Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/F8F012FC304111EE9F14B2314AD9E6FC.roa
File: F8F012FC304111EE9F14B2314AD9E6FC.roa (raw, json)
Hash identifier: DlaO/BVH8z65ObL9bd/SlYivQGFEamqpqasNoJOYGbM=
Subject key identifier: 64:54:7C:6B:BE:0E:F4:6A:6F:4F:30:25:80:3D:06:60:2C:49:D3:CD
Certificate issuer: /CN=F36A854FAF/serialNumber=8BE4035BEBC9C83428B5A27BE85BAC966D76E5CB
Certificate serial: A7
Authority key identifier: 8B:E4:03:5B:EB:C9:C8:34:28:B5:A2:7B:E8:5B:AC:96:6D:76:E5:CB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/i-QDW-vJyDQotaJ76Fuslm125cs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/F8F012FC304111EE9F14B2314AD9E6FC.roa
Signing time: Tue 01 Aug 2023 08:04:00 +0000
ROA not before: Tue 01 Aug 2023 08:03:56 +0000
ROA not after: Thu 01 Aug 2024 08:03:56 +0000
asID: 37143
IP address blocks: 41.222.56.0/22 maxlen: 22
41.222.60.0/23 maxlen: 23
41.222.62.0/24 maxlen: 24
41.222.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167 (0xa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A854FAF/serialNumber=8BE4035BEBC9C83428B5A27BE85BAC966D76E5CB
Validity
Not Before: Aug 1 08:03:56 2023 GMT
Not After : Aug 1 08:03:56 2024 GMT
Subject: CN=64c8bc70-a6d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d9:84:be:fc:ec:9d:cc:db:e4:16:b5:c9:70:
c2:c8:ea:54:28:e8:70:e1:ee:2f:cf:1b:f1:eb:3b:
8c:45:9e:90:a3:c4:bc:1b:cf:0b:15:a2:f8:28:33:
8d:10:c5:69:4d:19:fc:69:c5:fc:64:af:49:0d:2a:
2d:ac:1f:6e:3e:57:e5:8e:88:0d:81:d5:e5:c8:6d:
56:05:3e:67:2f:55:ee:b8:2b:6e:9c:0a:74:93:4a:
33:a7:00:fa:3f:5e:40:2d:a2:23:58:0a:b7:4d:7b:
4a:f9:22:53:0c:63:bc:60:74:3f:b4:af:24:4f:6f:
06:30:90:63:18:e2:17:11:17:48:81:25:de:5f:a7:
77:7d:71:cc:b7:01:24:99:2d:2a:b2:ee:9b:dc:bb:
4f:b4:d8:7f:2f:f0:da:c0:97:e0:10:43:7f:ea:83:
6a:c0:ef:5e:76:ec:06:c2:55:e0:2b:ac:c1:c8:80:
94:53:07:3f:6f:67:94:b2:61:7f:74:5f:d0:f7:cd:
0a:b9:2f:66:fd:ba:31:d6:86:ac:40:fa:66:bb:53:
a4:c2:a3:ae:07:21:dd:43:ff:c1:89:01:af:1f:ce:
69:e9:9e:05:18:0f:17:12:77:7d:19:b9:d2:ed:80:
4c:88:50:71:e6:d9:89:76:11:3e:48:fa:93:c0:f1:
5c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:54:7C:6B:BE:0E:F4:6A:6F:4F:30:25:80:3D:06:60:2C:49:D3:CD
X509v3 Authority Key Identifier:
keyid:8B:E4:03:5B:EB:C9:C8:34:28:B5:A2:7B:E8:5B:AC:96:6D:76:E5:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/i-QDW-vJyDQotaJ76Fuslm125cs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/i-QDW-vJyDQotaJ76Fuslm125cs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/F8F012FC304111EE9F14B2314AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.222.56.0/21
