Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/8A99B1E8BCA511ECA4FC856E5A40D577.roa
File: 8A99B1E8BCA511ECA4FC856E5A40D577.roa (raw, json)
Hash identifier: 4BSg5ohjuYjQZfHvKb2zIMjW4w8iaOT5XneBgcSEIts=
Subject key identifier: E7:DC:40:83:0F:F6:09:2F:8B:8D:3A:08:39:3C:03:EF:9A:F4:16:23
Certificate issuer: /CN=F36AB1CDAF/serialNumber=35EC3294282FA7A35478F82F9094B03FE2606FB6
Certificate serial: 02E8
Authority key identifier: 35:EC:32:94:28:2F:A7:A3:54:78:F8:2F:90:94:B0:3F:E2:60:6F:B6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/NewylCgvp6NUePgvkJSwP-Jgb7Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/8A99B1E8BCA511ECA4FC856E5A40D577.roa
Signing time: Fri 15 Apr 2022 10:19:32 +0000
ROA not before: Fri 15 Apr 2022 10:19:27 +0000
ROA not after: Mon 15 Apr 2024 10:19:27 +0000
asID: 328266
IP address blocks: 102.135.240.0/21 maxlen: 24
2c0f:ef18::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 744 (0x2e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36AB1CDAF/serialNumber=35EC3294282FA7A35478F82F9094B03FE2606FB6
Validity
Not Before: Apr 15 10:19:27 2022 GMT
Not After : Apr 15 10:19:27 2024 GMT
Subject: CN=625946b4-2b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cb:ec:34:96:0f:f1:5b:e9:cc:14:ab:d6:47:
04:ed:ae:38:80:e1:89:d9:61:1d:7b:1c:ef:69:b6:
cb:a4:69:a5:b7:c9:ab:93:4c:eb:5e:b6:44:e9:74:
e4:b0:93:b9:52:04:14:ea:09:1e:80:72:ee:01:7d:
99:7c:11:e1:cc:0f:c1:ed:82:0d:da:d4:8d:40:27:
7e:47:45:86:35:8d:62:3b:87:a8:6c:6d:e4:32:7e:
fe:9d:26:94:43:2e:f6:d1:4d:c3:d7:ed:56:0b:cd:
ca:ed:27:82:b5:06:29:1a:c4:52:0b:af:0d:d2:27:
8a:a6:2b:ce:29:45:10:fd:eb:6c:ba:a4:52:27:50:
d6:19:55:31:02:a4:80:1f:07:12:c7:84:34:fb:05:
2b:89:dc:92:92:8a:b7:84:97:23:5f:90:84:0e:38:
ff:73:39:d3:b0:55:f1:ae:71:d6:0a:2c:7c:58:c4:
fe:9b:b2:37:e8:f8:5d:aa:35:c6:9d:c6:9b:d7:6e:
dc:db:dd:43:f2:ba:a6:59:46:00:90:f2:5e:eb:cd:
ff:55:5d:b8:0f:27:6b:da:21:33:f9:c2:5d:4e:ec:
76:83:36:7e:a7:2a:22:9b:d9:2d:c2:35:8a:9a:33:
51:70:e9:ca:c2:2b:94:77:72:63:7b:a0:ab:fd:94:
6c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:DC:40:83:0F:F6:09:2F:8B:8D:3A:08:39:3C:03:EF:9A:F4:16:23
X509v3 Authority Key Identifier:
keyid:35:EC:32:94:28:2F:A7:A3:54:78:F8:2F:90:94:B0:3F:E2:60:6F:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/NewylCgvp6NUePgvkJSwP-Jgb7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/NewylCgvp6NUePgvkJSwP-Jgb7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/8A99B1E8BCA511ECA4FC856E5A40D577.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.135.240.0/21
IPv6:
2c0f:ef18::/32
