Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366FE6C/B3374424131B11EBA4121A39F8AEA228/8F7DA902131F11EBA6528A3EF8AEA228.roa
File: 8F7DA902131F11EBA6528A3EF8AEA228.roa (raw, json)
Hash identifier: vp3SqeSnwdDdV6yOqe7FilAOFCUobWVZM3utLLGIyfQ=
Subject key identifier: 85:A5:2E:42:56:5D:EC:68:D6:BB:1B:9E:78:6E:2E:DC:18:AD:42:61
Certificate issuer: /CN=F366FE6CAF/serialNumber=4A1FE76B4DFB0173B6F31B7F36A5A982E08D9C19
Certificate serial: 02
Authority key identifier: 4A:1F:E7:6B:4D:FB:01:73:B6:F3:1B:7F:36:A5:A9:82:E0:8D:9C:19
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Sh_na037AXO28xt_NqWpguCNnBk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366FE6C/B3374424131B11EBA4121A39F8AEA228/8F7DA902131F11EBA6528A3EF8AEA228.roa
Signing time: Tue 20 Oct 2020 21:59:44 +0000
ROA not before: Tue 20 Oct 2020 21:59:38 +0000
ROA not after: Thu 20 Oct 2022 21:59:38 +0000
asID: 328748
IP address blocks: 102.221.176.0/22 maxlen: 22
2c0f:e9f0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366FE6CAF/serialNumber=4A1FE76B4DFB0173B6F31B7F36A5A982E08D9C19
Validity
Not Before: Oct 20 21:59:38 2020 GMT
Not After : Oct 20 21:59:38 2022 GMT
Subject: CN=5f8f5dd0-a613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c4:8f:86:5f:74:72:cf:8c:c4:d5:ec:a7:6a:
f2:06:82:6a:66:e7:1d:2f:e6:e5:0e:f9:50:55:8e:
e3:cd:80:7d:c4:c4:9e:4c:79:07:63:25:81:b7:3e:
ca:c3:7c:cb:b3:59:c7:19:23:d6:7f:e4:5b:64:d9:
6b:5e:e3:18:ee:d0:07:9a:10:30:a0:1a:43:09:90:
37:56:ba:b5:6c:b1:e2:ea:ff:47:c8:1a:b5:7d:33:
9f:b0:f7:2e:d4:15:5d:a6:70:41:df:bb:20:0c:f8:
b2:7d:c3:7e:c3:46:12:23:9d:53:32:2b:8f:e0:78:
4e:2f:9e:e9:a9:2d:7e:fa:84:7f:ad:2f:64:1c:c2:
8d:5b:2c:c4:55:b5:81:19:88:05:f8:5f:b7:08:97:
ab:15:1d:ce:09:2c:fc:3c:9e:c1:60:77:6f:3a:04:
f6:54:86:b5:74:ef:ff:8e:cc:28:70:2d:b4:50:6b:
26:3a:8c:88:d4:33:1b:15:d0:39:b8:9d:5d:b3:dc:
f9:47:06:ed:be:b4:e8:89:68:51:83:61:62:ea:b3:
28:10:bf:b1:12:55:79:ac:7b:ff:0c:ac:1d:1b:ef:
7b:92:fb:5d:2a:19:a4:82:07:f9:fb:e0:e2:29:80:
52:81:81:d5:95:64:fa:97:a1:07:1a:3e:ac:11:2f:
e8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A5:2E:42:56:5D:EC:68:D6:BB:1B:9E:78:6E:2E:DC:18:AD:42:61
X509v3 Authority Key Identifier:
keyid:4A:1F:E7:6B:4D:FB:01:73:B6:F3:1B:7F:36:A5:A9:82:E0:8D:9C:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366FE6C/B3374424131B11EBA4121A39F8AEA228/Sh_na037AXO28xt_NqWpguCNnBk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Sh_na037AXO28xt_NqWpguCNnBk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366FE6C/B3374424131B11EBA4121A39F8AEA228/8F7DA902131F11EBA6528A3EF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.176.0/22
