Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364AE44/22270EFEAF4411EB8C257686F8AEA228/407CDA20B19A11EBA19BD174F8AEA228.roa
File: 407CDA20B19A11EBA19BD174F8AEA228.roa (raw, json)
Hash identifier: suXMkJQgGBGMwFXobrIWnR4eDXv7rT1HiLfL6Kpunfk=
Subject key identifier: 49:87:66:58:37:4D:D5:D5:D9:09:20:A8:06:AB:A5:AE:CA:52:09:EE
Certificate issuer: /CN=F364AE44AF/serialNumber=8F503BD573CE113517CD6B4CFA374A62F15E12C1
Certificate serial: 05
Authority key identifier: 8F:50:3B:D5:73:CE:11:35:17:CD:6B:4C:FA:37:4A:62:F1:5E:12:C1
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/j1A71XPOETUXzWtM-jdKYvFeEsE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364AE44/22270EFEAF4411EB8C257686F8AEA228/407CDA20B19A11EBA19BD174F8AEA228.roa
Signing time: Mon 10 May 2021 14:16:03 +0000
ROA not before: Mon 10 May 2021 14:15:56 +0000
ROA not after: Tue 10 May 2022 14:15:56 +0000
asID: 36925
IP address blocks: 41.87.128.0/19 maxlen: 24
41.92.0.0/17 maxlen: 24
41.205.192.0/19 maxlen: 24
41.214.128.0/17 maxlen: 24
102.96.0.0/13 maxlen: 24
105.188.0.0/14 maxlen: 24
196.112.0.0/12 maxlen: 24
197.153.0.0/16 maxlen: 24
197.230.0.0/16 maxlen: 24
197.247.0.0/16 maxlen: 24
197.253.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364AE44AF/serialNumber=8F503BD573CE113517CD6B4CFA374A62F15E12C1
Validity
Not Before: May 10 14:15:56 2021 GMT
Not After : May 10 14:15:56 2022 GMT
Subject: CN=60994023-53ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:42:65:5d:68:c6:b1:50:63:8a:36:9b:51:81:
c9:8a:51:9e:4b:e5:0f:8d:38:9b:09:e6:27:fe:4b:
78:5a:f7:75:a4:01:d1:5e:48:e7:3b:86:eb:38:89:
81:0e:29:f2:89:bf:a1:50:9d:43:70:48:f4:41:b5:
74:4d:33:94:dd:fc:13:35:3b:52:f8:70:b8:68:5c:
38:be:d0:4f:ed:ad:2a:b9:e8:9e:d7:0c:30:af:05:
0a:51:b3:4d:a3:26:ae:e8:ed:4c:18:c3:3c:28:ab:
e0:74:da:a1:96:55:c6:c9:f2:18:2d:8e:11:01:58:
0e:c7:07:75:01:b4:51:ca:fe:17:9f:e0:cd:31:1e:
1e:36:ef:1e:9b:ed:83:5f:d1:d7:49:83:94:dc:5f:
6e:bc:f1:07:ed:3d:b9:1e:c4:0b:b6:e5:db:dc:06:
f9:c2:b6:12:32:45:c6:ad:10:b0:ce:e2:9f:af:62:
0f:e9:3f:9b:5d:a9:c9:e9:1e:41:c1:3a:3b:10:de:
7d:f1:15:04:8c:42:ab:25:ba:13:bc:f4:40:1f:77:
ce:7b:f9:21:87:08:c5:e7:87:e5:9b:ee:38:55:6a:
23:59:02:66:9f:a5:5a:11:78:58:1b:c5:b4:82:24:
41:aa:be:43:db:fe:ae:cf:12:d5:ea:b7:eb:f4:8d:
79:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:87:66:58:37:4D:D5:D5:D9:09:20:A8:06:AB:A5:AE:CA:52:09:EE
X509v3 Authority Key Identifier:
keyid:8F:50:3B:D5:73:CE:11:35:17:CD:6B:4C:FA:37:4A:62:F1:5E:12:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364AE44/22270EFEAF4411EB8C257686F8AEA228/j1A71XPOETUXzWtM-jdKYvFeEsE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/j1A71XPOETUXzWtM-jdKYvFeEsE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364AE44/22270EFEAF4411EB8C257686F8AEA228/407CDA20B19A11EBA19BD174F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.87.128.0/19
