Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/3842D31C2DBA11EDBB92EDB5F1222468.roa
File: 3842D31C2DBA11EDBB92EDB5F1222468.roa (raw, json)
Hash identifier: xhozz2cBl/zusmMfxxap3x1YvuJZ9uxbf7Fa6GZK8Hs=
Subject key identifier: D3:EE:B5:0D:04:1B:62:AB:F7:9A:01:03:9B:A9:1C:DD:87:49:E1:FE
Certificate issuer: /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial: 0233
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/3842D31C2DBA11EDBB92EDB5F1222468.roa
Signing time: Tue 06 Sep 2022 08:02:15 +0000
ROA not before: Tue 06 Sep 2022 08:02:11 +0000
ROA not after: Mon 31 Jul 2023 08:02:11 +0000
asID: 22724
IP address blocks: 102.177.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 563 (0x233)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Validity
Not Before: Sep 6 08:02:11 2022 GMT
Not After : Jul 31 08:02:11 2023 GMT
Subject: CN=6316fe87-46f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:32:9e:1c:c6:49:1c:61:2e:f4:fb:84:43:d0:
22:d8:a7:44:d8:34:0a:14:28:2d:67:bb:3e:9a:79:
45:d9:2f:81:3b:21:84:44:a3:56:67:84:3e:21:4e:
cb:89:42:a9:c7:13:01:24:ec:3b:cc:64:98:10:a2:
60:ca:97:81:e6:2c:21:b7:1a:68:f1:4d:ea:0c:0c:
ac:e4:af:59:09:22:0b:41:97:93:16:a4:94:11:aa:
fa:d3:fd:21:11:78:9c:3a:0e:90:63:1a:54:6e:9f:
66:8e:ee:85:fe:5f:9e:f1:51:da:c5:cf:2b:f9:af:
c5:44:f2:97:b2:56:48:70:91:fe:6c:fe:a0:fd:24:
25:57:c0:6f:92:3b:40:b6:7a:bf:38:5d:c1:f0:30:
7f:a2:0d:54:7a:b9:89:ac:49:b9:54:1d:9c:f2:5c:
63:2d:c3:9e:ce:c9:41:0c:d1:89:3d:19:18:6c:3a:
1d:89:49:21:8f:c7:a4:a6:ce:00:7f:c9:e7:7f:6f:
f8:cc:53:71:26:3d:b0:3b:15:71:61:71:77:42:0e:
b4:af:6e:a0:85:d9:d5:55:46:5a:ac:4b:aa:be:29:
0b:c4:60:ef:61:89:c4:f2:19:21:0c:ed:a2:aa:59:
70:d0:17:73:fc:b7:68:6f:68:22:55:c4:f3:f8:32:
9c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:EE:B5:0D:04:1B:62:AB:F7:9A:01:03:9B:A9:1C:DD:87:49:E1:FE
X509v3 Authority Key Identifier:
keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/3842D31C2DBA11EDBB92EDB5F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.168.0/24
Signature Algorithm: sha256WithRSAEncryption
db:0d:05:e3:31:ac:21:e2:12:5f:4e:2d:b0:69:00:dc:41:f0:
19:d4:88:e9:ac:36:0e:69:2f:bc:c6:91:ae:e2:62:b1:29:1f:
b8:13:da:7e:15:ac:3e:10:f1:e9:8b:90:64:70:17:3b:15:b0:
c4:58:39:d4:09:a7:05:ff:bb:7a:70:5d:9f:dc:a6:49:70:4d:
8c:ec:6f:e2:fc:48:0b:6d:e8:58:10:4f:67:b3:47:f7:89:e6:
ac:32:04:93:0b:62:e4:17:9b:83:49:97:1e:f7:c8:36:3f:da:
b2:61:3e:e8:b1:dc:66:8a:28:25:56:fe:66:2a:fa:f1:1b:ec:
04:5e:07:4c:bf:be:f1:36:68:18:f1:cb:66:3b:0e:cf:43:e6:
bf:f6:f5:b2:7d:b6:30:5b:0f:33:08:8c:72:c3:84:e5:90:cd:
7a:81:49:23:f6:37:3e:48:81:d4:2b:d4:1a:27:a6:01:6d:bb:
fd:7e:d6:a5:27:b8:c9:28:d4:31:e9:2e:fc:ea:20:f7:9c:9d:
7f:7e:dc:50:62:4e:53:39:61:b9:1b:ec:50:d0:da:c9:c6:4a:
31:c1:77:fa:15:47:6f:3c:54:9b:af:31:a7:12:36:6d:7e:a9:
ff:7c:59:a6:d0:ec:3a:13:71:78:4d:53:57:70:50:df:65:02:
22:f6:98:b4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAjMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yMjA5MDYwODAyMTFaFw0yMzA3MzEwODAyMTFaMBgxFjAU
BgNVBAMMDTYzMTZmZTg3LTQ2ZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQChMp4cxkkcYS70+4RD0CLYp0TYNAoUKC1nuz6aeUXZL4E7IYREo1ZnhD4h
TsuJQqnHEwEk7DvMZJgQomDKl4HmLCG3GmjxTeoMDKzkr1kJIgtBl5MWpJQRqvrT
/SEReJw6DpBjGlRun2aO7oX+X57xUdrFzyv5r8VE8peyVkhwkf5s/qD9JCVXwG+S
O0C2er84XcHwMH+iDVR6uYmsSblUHZzyXGMtw57OyUEM0Yk9GRhsOh2JSSGPx6Sm
zgB/yed/b/jMU3EmPbA7FXFhcXdCDrSvbqCF2dVVRlqsS6q+KQvEYO9hicTyGSEM
7aKqWXDQF3P8t2hvaCJVxPP4MpwBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU0+61
DQQbYqv3mgEDm6kc3YdJ4f4wHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzM4NDJEMzFDMkRCQTExRURCQjkyRURCNUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsagwDQYJKoZIhvcNAQEL
BQADggEBANsNBeMxrCHiEl9OLbBpANxB8BnUiOmsNg5pL7zGka7iYrEpH7gT2n4V
rD4Q8emLkGRwFzsVsMRYOdQJpwX/u3pwXZ/cpklwTYzsb+L8SAtt6FgQT2ezR/eJ
5qwyBJMLYuQXm4NJlx73yDY/2rJhPuix3GaKKCVW/mYq+vEb7AReB0y/vvE2aBjx
y2Y7Ds9D5r/29bJ9tjBbDzMIjHLDhOWQzXqBSSP2Nz5IgdQr1BonpgFtu/1+1qUn
uMko1DHpLvzqIPecnX9+3FBiTlM5Ybkb7FDQ2snGSjHBd/oVR288VJuvMacSNm1+
qf98WabQ7DoTcXhNU1dwUN9lAiL2mLQ=
-----END CERTIFICATE-----
Generated at Mon Jul 31 15:47:36 2023 by rpki-client on console-fra.rpki-client.org