Signature Algorithm: sha256WithRSAEncryption
61:05:a3:b2:68:3b:0a:c5:0a:f1:9e:1a:fe:b4:d4:62:fe:8a:
75:34:ea:c7:44:1e:49:43:d1:03:b4:9c:73:8f:6b:a1:64:33:
80:02:74:ad:26:57:4f:57:51:5f:1d:96:e6:08:b5:d6:99:60:
f8:59:ed:d9:71:43:5f:ef:4c:3c:5e:fe:67:94:07:38:ed:0b:
19:e9:96:17:29:89:3b:22:8a:6c:f3:4e:6b:7a:68:72:23:38:
e5:2e:6e:57:0b:ca:33:5d:d4:85:2a:e0:1a:e0:46:80:1b:0d:
a4:d9:d6:b8:9d:89:db:7b:e2:90:e9:23:31:44:da:e3:9d:59:
9a:99:2c:e1:67:6c:37:5f:8b:11:b9:57:8d:bb:c1:e8:24:04:
00:02:36:5c:d6:02:21:86:ac:cf:5c:7b:af:4e:07:57:25:a9:
59:b8:40:c2:35:da:7e:02:2d:d1:40:2a:6c:11:8f:82:c7:d8:
d3:03:dd:37:38:1b:a3:52:15:4d:3e:22:72:ce:c5:5d:b7:4a:
aa:65:04:0b:a3:17:17:c5:98:d3:e7:f3:0c:6c:fe:ee:ae:08:
f6:02:49:8a:ca:26:3a:86:b7:58:ef:98:62:ee:dd:6c:4e:8b:
9a:c5:bb:5f:ff:2e:db:86:01:dd:76:94:6e:98:54:6f:17:b1:
cb:eb:67:8b
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAugwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QUIxQ0RBRjExMC8GA1UEBRMoMzVFQzMyOTQyODJGQTdBMzU0NzhGODJGOTA5NEIw
M0ZFMjYwNkZCNjAeFw0yMjA0MTUxMDE5MjdaFw0yNDA0MTUxMDE5MjdaMBgxFjAU
BgNVBAMMDTYyNTk0NmI0LTJiMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0y+w0lg/xW+nMFKvWRwTtrjiA4YnZYR17HO9ptsukaaW3yauTTOtetkTp
dOSwk7lSBBTqCR6Acu4BfZl8EeHMD8Htgg3a1I1AJ35HRYY1jWI7h6hsbeQyfv6d
JpRDLvbRTcPX7VYLzcrtJ4K1BikaxFILrw3SJ4qmK84pRRD962y6pFInUNYZVTEC
pIAfBxLHhDT7BSuJ3JKSireElyNfkIQOOP9zOdOwVfGucdYKLHxYxP6bsjfo+F2q
NcadxpvXbtzb3UPyuqZZRgCQ8l7rzf9VXbgPJ2vaITP5wl1O7HaDNn6nKiKb2S3C
NYqaM1Fw6crCK5R3cmN7oKv9lGwFAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQU59xA
gw/2CS+LjToIOTwD75r0FiMwHwYDVR0jBBgwFoAUNewylCgvp6NUePgvkJSwP+Jg
b7YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkFCMUNELzlENDlCOTI2ODFCQzExRUE5MkQ4NDg1RUY4QUVBMjI4L05ld3ls
Q2d2cDZOVWVQZ3ZrSlN3UC1KZ2I3WS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL05ld3lsQ2d2cDZOVWVQZ3ZrSlN3UC1KZ2I3WS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkFCMUNELzlENDlCOTI2ODFCQzExRUE5MkQ4NDg1RUY4
QUVBMjI4LzhBOTlCMUU4QkNBNTExRUNBNEZDODU2RTVBNDBENTc3LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBANmh/AwDQQCAAIwBwMFACwP
7xgwDQYJKoZIhvcNAQELBQADggEBAGEFo7JoOwrFCvGeGv601GL+inU06sdEHklD
0QO0nHOPa6FkM4ACdK0mV09XUV8dluYItdaZYPhZ7dlxQ1/vTDxe/meUBzjtCxnp
lhcpiTsiimzzTmt6aHIjOOUublcLyjNd1IUq4BrgRoAbDaTZ1rididt74pDpIzFE
2uOdWZqZLOFnbDdfixG5V427wegkBAACNlzWAiGGrM9ce69OB1clqVm4QMI12n4C
LdFAKmwRj4LH2NMD3Tc4G6NSFU0+InLOxV23SqplBAujFxfFmNPn8wxs/u6uCPYC
SYrKJjqGt1jvmGLu3WxOi5rFu1//LtuGAd12lG6YVG8XscvrZ4s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:22 2024 by rpki-client on console-ams.rpki-client.org