Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36675E3/DA6A1362D3EF11EEB0BF7F4F775412E6/DC43CB14D43B11EE98329FC2775412E6.roa
File: DC43CB14D43B11EE98329FC2775412E6.roa (raw, json)
Hash identifier: vCSyotAmgFKD3uog0bAvQ6jr1ArKpYVgl721XkAf2oI=
Subject key identifier: EB:B3:60:91:E1:6A:56:EE:B9:81:C3:E2:E7:9F:60:6C:97:BB:1F:30
Certificate issuer: /CN=F36675E3AF/serialNumber=89BD146BAD721E9C9419C509C6EB2D5DECB96721
Certificate serial: 09
Authority key identifier: 89:BD:14:6B:AD:72:1E:9C:94:19:C5:09:C6:EB:2D:5D:EC:B9:67:21
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ib0Ua61yHpyUGcUJxustXey5ZyE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36675E3/DA6A1362D3EF11EEB0BF7F4F775412E6/DC43CB14D43B11EE98329FC2775412E6.roa
Signing time: Mon 26 Feb 2024 00:13:26 +0000
ROA not before: Mon 26 Feb 2024 00:00:22 +0000
ROA not after: Wed 26 Feb 2025 00:00:22 +0000
asID: 328997
IP address blocks: 102.214.128.0/22 maxlen: 22
102.216.216.0/22 maxlen: 22
2c0f:2240::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36675E3AF, serialNumber=89BD146BAD721E9C9419C509C6EB2D5DECB96721
Validity
Not Before: Feb 26 00:00:22 2024 GMT
Not After : Feb 26 00:00:22 2025 GMT
Subject: CN=65dbd7a6-93ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d8:6d:da:8b:cb:2e:3c:04:f9:b4:2b:f0:8a:
39:9f:1e:7f:5c:5a:94:96:ef:32:30:bf:b9:d6:36:
17:b9:f1:42:27:fd:d0:ef:24:72:98:f5:e5:77:4e:
96:a5:45:9f:02:53:62:15:1c:a1:6f:3f:04:e0:21:
d2:9d:a9:02:a8:6a:8c:20:02:92:e2:94:60:83:9a:
02:bd:13:37:fc:83:d8:2d:c0:e9:15:55:0e:78:b6:
eb:1c:fb:6a:d4:76:f4:ae:8f:2c:09:10:ba:7e:c0:
09:72:22:c8:05:50:1b:20:92:ad:30:05:1e:78:fd:
da:07:29:cd:9f:05:77:3c:ee:2b:0f:e0:81:7a:44:
d4:cc:6f:10:97:eb:ab:49:ab:a9:0b:65:ba:e5:c7:
02:ed:61:f4:90:2d:54:16:4d:af:c0:93:d8:a3:83:
42:82:b3:58:5b:50:36:39:10:13:3d:01:20:b7:4d:
f5:c5:d7:39:c4:3a:49:cd:af:6a:54:09:38:11:12:
77:0a:66:ab:59:8d:4c:10:d0:8b:5b:6a:f9:2f:4c:
f2:cc:a7:c5:c2:55:4f:c5:11:0d:eb:a4:32:e4:c5:
89:e4:a9:7e:61:21:fa:2d:65:71:9b:21:2d:4a:9b:
64:49:6e:d9:0f:a0:3e:95:c7:d4:78:cf:8e:9d:25:
34:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B3:60:91:E1:6A:56:EE:B9:81:C3:E2:E7:9F:60:6C:97:BB:1F:30
X509v3 Authority Key Identifier:
keyid:89:BD:14:6B:AD:72:1E:9C:94:19:C5:09:C6:EB:2D:5D:EC:B9:67:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36675E3/DA6A1362D3EF11EEB0BF7F4F775412E6/ib0Ua61yHpyUGcUJxustXey5ZyE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ib0Ua61yHpyUGcUJxustXey5ZyE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36675E3/DA6A1362D3EF11EEB0BF7F4F775412E6/DC43CB14D43B11EE98329FC2775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.214.128.0/22
