Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A2CA0/DFAEDC70AC9F11EA8B649748F8AEA228/0118E46AACAE11EABFE4FF56F8AEA228.roa
File: 0118E46AACAE11EABFE4FF56F8AEA228.roa (raw, json)
Hash identifier: 9AZtH2HtaEIRW9REEg3P0dn1XAnkXqit9jvspcSjtQA=
Subject key identifier: 27:64:C4:58:21:DE:C7:B2:E6:DD:6F:24:9B:A2:CE:FE:56:A0:AF:AB
Certificate issuer: /CN=F36A2CA0AF/serialNumber=A93C93A03846A868C1651C83FD59A89DB480544E
Certificate serial: 04
Authority key identifier: A9:3C:93:A0:38:46:A8:68:C1:65:1C:83:FD:59:A8:9D:B4:80:54:4E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/qTyToDhGqGjBZRyD_VmonbSAVE4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A2CA0/DFAEDC70AC9F11EA8B649748F8AEA228/0118E46AACAE11EABFE4FF56F8AEA228.roa
Signing time: Fri 12 Jun 2020 13:09:53 +0000
ROA not before: Fri 12 Jun 2020 13:09:48 +0000
ROA not after: Thu 01 Jun 2023 13:09:48 +0000
asID: 37211
IP address blocks: 41.78.108.0/22 maxlen: 22
41.78.108.0/23 maxlen: 23
41.78.108.0/24 maxlen: 24
41.78.109.0/24 maxlen: 24
41.78.110.0/23 maxlen: 23
41.78.110.0/24 maxlen: 24
41.78.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A2CA0AF
Validity
Not Before: Jun 12 13:09:48 2020 GMT
Not After : Jun 1 13:09:48 2023 GMT
Subject: CN=5ee37ea1-0199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f1:4c:e9:ce:f1:6d:98:5c:02:f5:e0:79:00:
55:d8:e7:10:d7:d7:00:e6:41:5a:de:dd:a2:4c:b6:
53:5f:ae:5e:41:35:0c:34:46:fb:fe:59:3c:82:e2:
6d:f7:5f:6d:b5:5a:91:b3:ed:2d:d9:2d:c4:07:83:
e5:ca:b2:f2:5a:dc:ba:7d:e0:41:a3:0a:00:ac:34:
54:da:45:a6:eb:11:c6:d1:dd:69:69:d1:39:0f:e5:
e7:77:af:44:9d:ab:1f:af:7e:3d:0d:fa:cf:d6:4f:
92:fd:34:0e:88:e7:0b:f3:07:86:9e:4a:c3:3c:6a:
ba:c1:95:7b:82:0d:45:86:7a:32:a5:34:8e:5d:3d:
4b:19:a6:2d:1c:fc:26:c6:92:ad:ec:fd:be:88:cf:
76:e4:ad:d1:d4:77:82:64:f4:20:13:bc:3e:c5:1e:
18:1f:ec:a1:ef:6d:42:7e:67:c8:53:a8:d0:00:7c:
29:bb:51:72:27:c1:31:7b:4d:8a:bf:3f:c6:9d:b3:
c5:95:a0:46:67:04:6e:2c:5f:0e:08:3e:cf:56:71:
10:f8:f3:a3:a4:be:31:fa:a7:8d:31:22:c1:e7:e1:
61:6f:8e:a6:b6:e7:ba:95:cc:30:f9:0f:a2:ae:43:
d9:20:28:b2:3b:4b:b4:f2:97:e1:04:46:c9:17:ca:
2c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:64:C4:58:21:DE:C7:B2:E6:DD:6F:24:9B:A2:CE:FE:56:A0:AF:AB
X509v3 Authority Key Identifier:
keyid:A9:3C:93:A0:38:46:A8:68:C1:65:1C:83:FD:59:A8:9D:B4:80:54:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A2CA0/DFAEDC70AC9F11EA8B649748F8AEA228/qTyToDhGqGjBZRyD_VmonbSAVE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qTyToDhGqGjBZRyD_VmonbSAVE4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A2CA0/DFAEDC70AC9F11EA8B649748F8AEA228/0118E46AACAE11EABFE4FF56F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.78.108.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:49:4f:36:a7:f5:fc:80:e5:88:74:56:4d:6c:e9:d0:46:24:
