Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36750E0/F1A0BF34EBD511EDA4BAA72A4AD9E6FC/31411BA8F14D11EDA145B6434AD9E6FC.roa
File: 31411BA8F14D11EDA145B6434AD9E6FC.roa (raw, json)
Hash identifier: EsUeW25vgjngCQi867dAGCrEhj4rjKMMFSZnn0fqWRg=
Subject key identifier: 16:64:49:E6:9B:4F:84:76:66:0F:B0:62:48:B9:B7:5A:07:87:20:7D
Certificate issuer: /CN=F36750E0AF/serialNumber=1AC2711DE56051E0CD6701041D1D8204710BDDF5
Certificate serial: 10
Authority key identifier: 1A:C2:71:1D:E5:60:51:E0:CD:67:01:04:1D:1D:82:04:71:0B:DD:F5
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/GsJxHeVgUeDNZwEEHR2CBHEL3fU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36750E0/F1A0BF34EBD511EDA4BAA72A4AD9E6FC/31411BA8F14D11EDA145B6434AD9E6FC.roa
Signing time: Sat 13 May 2023 05:15:36 +0000
ROA not before: Sat 13 May 2023 05:15:33 +0000
ROA not after: Sat 11 May 2024 05:15:33 +0000
asID: 328275
IP address blocks: 102.165.120.0/24 maxlen: 24
102.165.121.0/24 maxlen: 24
102.165.122.0/24 maxlen: 24
102.165.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16 (0x10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36750E0AF/serialNumber=1AC2711DE56051E0CD6701041D1D8204710BDDF5
Validity
Not Before: May 13 05:15:33 2023 GMT
Not After : May 11 05:15:33 2024 GMT
Subject: CN=645f1cf8-9745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0d:1b:a5:a5:72:e9:52:57:b7:cf:e7:e3:78:
bf:dc:eb:ec:f8:d1:74:88:aa:de:cb:90:d4:c7:9b:
7f:b9:f1:b0:c9:69:db:8c:7a:20:e4:a5:67:5b:29:
46:68:d5:a3:55:b4:fc:5e:62:7b:ab:db:c9:c6:17:
75:8f:59:e6:f2:82:d6:05:ce:c2:da:76:0f:c7:92:
3f:87:bb:8b:d4:45:0c:af:72:b9:7c:cf:6e:76:d4:
f5:5c:e9:ea:59:cc:11:29:0f:37:9c:b8:89:b8:ba:
45:37:e1:38:59:c8:b6:11:e4:f6:15:63:c3:f5:70:
d8:fd:75:a2:cd:05:ee:8d:38:77:10:83:23:99:e1:
37:5a:c4:d6:52:60:cc:3d:6e:b9:d7:3d:7a:6d:00:
c0:fa:4b:51:2d:18:cb:74:68:31:9f:a7:8e:7f:1b:
f7:89:4d:6a:2c:57:92:10:57:df:e5:d2:12:b9:43:
13:8a:d5:73:f9:21:c8:07:d4:8f:b8:ba:50:a5:c6:
df:ea:9f:b9:81:a6:9a:af:bb:8e:5a:cb:2a:4d:05:
17:e0:79:b5:27:bd:ab:07:70:d6:cf:60:67:c5:75:
5d:12:31:7b:1a:e7:db:0e:17:82:ed:84:8f:a0:4f:
43:03:1a:87:e7:72:1b:4f:2b:38:02:bf:f0:d7:8f:
41:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:64:49:E6:9B:4F:84:76:66:0F:B0:62:48:B9:B7:5A:07:87:20:7D
X509v3 Authority Key Identifier:
keyid:1A:C2:71:1D:E5:60:51:E0:CD:67:01:04:1D:1D:82:04:71:0B:DD:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36750E0/F1A0BF34EBD511EDA4BAA72A4AD9E6FC/GsJxHeVgUeDNZwEEHR2CBHEL3fU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/GsJxHeVgUeDNZwEEHR2CBHEL3fU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36750E0/F1A0BF34EBD511EDA4BAA72A4AD9E6FC/31411BA8F14D11EDA145B6434AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.165.120.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:6e:b6:18:11:47:4f:66:ac:6e:75:5a:05:7c:c9:2c:23:48:
