Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367426A/71A5B18428DC11ED99FF3D8FF1222468/F4D66FB028F711ED901510E3F1222468.roa
File: F4D66FB028F711ED901510E3F1222468.roa (raw, json)
Hash identifier: zkReoKHHiFPgC7OZnrAiFivmO2czjo4e3wO4EN/CSFA=
Subject key identifier: 34:71:26:FC:66:2C:6F:8C:4D:8B:14:DF:DD:7A:D4:32:AB:4E:1B:8F
Certificate issuer: /CN=F367426AAF/serialNumber=1B4AB0B720D839B79A9892323B0FABED96705AA2
Certificate serial: 05
Authority key identifier: 1B:4A:B0:B7:20:D8:39:B7:9A:98:92:32:3B:0F:AB:ED:96:70:5A:A2
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/G0qwtyDYObeamJIyOw-r7ZZwWqI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367426A/71A5B18428DC11ED99FF3D8FF1222468/F4D66FB028F711ED901510E3F1222468.roa
Signing time: Wed 31 Aug 2022 06:41:35 +0000
ROA not before: Wed 31 Aug 2022 06:41:32 +0000
ROA not after: Sat 31 Aug 2024 06:41:32 +0000
asID: 328334
IP address blocks: 102.134.88.0/22 maxlen: 22
2c0f:ef30::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367426AAF/serialNumber=1B4AB0B720D839B79A9892323B0FABED96705AA2
Validity
Not Before: Aug 31 06:41:32 2022 GMT
Not After : Aug 31 06:41:32 2024 GMT
Subject: CN=630f029f-f2d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:39:e9:cb:db:23:29:23:8c:18:ef:2b:43:a1:
93:28:d2:48:50:9f:f9:eb:60:d2:a7:6e:35:97:b2:
3c:ce:3d:0f:06:ed:ab:7c:dd:4b:84:ae:a9:e1:7a:
d8:e5:51:d9:a0:5c:05:cf:6e:86:27:56:57:da:00:
43:c3:b2:7e:2b:12:3e:01:d3:29:ca:b2:a8:69:e4:
b5:7f:6f:0d:e3:58:5c:1c:26:92:8c:55:d7:75:0b:
11:61:06:02:9e:ce:7f:3b:54:f7:bf:7c:e9:ea:60:
65:aa:75:7a:0f:9b:fe:90:03:f1:77:d5:40:2a:8f:
b9:71:51:cd:9b:8f:09:79:b6:0d:5c:b9:24:a9:69:
25:fa:68:a4:f3:c0:54:27:c4:79:68:c2:89:b0:cb:
c8:48:89:ff:9a:6f:55:9a:90:ab:40:68:8a:bf:95:
0c:94:e4:20:da:e4:f5:11:1f:20:ae:a1:fc:c1:bf:
88:99:62:af:07:60:c3:da:fa:8f:a0:6d:43:73:8c:
76:80:94:02:a6:9a:9a:9a:0c:33:46:4b:9f:fd:3e:
b2:e6:6f:d2:dd:c9:25:87:67:3a:7e:79:3a:4f:79:
77:b2:b2:b6:27:44:50:36:83:bb:ba:43:a7:c3:ff:
fd:2f:df:d1:17:53:af:02:b2:3c:ff:74:46:14:2d:
37:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:71:26:FC:66:2C:6F:8C:4D:8B:14:DF:DD:7A:D4:32:AB:4E:1B:8F
X509v3 Authority Key Identifier:
keyid:1B:4A:B0:B7:20:D8:39:B7:9A:98:92:32:3B:0F:AB:ED:96:70:5A:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367426A/71A5B18428DC11ED99FF3D8FF1222468/G0qwtyDYObeamJIyOw-r7ZZwWqI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/G0qwtyDYObeamJIyOw-r7ZZwWqI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367426A/71A5B18428DC11ED99FF3D8FF1222468/F4D66FB028F711ED901510E3F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.134.88.0/22
