Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/B0BDBA285F8111EFBC8DCE7A762E951A.roa
File: B0BDBA285F8111EFBC8DCE7A762E951A.roa (raw, json)
Hash identifier: fGI5+B+rb8J7fFQV2U8NXy7gcxYfzoE/rKWuq+HO10s=
Subject key identifier: 5D:D9:1D:6B:5A:EE:CA:8A:4A:05:EB:23:74:32:B5:C7:87:C5:B7:3C
Certificate issuer: /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial: 0599
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/B0BDBA285F8111EFBC8DCE7A762E951A.roa
Signing time: Wed 21 Aug 2024 05:53:29 +0000
ROA not before: Wed 21 Aug 2024 05:53:24 +0000
ROA not after: Fri 30 Aug 2024 05:53:24 +0000
asID: 137897
IP address blocks: 102.177.186.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1433 (0x599)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Validity
Not Before: Aug 21 05:53:24 2024 GMT
Not After : Aug 30 05:53:24 2024 GMT
Subject: CN=66c580d9-d680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:19:db:a4:ae:c9:b2:f5:64:98:73:42:ad:5d:
36:68:83:23:02:82:c3:b8:f9:b1:3f:ac:e2:89:d0:
a4:5c:80:1f:df:de:12:a4:d8:0b:8b:af:c9:6b:35:
9b:25:a8:90:0c:06:27:f4:c0:0c:61:9c:19:47:65:
e2:2d:fd:9f:26:36:02:51:37:59:a3:b2:21:53:93:
15:a5:cc:7b:8a:cd:ed:72:5e:df:31:91:19:76:4a:
cb:06:8a:a4:61:ee:95:d9:b3:56:49:e8:75:f8:18:
63:75:f9:fc:7c:46:d7:39:7b:aa:94:99:00:b8:db:
57:0b:1c:a9:f9:79:6a:50:73:ac:04:c2:69:3e:c1:
8a:0e:72:57:f5:e0:ca:6a:7b:94:90:31:23:61:c7:
ba:93:2a:11:d9:55:10:3b:fe:1f:9b:81:f4:38:e6:
cf:aa:4c:8a:00:5b:74:89:04:9d:15:c9:7c:95:1b:
b9:c9:88:48:e8:1e:21:21:ad:e2:70:8c:93:3f:a4:
c8:7f:a0:66:c7:bc:bb:46:a7:94:f6:6f:d5:ec:7b:
0a:2f:36:8b:8f:03:b2:43:3b:c2:d7:3c:a0:71:05:
e8:c6:37:6f:33:73:b6:b4:bc:00:3a:6b:06:60:b6:
97:0e:f1:d3:7e:ac:41:01:81:dc:01:a5:0b:a4:e0:
ed:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D9:1D:6B:5A:EE:CA:8A:4A:05:EB:23:74:32:B5:C7:87:C5:B7:3C
X509v3 Authority Key Identifier:
keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/B0BDBA285F8111EFBC8DCE7A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.186.0/23
Signature Algorithm: sha256WithRSAEncryption
65:37:d9:94:fb:0c:3d:6a:f1:9b:7c:09:93:10:08:45:e6:a2:
b5:30:2e:98:a1:2a:e1:45:77:23:fa:85:3e:04:ac:eb:33:d1:
7c:28:d1:ff:c0:8b:11:2f:b1:8c:fb:ac:27:02:37:5e:96:64:
b7:ab:4c:9c:64:7f:ec:30:c9:ae:ba:52:05:4a:69:ee:86:8e:
85:80:8e:e4:be:e7:b1:59:88:63:9a:ad:0b:b2:f8:53:14:be:
41:47:c5:68:cd:df:b1:e7:a9:3f:e8:67:5d:7a:57:c5:17:8c:
80:13:65:8d:18:22:bc:d0:5e:bf:35:71:78:1f:71:58:5b:6d:
42:76:15:61:57:81:62:30:1b:de:37:04:52:9b:aa:cc:81:a3:
26:be:fc:af:f8:04:1d:a7:9b:02:23:9a:b7:12:49:03:f3:ed:
ff:ee:81:75:3a:d9:28:56:d1:59:4d:94:6f:b2:d4:1a:14:d3:
32:b3:17:f6:7a:8b:4b:9b:33:d4:3d:a6:56:d7:5d:7b:8b:c2:
6e:8d:4c:c1:61:be:8a:ec:c5:fe:45:d6:17:5f:52:35:b2:24:
16:ee:75:eb:19:b0:0c:0b:a7:f9:25:8b:e6:0f:7f:ea:24:7e:
56:ea:42:2f:21:72:0c:44:d7:b6:d3:33:d8:ac:92:39:2f:93:
c6:65:f2:fb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBZkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNDA4MjEwNTUzMjRaFw0yNDA4MzAwNTUzMjRaMBgxFjAU
BgNVBAMTDTY2YzU4MGQ5LWQ2ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQClGdukrsmy9WSYc0KtXTZogyMCgsO4+bE/rOKJ0KRcgB/f3hKk2AuLr8lr
NZslqJAMBif0wAxhnBlHZeIt/Z8mNgJRN1mjsiFTkxWlzHuKze1yXt8xkRl2SssG
iqRh7pXZs1ZJ6HX4GGN1+fx8Rtc5e6qUmQC421cLHKn5eWpQc6wEwmk+wYoOclf1
4Mpqe5SQMSNhx7qTKhHZVRA7/h+bgfQ45s+qTIoAW3SJBJ0VyXyVG7nJiEjoHiEh
reJwjJM/pMh/oGbHvLtGp5T2b9XsewovNouPA7JDO8LXPKBxBejGN28zc7a0vAA6
awZgtpcO8dN+rEEBgdwBpQuk4O2PAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUXdkd
a1ruyopKBesjdDK1x4fFtzwwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4L0IwQkRCQTI4NUY4MTExRUZCQzhEQ0U3QTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFmsbowDQYJKoZIhvcNAQEL
BQADggEBAGU32ZT7DD1q8Zt8CZMQCEXmorUwLpihKuFFdyP6hT4ErOsz0Xwo0f/A
ixEvsYz7rCcCN16WZLerTJxkf+wwya66UgVKae6GjoWAjuS+57FZiGOarQuy+FMU
vkFHxWjN37HnqT/oZ116V8UXjIATZY0YIrzQXr81cXgfcVhbbUJ2FWFXgWIwG943
BFKbqsyBoya+/K/4BB2nmwIjmrcSSQPz7f/ugXU62ShW0VlNlG+y1BoU0zKzF/Z6
i0ubM9Q9plbXXXuLwm6NTMFhvorsxf5F1hdfUjWyJBbudesZsAwLp/kli+YPf+ok
flbqQi8hcgxE17bTM9iskjkvk8Zl8vs=
-----END CERTIFICATE-----
Generated at Sat Aug 31 04:06:45 2024 by rpki-client on console-fra.rpki-client.org