IPv6:
2c0f:e9f0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:8f:57:29:ef:28:97:d4:cf:08:f9:93:e1:02:8f:fe:f2:36:
24:16:62:e0:91:05:36:84:80:2a:7b:9a:29:c2:5a:48:a5:ea:
ea:fd:a5:86:81:82:dd:27:3d:c9:1b:25:b6:e1:8b:8b:d8:35:
58:36:f5:3b:e4:db:72:15:6a:db:c8:b9:cb:d8:65:89:90:b6:
f1:97:f2:5e:bc:c8:ca:94:f0:d9:73:a7:a5:f6:39:cd:b8:fc:
38:aa:dc:57:7b:14:25:95:ad:c0:ff:4b:0b:3a:e1:83:84:e2:
f5:9a:44:a9:d1:11:0d:98:03:60:53:2d:a8:9b:03:1b:8b:31:
6a:d6:6d:34:34:5d:c2:a2:73:fc:1a:fb:57:b0:51:25:43:f7:
32:de:4c:45:0e:ba:50:ca:28:2c:a5:58:8b:99:2a:74:51:9c:
81:16:b3:fb:ff:a9:ee:dd:8c:f3:ef:f1:a4:cd:10:aa:35:96:
08:19:01:ba:99:32:6c:2c:9f:74:55:8b:31:97:c3:96:b6:21:
ba:14:4f:ea:5d:bb:4b:c2:19:ad:6c:6e:b1:21:55:be:40:2d:
5e:78:4b:13:c1:f1:17:15:39:4c:ea:b0:af:6b:52:58:41:a5:
77:4d:e3:4d:96:2b:d8:4c:9c:a3:35:1a:d5:73:45:3c:9c:b2:
f8:cc:92:a9
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
RkU2Q0FGMTEwLwYDVQQFEyg0QTFGRTc2QjRERkIwMTczQjZGMzFCN0YzNkE1QTk4
MkUwOEQ5QzE5MB4XDTIwMTAyMDIxNTkzOFoXDTIyMTAyMDIxNTkzOFowGDEWMBQG
A1UEAxMNNWY4ZjVkZDAtYTYxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTEj4ZfdHLPjMTV7Kdq8gaCambnHS/m5Q75UFWO482AfcTEnkx5B2Mlgbc+
ysN8y7NZxxkj1n/kW2TZa17jGO7QB5oQMKAaQwmQN1a6tWyx4ur/R8gatX0zn7D3
LtQVXaZwQd+7IAz4sn3DfsNGEiOdUzIrj+B4Ti+e6aktfvqEf60vZBzCjVssxFW1
gRmIBfhftwiXqxUdzgks/DyewWB3bzoE9lSGtXTv/47MKHAttFBrJjqMiNQzGxXQ
ObidXbPc+UcG7b606IloUYNhYuqzKBC/sRJVeax7/wysHRvve5L7XSoZpIIH+fvg
4imAUoGB1ZVk+pehBxo+rBEv6OkCAwEAAaOCArQwggKwMB0GA1UdDgQWBBSFpS5C
Vl3saNa7G554bi7cGK1CYTAfBgNVHSMEGDAWgBRKH+drTfsBc7bzG382pamC4I2c
GTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkZFNkMvQjMzNzQ0MjQxMzFCMTFFQkE0MTIxQTM5RjhBRUEyMjgvU2hfbmEw
MzdBWE8yOHh0X05xV3BndUNObkJrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU2hfbmEwMzdBWE8yOHh0X05xV3BndUNObkJrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkZFNkMvQjMzNzQ0MjQxMzFCMTFFQkE0MTIxQTM5RjhB
RUEyMjgvOEY3REE5MDIxMzFGMTFFQkE2NTI4QTNFRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbdsDANBAIAAjAHAwUALA/p
8DANBgkqhkiG9w0BAQsFAAOCAQEAb49XKe8ol9TPCPmT4QKP/vI2JBZi4JEFNoSA
KnuaKcJaSKXq6v2lhoGC3Sc9yRsltuGLi9g1WDb1O+TbchVq28i5y9hliZC28Zfy
XrzIypTw2XOnpfY5zbj8OKrcV3sUJZWtwP9LCzrhg4Ti9ZpEqdERDZgDYFMtqJsD
G4sxatZtNDRdwqJz/Br7V7BRJUP3Mt5MRQ66UMooLKVYi5kqdFGcgRaz+/+p7t2M
8+/xpM0QqjWWCBkBupkybCyfdFWLMZfDlrYhuhRP6l27S8IZrWxusSFVvkAtXnhL
E8HxFxU5TOqwr2tSWEGld03jTZYr2EycozUa1XNFPJyy+MySqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:09 2024 by rpki-client on console-fra.rpki-client.org