IPv6:
2c0f:ef30::/32
Signature Algorithm: sha256WithRSAEncryption
a4:86:d0:48:94:fc:5c:a7:83:b2:ed:71:c7:a5:06:38:4c:f3:
63:41:50:fd:c1:64:e2:27:16:69:ad:38:54:d6:6a:2b:51:d3:
5e:90:ca:1a:a8:60:93:bd:09:26:21:7b:f8:13:e8:9c:55:3d:
c3:ae:e0:74:4b:71:ec:ea:e0:a5:71:12:e0:44:0b:2f:7a:03:
f1:61:c7:73:96:d1:15:61:f3:94:dd:09:ba:1e:7a:d2:89:04:
6f:b9:a1:e5:ec:57:3a:30:aa:2d:9a:92:b6:f7:92:ba:13:54:
f8:41:6c:9f:0d:9e:0a:85:f0:65:b9:24:f6:40:c9:b1:60:ac:
b0:79:6b:bd:6b:29:77:3e:cd:85:e3:61:3c:4c:a0:42:4c:39:
83:5c:54:98:e1:84:5d:64:64:21:8a:11:c8:9d:42:f6:7b:09:
54:43:30:a5:95:82:e0:e1:9d:1d:3b:91:c7:ab:56:06:dd:ad:
df:a9:9d:32:84:77:9c:3c:50:09:a2:6e:98:b5:fb:cb:e1:8d:
51:a9:40:79:ce:55:b9:78:fb:17:85:11:38:22:50:53:cf:99:
ba:e1:a5:c4:ce:b7:7d:e6:c8:67:27:98:de:ef:e0:68:ff:5f:
bd:21:01:cd:7e:95:2a:68:33:97:0f:8a:99:e6:b7:90:45:a3:
d1:5d:0d:2f
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY3
NDI2QUFGMTEwLwYDVQQFEygxQjRBQjBCNzIwRDgzOUI3OUE5ODkyMzIzQjBGQUJF
RDk2NzA1QUEyMB4XDTIyMDgzMTA2NDEzMloXDTI0MDgzMTA2NDEzMlowGDEWMBQG
A1UEAwwNNjMwZjAyOWYtZjJkMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALg56cvbIykjjBjvK0OhkyjSSFCf+etg0qduNZeyPM49Dwbtq3zdS4SuqeF6
2OVR2aBcBc9uhidWV9oAQ8OyfisSPgHTKcqyqGnktX9vDeNYXBwmkoxV13ULEWEG
Ap7OfztU97986epgZap1eg+b/pAD8XfVQCqPuXFRzZuPCXm2DVy5JKlpJfpopPPA
VCfEeWjCibDLyEiJ/5pvVZqQq0Boir+VDJTkINrk9REfIK6h/MG/iJlirwdgw9r6
j6BtQ3OMdoCUAqaampoMM0ZLn/0+suZv0t3JJYdnOn55Ok95d7KytidEUDaDu7pD
p8P//S/f0RdTrwKyPP90RhQtN70CAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ0cSb8
ZixvjE2LFN/detQyq04bjzAfBgNVHSMEGDAWgBQbSrC3INg5t5qYkjI7D6vtlnBa
ojAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzQyNkEvNzFBNUIxODQyOERDMTFFRDk5RkYzRDhGRjEyMjI0NjgvRzBxd3R5
RFlPYmVhbUpJeU93LXI3Wlp3V3FJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRzBxd3R5RFlPYmVhbUpJeU93LXI3Wlp3V3FJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzQyNkEvNzFBNUIxODQyOERDMTFFRDk5RkYzRDhGRjEy
MjI0NjgvRjRENjZGQjAyOEY3MTFFRDkwMTUxMEUzRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmaGWDANBAIAAjAHAwUALA/v
MDANBgkqhkiG9w0BAQsFAAOCAQEApIbQSJT8XKeDsu1xx6UGOEzzY0FQ/cFk4icW
aa04VNZqK1HTXpDKGqhgk70JJiF7+BPonFU9w67gdEtx7OrgpXES4EQLL3oD8WHH
c5bRFWHzlN0Juh560okEb7mh5exXOjCqLZqStveSuhNU+EFsnw2eCoXwZbkk9kDJ
sWCssHlrvWspdz7NheNhPEygQkw5g1xUmOGEXWRkIYoRyJ1C9nsJVEMwpZWC4OGd
HTuRx6tWBt2t36mdMoR3nDxQCaJumLX7y+GNUalAec5VuXj7F4UROCJQU8+ZuuGl
xM63febIZyeY3u/gaP9fvSEBzX6VKmgzlw+Kmea3kEWj0V0NLw==
-----END CERTIFICATE-----
Generated at Sun Sep 1 04:58:22 2024 by rpki-client on console-ams.rpki-client.org