45:8b:08:a0:
71:23:07:c6:6d:4c:e4:ab:db:5d:62:01:fd:ab:56:
1d:b7:8d:1f:3a:ae:d6:29:43:49:66:79:c4:73:04:
a7:6e:7e:96:97:88:3d:e7:e0:12:d4:15:8f:69:47:
3a:ba:55:94:61:8b:ec:ee:f8:cf:86:5f:b0:27:55:
d8:cf:e9:c0:18:9b:7b:a9:1a:57:7e:14:67:26:bd:
98:32:72:15:52:ff:0a:0f:86:0e:de:ad:53:45:28:
31:1a:a3:1f:ab:76:6b:1f:3e:c4:85:e7:37:1d:1a:
77:39:e0:76:66:ab:76:3c:61:80:75:3b:98:61:be:
b1:3c:d6:ec:c6:ad:38:c6:aa:a0:51:9c:7c:78:f5:
7e:5d:fe:4a:e4:e3:af:71:8f:cb:23:53:d6:ce:b2:
f4:c6:2c:9b:3e:00:e9:c4:5f:8e:ba:37:43:2e:14:
e3:36:c5:e5:29:cb:b2:53:1b:79:2f:4a:ad:a5:b4:
81:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:58:EF:CF:7B:BE:FF:28:72:57:D2:17:05:6F:92:52:E6:94:F7:3E
X509v3 Authority Key Identifier:
keyid:BF:DC:2F:2F:DC:5C:A7:DD:08:6A:4B:9A:C5:2C:E3:BD:DB:C5:A9:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364AE1C/23AC93DEE34F11ED9FACB09D2F6D8C1D/v9wvL9xcp90IakuaxSzjvdvFqXc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/v9wvL9xcp90IakuaxSzjvdvFqXc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364AE1C/23AC93DEE34F11ED9FACB09D2F6D8C1D/F909C4BEE38311ED96F5D9B92F6D8C1D.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.222.216.0/22
IPv6:
2c0f:eca0::/32
Signature Algorithm: sha256WithRSAEncryption
2f:18:05:66:47:65:ab:11:a5:77:8d:f5:e9:c2:8c:fc:22:58:
48:24:b5:ea:33:29:21:77:60:b0:3e:30:49:53:0c:67:b4:56:
36:1e:c9:1e:27:7a:b4:10:13:4e:84:82:76:d0:b3:16:92:fe:
ce:a3:70:9a:91:da:c1:f2:00:be:fe:d5:27:b4:97:c7:75:37:
d0:c3:a6:2f:56:d6:7c:48:b5:f2:f1:21:a3:75:26:57:8c:b9:
fb:76:d3:fc:a4:8c:e3:c4:18:62:ab:cc:34:79:64:40:6e:91:
0b:7f:fa:6d:a5:0f:50:8a:6e:99:09:ef:f4:95:dc:aa:de:8b:
19:e5:19:42:42:ef:fd:ca:dc:fe:11:dd:05:f6:96:92:f7:dc:
4d:0a:12:c7:26:43:2e:7d:e8:51:24:01:6b:2a:00:c1:0b:79:
77:6e:41:97:91:61:b3:95:dc:7c:7a:2f:81:52:b0:47:63:14:
dd:af:e0:a4:73:78:28:19:61:c5:61:1b:c7:58:8e:95:fb:a0:
0c:eb:55:b5:9a:dc:dc:4b:77:04:66:82:53:9a:3d:c7:60:82:
3b:f3:be:37:48:6c:e0:c4:a9:c9:15:f9:e8:90:fa:37:82:ba:
43:19:5a:14:c9:19:7a:b5:5e:6a:07:ac:f7:5b:20:0b:ef:e7:
35:86:bc:fa
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
QUUxQ0FGMTEwLwYDVQQFEyhCRkRDMkYyRkRDNUNBN0REMDg2QTRCOUFDNTJDRTNC
RERCQzVBOTc3MB4XDTIzMDQyNTE2MTIyM1oXDTI0MDMzMTE2MTIyM1owGDEWMBQG
A1UEAwwNNjQ0N2ZiZWMtM2M5ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO8X+zY1k6Xc1wX1kFG8tcgK1PnkoUUvfQ6h1GE4gkj+FwGGCcbf2Ls2b1Ms
IC3JSnm3Z8Fk384t7JcA842Gh22OtUFtkY5FiwigcSMHxm1M5KvbXWIB/atWHbeN
Hzqu1ilDSWZ5xHMEp25+lpeIPefgEtQVj2lHOrpVlGGL7O74z4ZfsCdV2M/pwBib
e6kaV34UZya9mDJyFVL/Cg+GDt6tU0UoMRqjH6t2ax8+xIXnNx0adzngdmardjxh
gHU7mGG+sTzW7MatOMaqoFGcfHj1fl3+SuTjr3GPyyNT1s6y9MYsmz4A6cRfjro3
Qy4U4zbF5SnLslMbeS9KraW0gSkCAwEAAaOCArQwggKwMB0GA1UdDgQWBBRFWO/P
e77/KHJX0hcFb5JS5pT3PjAfBgNVHSMEGDAWgBS/3C8v3Fyn3QhqS5rFLOO928Wp
dzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NEFFMUMvMjNBQzkzREVFMzRGMTFFRDlGQUNCMDlEMkY2RDhDMUQvdjl3dkw5
eGNwOTBJYWt1YXhTemp2ZHZGcVhjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdjl3dkw5eGNwOTBJYWt1YXhTemp2ZHZGcVhjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NEFFMUMvMjNBQzkzREVFMzRGMTFFRDlGQUNCMDlEMkY2
RDhDMUQvRjkwOUM0QkVFMzgzMTFFRDk2RjVEOUI5MkY2RDhDMUQucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAine2DANBAIAAjAHAwUALA/s
oDANBgkqhkiG9w0BAQsFAAOCAQEALxgFZkdlqxGld4316cKM/CJYSCS16jMpIXdg
sD4wSVMMZ7RWNh7JHid6tBATToSCdtCzFpL+zqNwmpHawfIAvv7VJ7SXx3U30MOm
L1bWfEi18vEho3UmV4y5+3bT/KSM48QYYqvMNHlkQG6RC3/6baUPUIpumQnv9JXc
qt6LGeUZQkLv/crc/hHdBfaWkvfcTQoSxyZDLn3oUSQBayoAwQt5d25Bl5Fhs5Xc
fHovgVKwR2MU3a/gpHN4KBlhxWEbx1iOlfugDOtVtZrc3Et3BGaCU5o9x2CCO/O+
N0hs4MSpyRX56JD6N4K6QxlaFMkZerVeages91sgC+/nNYa8+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:08 2024 by rpki-client on console-fra.rpki-client.org