Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/4E6B94DC0C2011EDB2BC43B0F1222468.roa
File: 4E6B94DC0C2011EDB2BC43B0F1222468.roa (raw, json)
Hash identifier: QYVDi4jZ2V6a+QJAYXTA+sOsJScCYI+wEyCAUW1/ABI=
Subject key identifier: 8E:25:C5:2D:30:41:A4:C0:39:C8:04:83:C4:1B:B9:FF:DA:A2:00:6F
Certificate issuer: /CN=F36974EEAF/serialNumber=9C7A278DAD89ED63E93E25219B4CDA00B1006193
Certificate serial: 0143
Authority key identifier: 9C:7A:27:8D:AD:89:ED:63:E9:3E:25:21:9B:4C:DA:00:B1:00:61:93
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/nHonja2J7WPpPiUhm0zaALEAYZM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/4E6B94DC0C2011EDB2BC43B0F1222468.roa
Signing time: Mon 25 Jul 2022 13:47:21 +0000
ROA not before: Mon 25 Jul 2022 13:47:18 +0000
ROA not after: Mon 24 Jul 2023 13:47:18 +0000
asID: 24691
IP address blocks: 41.207.160.0/19 maxlen: 24
196.168.0.0/14 maxlen: 24
197.148.96.0/19 maxlen: 24
2c0f:f578::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 323 (0x143)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36974EEAF/serialNumber=9C7A278DAD89ED63E93E25219B4CDA00B1006193
Validity
Not Before: Jul 25 13:47:18 2022 GMT
Not After : Jul 24 13:47:18 2023 GMT
Subject: CN=62de9ee9-5a04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7b:33:76:1f:e9:5c:5b:b6:ce:bc:07:61:45:
0e:2c:42:2d:f2:c8:d0:3e:a5:a8:65:53:ce:b8:ca:
f9:bd:5e:0e:7a:81:99:68:1f:19:78:e4:dc:01:80:
49:d6:7b:38:05:d2:51:72:04:b4:4a:14:68:cd:54:
51:6d:31:2d:bb:68:d8:b4:a3:e5:01:07:82:89:2e:
c0:65:a4:e1:55:02:b8:ba:a9:c3:a1:c4:6f:f5:b6:
1e:bb:ce:00:64:91:58:87:2e:50:69:cf:0c:c0:95:
c4:1b:4e:67:9b:6c:3a:80:a2:ad:04:71:9c:49:c9:
1f:ca:d7:2f:06:f6:c0:ab:dd:a9:24:88:98:2a:86:
b3:b3:64:0f:90:a0:8b:e2:3c:0a:b6:97:10:e4:02:
45:35:3c:da:d4:84:1e:ce:be:1d:3c:11:de:19:0d:
01:22:cc:60:eb:f6:a6:5e:73:6c:3b:f9:08:08:1c:
42:c8:6f:33:05:5e:4d:c5:78:da:c9:07:a1:35:77:
e5:64:4b:eb:4a:92:e3:43:2d:da:5f:fe:a3:70:b7:
ed:cd:79:29:ce:ff:da:17:af:64:78:6b:71:92:8d:
30:0e:3b:dd:38:2f:c5:66:36:6d:84:2f:3f:c6:af:
ff:8f:56:0a:53:81:de:31:72:0c:94:bf:a0:4e:5a:
20:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:25:C5:2D:30:41:A4:C0:39:C8:04:83:C4:1B:B9:FF:DA:A2:00:6F
X509v3 Authority Key Identifier:
keyid:9C:7A:27:8D:AD:89:ED:63:E9:3E:25:21:9B:4C:DA:00:B1:00:61:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/nHonja2J7WPpPiUhm0zaALEAYZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/nHonja2J7WPpPiUhm0zaALEAYZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36974EE/FD906910158111ECB0810771D8A014CE/4E6B94DC0C2011EDB2BC43B0F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.207.160.0/19
196.168.0.0/14