102.216.216.0/22
IPv6:
2c0f:2240::/32
Signature Algorithm: sha256WithRSAEncryption
b6:14:96:ea:f1:01:63:cc:05:1b:9d:a3:9d:dd:3d:57:82:bf:
eb:3b:be:76:af:c9:eb:e5:f1:fa:81:a6:41:95:be:24:33:cb:
39:79:cc:90:7d:f6:10:79:0e:d6:b5:db:e6:e6:8f:52:01:d6:
66:13:48:0e:e3:8f:fa:ec:67:61:f1:13:66:ad:4b:78:e8:92:
32:ab:f3:4c:3f:f3:6f:ed:7b:b5:ab:5b:9e:6f:ff:63:a5:d1:
31:74:e1:ff:9c:e0:fb:c2:7e:ed:a2:02:e5:82:32:d4:7c:3b:
cc:53:9e:f5:58:80:9d:1d:3d:0c:c0:de:08:a7:31:34:a1:c5:
95:c0:75:84:e8:e6:f1:2f:0a:64:d5:6b:ad:5d:2b:01:40:84:
92:66:f7:35:4d:b1:3f:30:dd:28:8a:47:48:b6:25:5d:ec:9a:
b6:9f:7e:fc:9c:e4:e9:23:5c:cc:44:ef:d6:18:ab:03:d3:2a:
0e:80:95:c6:4e:02:0a:3d:18:09:cb:6c:e8:60:b5:a7:37:a3:
47:fa:56:65:70:eb:d3:99:4b:2f:b4:e1:27:e4:42:11:c3:a2:
cd:0b:f6:df:8d:ad:68:47:c6:1d:c8:61:a6:73:0a:e4:03:5c:
7d:db:9f:64:92:21:1b:63:3f:5b:a7:1f:ec:05:f4:ed:84:4a:
38:8f:f0:63
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBCTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
NzVFM0FGMTEwLwYDVQQFEyg4OUJEMTQ2QkFENzIxRTlDOTQxOUM1MDlDNkVCMkQ1
REVDQjk2NzIxMB4XDTI0MDIyNjAwMDAyMloXDTI1MDIyNjAwMDAyMlowGDEWMBQG
A1UEAxMNNjVkYmQ3YTYtOTNhZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOTYbdqLyy48BPm0K/CKOZ8ef1xalJbvMjC/udY2F7nxQif90O8kcpj15XdO
lqVFnwJTYhUcoW8/BOAh0p2pAqhqjCACkuKUYIOaAr0TN/yD2C3A6RVVDni26xz7
atR29K6PLAkQun7ACXIiyAVQGyCSrTAFHnj92gcpzZ8FdzzuKw/ggXpE1MxvEJfr
q0mrqQtluuXHAu1h9JAtVBZNr8CT2KODQoKzWFtQNjkQEz0BILdN9cXXOcQ6Sc2v
alQJOBESdwpmq1mNTBDQi1tq+S9M8synxcJVT8URDeukMuTFieSpfmEh+i1lcZsh
LUqbZElu2Q+gPpXH1HjPjp0lNA0CAwEAAaOCArowggK2MB0GA1UdDgQWBBTrs2CR
4WpW7rmBw+Lnn2Bsl7sfMDAfBgNVHSMEGDAWgBSJvRRrrXIenJQZxQnG6y1d7Lln
ITAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Njc1RTMvREE2QTEzNjJEM0VGMTFFRUIwQkY3RjRGNzc1NDEyRTYvaWIwVWE2
MXlIcHlVR2NVSnh1c3RYZXk1WnlFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaWIwVWE2MXlIcHlVR2NVSnh1c3RYZXk1WnlFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Njc1RTMvREE2QTEzNjJEM0VGMTFFRUIwQkY3RjRGNzc1
NDEyRTYvREM0M0NCMTRENDNCMTFFRTk4MzI5RkMyNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmbWgAMEAmbY2DANBAIAAjAH
AwUALA8iQDANBgkqhkiG9w0BAQsFAAOCAQEAthSW6vEBY8wFG52jnd09V4K/6zu+
dq/J6+Xx+oGmQZW+JDPLOXnMkH32EHkO1rXb5uaPUgHWZhNIDuOP+uxnYfETZq1L
eOiSMqvzTD/zb+17tatbnm//Y6XRMXTh/5zg+8J+7aIC5YIy1Hw7zFOe9ViAnR09
DMDeCKcxNKHFlcB1hOjm8S8KZNVrrV0rAUCEkmb3NU2xPzDdKIpHSLYlXeyatp9+
/Jzk6SNczETv1hirA9MqDoCVxk4CCj0YCcts6GC1pzejR/pWZXDr05lLL7ThJ+RC
EcOizQv2342taEfGHchhpnMK5ANcfdufZJIhG2M/W6cf7AX07YRKOI/wYw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:15:51 2025 by rpki-client