Signature Algorithm: sha256WithRSAEncryption
6c:89:bd:59:60:04:56:13:58:ec:9b:98:ae:26:08:f7:b2:ed:
e8:6b:15:bb:d7:5f:c7:38:c4:cd:c8:84:ca:2a:ac:7d:20:f3:
fe:a9:b6:70:9f:89:d9:76:98:59:e4:8d:24:27:e8:2d:6e:c2:
13:88:72:ed:ce:5e:85:2e:b1:19:40:82:4b:43:f2:4b:7f:a9:
b2:5a:3f:0d:fb:5a:a0:71:43:54:9e:b1:1e:86:9e:e1:dc:e6:
fc:2c:50:1d:be:04:b5:89:bd:3c:17:cd:1b:0c:f2:5d:ff:16:
75:58:da:56:65:16:ec:dc:ee:bf:17:02:07:88:3b:f8:09:d8:
ef:f0:2d:1a:26:60:29:ad:6c:a4:ad:f8:fc:d5:07:8a:4a:31:
ee:4a:90:2f:1b:08:22:b0:98:cd:34:1f:35:79:b2:3c:20:fa:
88:29:81:2e:dd:fc:10:57:71:f0:fc:53:da:65:8d:3c:70:88:
e5:a2:e8:ec:41:7b:a4:9f:7a:87:3f:b8:a8:2a:69:d2:2d:ef:
72:cd:65:e5:42:a4:cb:59:c1:e4:c3:6f:59:4e:ec:9c:a6:fc:
b1:17:c6:df:59:9c:b2:9a:a2:a3:e7:de:ca:b0:a4:93:d5:89:
a4:ae:05:82:a1:7d:b5:af:db:40:ac:9f:4c:f8:61:db:a9:fa:
f8:21:ee:20
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAKcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QTg1NEZBRjExMC8GA1UEBRMoOEJFNDAzNUJFQkM5QzgzNDI4QjVBMjdCRTg1QkFD
OTY2RDc2RTVDQjAeFw0yMzA4MDEwODAzNTZaFw0yNDA4MDEwODAzNTZaMBgxFjAU
BgNVBAMTDTY0YzhiYzcwLWE2ZDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDp2YS+/OydzNvkFrXJcMLI6lQo6HDh7i/PG/HrO4xFnpCjxLwbzwsVovgo
M40QxWlNGfxpxfxkr0kNKi2sH24+V+WOiA2B1eXIbVYFPmcvVe64K26cCnSTSjOn
APo/XkAtoiNYCrdNe0r5IlMMY7xgdD+0ryRPbwYwkGMY4hcRF0iBJd5fp3d9ccy3
ASSZLSqy7pvcu0+02H8v8NrAl+AQQ3/qg2rA71527AbCVeArrMHIgJRTBz9vZ5Sy
YX90X9D3zQq5L2b9ujHWhqxA+ma7U6TCo64HId1D/8GJAa8fzmnpngUYDxcSd30Z
udLtgEyIUHHm2Yl2ET5I+pPA8VwlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZFR8
a74O9GpvTzAlgD0GYCxJ080wHwYDVR0jBBgwFoAUi+QDW+vJyDQotaJ76Fuslm12
5cswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE4NTRGLzVFODdDMDQyQjczNDExRURBOEQ0Q0NBNEYxMjIyNDY4L2ktUURX
LXZKeURRb3RhSjc2RnVzbG0xMjVjcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2ktUURXLXZKeURRb3RhSjc2RnVzbG0xMjVjcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE4NTRGLzVFODdDMDQyQjczNDExRURBOEQ0Q0NBNEYx
MjIyNDY4L0Y4RjAxMkZDMzA0MTExRUU5RjE0QjIzMTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMp3jgwDQYJKoZIhvcNAQEL
BQADggEBAGyJvVlgBFYTWOybmK4mCPey7ehrFbvXX8c4xM3IhMoqrH0g8/6ptnCf
idl2mFnkjSQn6C1uwhOIcu3OXoUusRlAgktD8kt/qbJaPw37WqBxQ1SesR6GnuHc
5vwsUB2+BLWJvTwXzRsM8l3/FnVY2lZlFuzc7r8XAgeIO/gJ2O/wLRomYCmtbKSt
+PzVB4pKMe5KkC8bCCKwmM00HzV5sjwg+ogpgS7d/BBXcfD8U9pljTxwiOWi6OxB
e6Sfeoc/uKgqadIt73LNZeVCpMtZweTDb1lO7Jym/LEXxt9ZnLKaoqPn3sqwpJPV
iaSuBYKhfbWv20Csn0z4Ydup+vgh7iA=
-----END CERTIFICATE-----
Generated at Fri Aug 2 05:16:59 2024 by rpki-client on console-fra.rpki-client.org