41.92.0.0/17
41.205.192.0/19
41.214.128.0/17
102.96.0.0/13
105.188.0.0/14
196.112.0.0/12
197.153.0.0/16
197.230.0.0/16
197.247.0.0/16
197.253.128.0/17
Signature Algorithm: sha256WithRSAEncryption
28:03:58:cf:81:d0:3e:89:e4:34:7b:13:f5:f2:9c:44:a4:0f:
4f:0f:df:06:f4:be:22:91:ed:a3:e1:e5:bc:b7:f8:f6:68:23:
2f:c2:e5:57:62:fb:cf:65:18:71:44:cd:a5:04:50:f9:bb:3b:
fe:5b:6d:9a:57:0a:20:26:0a:41:ae:ea:85:93:99:9b:29:93:
4b:43:24:04:d2:ea:8e:7e:0b:ab:04:d9:9c:d7:fb:d3:af:20:
2f:de:cd:e9:23:19:24:a7:e7:8f:6b:08:e9:03:44:02:70:47:
f9:b2:08:55:1a:91:93:b2:ed:69:9f:3f:bf:f2:25:b4:9a:64:
72:e6:e1:2d:62:87:42:be:d8:91:6d:17:5f:26:f9:a7:dd:f3:
a3:48:60:d5:fb:dc:78:17:17:4a:96:08:1f:2f:6c:7b:a7:db:
59:47:19:d4:70:bc:1d:bc:b9:95:4d:29:5e:9e:3d:52:8d:08:
93:83:fe:20:9e:fe:3f:d7:c2:39:e4:cc:83:ec:9a:d7:7f:f0:
1d:50:d2:da:78:21:2b:8c:7c:03:a1:cf:0e:7b:96:e6:ec:92:
0d:63:a0:2f:97:17:10:f2:0d:0b:c1:b0:c6:66:0e:d0:f8:ed:
f4:bc:48:03:ad:ac:5d:e5:f2:aa:61:a1:0f:f1:3c:83:1d:6a:
94:44:81:72
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
QUU0NEFGMTEwLwYDVQQFEyg4RjUwM0JENTczQ0UxMTM1MTdDRDZCNENGQTM3NEE2
MkYxNUUxMkMxMB4XDTIxMDUxMDE0MTU1NloXDTIyMDUxMDE0MTU1NlowGDEWMBQG
A1UEAxMNNjA5OTQwMjMtNTNhYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFCZV1oxrFQY4o2m1GByYpRnkvlD404mwnmJ/5LeFr3daQB0V5I5zuG6ziJ
gQ4p8om/oVCdQ3BI9EG1dE0zlN38EzU7UvhwuGhcOL7QT+2tKrnontcMMK8FClGz
TaMmrujtTBjDPCir4HTaoZZVxsnyGC2OEQFYDscHdQG0Ucr+F5/gzTEeHjbvHpvt
g1/R10mDlNxfbrzxB+09uR7EC7bl29wG+cK2EjJFxq0QsM7in69iD+k/m12pyeke
QcE6OxDeffEVBIxCqyW6E7z0QB93znv5IYcIxeeH5ZvuOFVqI1kCZp+lWhF4WBvF
tIIkQaq+Q9v+rs8S1eq36/SNeacCAwEAAaOCAtswggLXMB0GA1UdDgQWBBRJh2ZY
N03V1dkJIKgGq6WuylIJ7jAfBgNVHSMEGDAWgBSPUDvVc84RNRfNa0z6N0pi8V4S
wTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NEFFNDQvMjIyNzBFRkVBRjQ0MTFFQjhDMjU3Njg2RjhBRUEyMjgvajFBNzFY
UE9FVFVYeld0TS1qZEtZdkZlRXNFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvajFBNzFYUE9FVFVYeld0TS1qZEtZdkZlRXNFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NEFFNDQvMjIyNzBFRkVBRjQ0MTFFQjhDMjU3Njg2RjhB
RUEyMjgvNDA3Q0RBMjBCMTlBMTFFQkExOUJEMTc0RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEBSlXgAMEBylcAAMEBSnNwAME
BynWgAMDA2ZgAwMCabwDAwTEcAMDAMWZAwMAxeYDAwDF9wMEB8X9gDANBgkqhkiG
9w0BAQsFAAOCAQEAKANYz4HQPonkNHsT9fKcRKQPTw/fBvS+IpHto+HlvLf49mgj
L8LlV2L7z2UYcUTNpQRQ+bs7/lttmlcKICYKQa7qhZOZmymTS0MkBNLqjn4LqwTZ
nNf7068gL97N6SMZJKfnj2sI6QNEAnBH+bIIVRqRk7LtaZ8/v/IltJpkcubhLWKH
Qr7YkW0XXyb5p93zo0hg1fvceBcXSpYIHy9se6fbWUcZ1HC8Hby5lU0pXp49Uo0I
k4P+IJ7+P9fCOeTMg+ya13/wHVDS2nghK4x8A6HPDnuW5uySDWOgL5cXEPINC8Gw
xmYO0Pjt9LxIA62sXeXyqmGhD/E8gx1qlESBcg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:21:56 2023 by rpki-client on console-ams.rpki-client.org