197.148.96.0/19
IPv6:
2c0f:f578::/32
Signature Algorithm: sha256WithRSAEncryption
0d:62:17:3d:2d:9b:0f:57:a3:51:5b:80:4e:e9:fd:f4:bc:70:
b1:9f:be:c9:32:74:6f:cb:cd:27:0f:99:18:53:5b:5a:c7:50:
dd:af:9b:4d:79:6c:20:a4:c7:87:33:1b:a7:d9:80:e0:44:a3:
b0:64:21:a7:1a:af:fb:1e:dd:d2:bc:7f:f1:79:b7:da:0a:eb:
c5:d2:3b:50:dd:4b:ec:8c:27:53:68:1c:de:dc:ce:9d:9c:b4:
25:f7:04:7f:ee:7a:71:78:a9:97:e3:d6:27:5c:f4:2d:dc:b3:
d0:a6:d6:95:44:ac:75:e5:a9:78:c5:df:71:84:b8:79:62:21:
35:4a:01:1e:68:4d:32:e3:e2:76:5e:03:e0:6e:f2:78:ad:7d:
ee:8a:96:49:5f:32:6e:26:e8:ff:bc:57:19:31:44:e4:6d:13:
06:51:7b:f2:ef:ee:80:d3:87:2a:34:2a:14:53:94:00:08:b0:
9e:d7:87:92:c2:f1:bc:d2:d7:83:c2:3e:de:7b:5f:91:26:23:
87:9e:d2:8a:d8:92:f6:c9:e4:6b:77:05:04:ee:25:ef:9e:7c:
87:a8:b8:8e:ea:e9:d9:15:35:8b:bf:5a:14:91:4d:68:f8:97:
87:f2:dc:b9:6d:78:ef:87:ec:e1:37:53:16:d2:53:18:85:ab:
c6:d0:05:31
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICAUMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OTc0RUVBRjExMC8GA1UEBRMoOUM3QTI3OERBRDg5RUQ2M0U5M0UyNTIxOUI0Q0RB
MDBCMTAwNjE5MzAeFw0yMjA3MjUxMzQ3MThaFw0yMzA3MjQxMzQ3MThaMBgxFjAU
BgNVBAMMDTYyZGU5ZWU5LTVhMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzezN2H+lcW7bOvAdhRQ4sQi3yyNA+pahlU864yvm9Xg56gZloHxl45NwB
gEnWezgF0lFyBLRKFGjNVFFtMS27aNi0o+UBB4KJLsBlpOFVAri6qcOhxG/1th67
zgBkkViHLlBpzwzAlcQbTmebbDqAoq0EcZxJyR/K1y8G9sCr3akkiJgqhrOzZA+Q
oIviPAq2lxDkAkU1PNrUhB7Ovh08Ed4ZDQEizGDr9qZec2w7+QgIHELIbzMFXk3F
eNrJB6E1d+VkS+tKkuNDLdpf/qNwt+3NeSnO/9oXr2R4a3GSjTAOO904L8VmNm2E
Lz/Gr/+PVgpTgd4xcgyUv6BOWiCPAgMBAAGjggK/MIICuzAdBgNVHQ4EFgQUjiXF
LTBBpMA5yASDxBu5/9qiAG8wHwYDVR0jBBgwFoAUnHonja2J7WPpPiUhm0zaALEA
YZMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk3NEVFL0ZEOTA2OTEwMTU4MTExRUNCMDgxMDc3MUQ4QTAxNENFL25Ib25q
YTJKN1dQcFBpVWhtMHphQUxFQVlaTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL25Ib25qYTJKN1dQcFBpVWhtMHphQUxFQVlaTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk3NEVFL0ZEOTA2OTEwMTU4MTExRUNCMDgxMDc3MUQ4
QTAxNENFLzRFNkI5NERDMEMyMDExRURCMkJDNDNCMEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwOQYIKwYBBQUHAQcBAf8EKjAoMBcEAgABMBEDBAUpz6ADAwLEqAMEBcWUYDAN
BAIAAjAHAwUALA/1eDANBgkqhkiG9w0BAQsFAAOCAQEADWIXPS2bD1ejUVuATun9
9LxwsZ++yTJ0b8vNJw+ZGFNbWsdQ3a+bTXlsIKTHhzMbp9mA4ESjsGQhpxqv+x7d
0rx/8Xm32grrxdI7UN1L7IwnU2gc3tzOnZy0JfcEf+56cXipl+PWJ1z0Ldyz0KbW
lUSsdeWpeMXfcYS4eWIhNUoBHmhNMuPidl4D4G7yeK197oqWSV8ybibo/7xXGTFE
5G0TBlF78u/ugNOHKjQqFFOUAAiwnteHksLxvNLXg8I+3ntfkSYjh57SitiS9snk
a3cFBO4l7558h6i4jurp2RU1i79aFJFNaPiXh/LcuW1474fs4TdTFtJTGIWrxtAF
MQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:22 2024 by rpki-client on console-ams.rpki-client.org