98:76:fd:79:d4:64:0a:70:ba:b9:04:96:af:1b:a7:8a:c6:a2:
85:e0:bc:28:4e:ae:ad:e9:78:ca:29:67:0b:9f:18:e9:f0:d1:
e2:fe:c7:04:9c:1e:7e:e9:7b:68:c3:dc:3b:cb:6a:74:cc:f3:
16:1e:fb:f2:24:ab:cd:a6:64:07:87:45:7f:3c:15:46:23:af:
2e:99:0e:7a:8a:f1:a5:6d:52:ad:f0:2c:29:c1:cd:a9:83:98:
d5:d7:cd:f4:33:a0:f8:8d:f7:13:b7:5a:1d:69:30:c9:f8:b3:
6d:09:49:3d:10:6a:95:3f:cd:d5:0e:e8:51:fd:28:3f:4d:bd:
e1:28:2d:36:b0:d5:e5:b9:dc:2f:18:62:71:81:92:5b:69:12:
6a:89:90:4d:b7:e7:8e:70:d4:be:44:cf:c1:76:b9:65:59:50:
0b:fb:00:b1:18:44:9f:fb:d4:b4:e1:a4:6a:e2:73:7c:ea:4a:
d1:8c:6c:2b:5d:64:ba:be:73:26:a9:60:4f:72:29:1d:8c:ad:
91:8c:54:aa:7e:2b:c6:90:7c:48:f1:9f:85:c2:61:ee:9f:93:
ca:60:a7:0b:6c:88:ba:e5:fe:6e:bd:2e:ec:aa:e2:5f:36:6c:
49:ec:eb:d8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NTBFMEFGMTEwLwYDVQQFEygxQUMyNzExREU1NjA1MUUwQ0Q2NzAxMDQxRDFEODIw
NDcxMEJEREY1MB4XDTIzMDUxMzA1MTUzM1oXDTI0MDUxMTA1MTUzM1owGDEWMBQG
A1UEAxMNNjQ1ZjFjZjgtOTc0NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcNG6WlculSV7fP5+N4v9zr7PjRdIiq3suQ1Mebf7nxsMlp24x6IOSlZ1sp
RmjVo1W0/F5ie6vbycYXdY9Z5vKC1gXOwtp2D8eSP4e7i9RFDK9yuXzPbnbU9Vzp
6lnMESkPN5y4ibi6RTfhOFnIthHk9hVjw/Vw2P11os0F7o04dxCDI5nhN1rE1lJg
zD1uudc9em0AwPpLUS0Yy3RoMZ+njn8b94lNaixXkhBX3+XSErlDE4rVc/khyAfU
j7i6UKXG3+qfuYGmmq+7jlrLKk0FF+B5tSe9qwdw1s9gZ8V1XRIxexrn2w4Xgu2E
j6BPQwMah+dyG08rOAK/8NePQc8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQWZEnm
m0+EdmYPsGJIubdaB4cgfTAfBgNVHSMEGDAWgBQawnEd5WBR4M1nAQQdHYIEcQvd
9TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzUwRTAvRjFBMEJGMzRFQkQ1MTFFREE0QkFBNzJBNEFEOUU2RkMvR3NKeEhl
VmdVZUROWndFRUhSMkNCSEVMM2ZVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvR3NKeEhlVmdVZUROWndFRUhSMkNCSEVMM2ZVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzUwRTAvRjFBMEJGMzRFQkQ1MTFFREE0QkFBNzJBNEFE
OUU2RkMvMzE0MTFCQThGMTREMTFFREExNDVCNjQzNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmaleDANBgkqhkiG9w0BAQsF
AAOCAQEAPm62GBFHT2asbnVaBXzJLCNImHb9edRkCnC6uQSWrxunisaiheC8KE6u
rel4yilnC58Y6fDR4v7HBJweful7aMPcO8tqdMzzFh778iSrzaZkB4dFfzwVRiOv
LpkOeorxpW1SrfAsKcHNqYOY1dfN9DOg+I33E7daHWkwyfizbQlJPRBqlT/N1Q7o
Uf0oP0294SgtNrDV5bncLxhicYGSW2kSaomQTbfnjnDUvkTPwXa5ZVlQC/sAsRhE
n/vUtOGkauJzfOpK0YxsK11kur5zJqlgT3IpHYytkYxUqn4rxpB8SPGfhcJh7p+T
ymCnC2yIuuX+br0u7KriXzZsSezr2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-ams.rpki-client.org