12:33:96:a5:44:75:47:86:54:7e:0d:b0:9a:c0:46:5f:3d:ab:
5d:fe:73:83:b8:cd:1b:51:be:b2:ba:16:3d:e4:4a:92:12:9c:
d1:b9:4f:10:69:71:a5:02:0c:aa:16:72:b9:82:c2:af:22:65:
84:c2:1a:19:01:d3:75:70:af:5c:3b:07:8f:bb:12:9a:81:23:
61:0f:38:52:b0:5c:35:73:98:82:f9:d3:cf:52:81:df:f9:d8:
aa:39:df:ba:74:fa:86:d6:12:4f:a9:06:57:b2:fb:8f:f0:0e:
13:52:df:6f:e7:c1:cd:3b:34:6a:6b:de:ce:c9:00:d7:67:82:
4c:f6:aa:c7:13:86:34:9e:a7:78:ab:4b:6e:21:e0:f1:a0:83:
bd:86:75:10:95:4d:88:39:d2:d9:e6:b1:17:aa:e6:ea:6a:4b:
a0:24:76:2b:2a:75:6d:25:cc:0f:1d:25:4e:d7:6c:0f:25:2c:
0c:f0:5f:ef:e4:1f:bd:e7:7b:79:d1:2a:e3:ee:12:d6:f6:65:
1c:7d:13:df:ac:d6:cc:25:99:5d:2d:fe:85:0e:50:93:ad:b7:
52:6a:84:12:d1:16:18:0c:6c:1c:b5:f0:8c:d2:c4:b5:5c:4b:
8f:dc:94:72
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
MkNBMEFGMTEwLwYDVQQFEyhBOTNDOTNBMDM4NDZBODY4QzE2NTFDODNGRDU5QTg5
REI0ODA1NDRFMB4XDTIwMDYxMjEzMDk0OFoXDTIzMDYwMTEzMDk0OFowGDEWMBQG
A1UEAxMNNWVlMzdlYTEtMDE5OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrxTOnO8W2YXAL14HkAVdjnENfXAOZBWt7doky2U1+uXkE1DDRG+/5ZPILi
bfdfbbVakbPtLdktxAeD5cqy8lrcun3gQaMKAKw0VNpFpusRxtHdaWnROQ/l53ev
RJ2rH69+PQ36z9ZPkv00DojnC/MHhp5KwzxqusGVe4INRYZ6MqU0jl09SxmmLRz8
JsaSrez9vojPduSt0dR3gmT0IBO8PsUeGB/soe9tQn5nyFOo0AB8KbtRcifBMXtN
ir8/xp2zxZWgRmcEbixfDgg+z1ZxEPjzo6S+MfqnjTEiwefhYW+OprbnupXMMPkP
oq5D2SAosjtLtPKX4QRGyRfKLAcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQnZMRY
Id7HsubdbySbos7+VqCvqzAfBgNVHSMEGDAWgBSpPJOgOEaoaMFlHIP9WaidtIBU
TjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTJDQTAvREZBRURDNzBBQzlGMTFFQThCNjQ5NzQ4RjhBRUEyMjgvcVR5VG9E
aEdxR2pCWlJ5RF9WbW9uYlNBVkU0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcVR5VG9EaEdxR2pCWlJ5RF9WbW9uYlNBVkU0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTJDQTAvREZBRURDNzBBQzlGMTFFQThCNjQ5NzQ4RjhB
RUEyMjgvMDExOEU0NkFBQ0FFMTFFQUJGRTRGRjU2RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAilObDANBgkqhkiG9w0BAQsF
AAOCAQEAtUlPNqf1/IDliHRWTWzp0EYkEjOWpUR1R4ZUfg2wmsBGXz2rXf5zg7jN
G1G+sroWPeRKkhKc0blPEGlxpQIMqhZyuYLCryJlhMIaGQHTdXCvXDsHj7sSmoEj
YQ84UrBcNXOYgvnTz1KB3/nYqjnfunT6htYST6kGV7L7j/AOE1Lfb+fBzTs0amve
zskA12eCTPaqxxOGNJ6neKtLbiHg8aCDvYZ1EJVNiDnS2eaxF6rm6mpLoCR2Kyp1
bSXMDx0lTtdsDyUsDPBf7+Qfved7edEq4+4S1vZlHH0T36zWzCWZXS3+hQ5Qk623
UmqEEtEWGAxsHLXwjNLEtVxLj9yUcg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:53:33 2025 by rpki-client