Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/C870D29681BD11EAAFBA935FF8AEA228.roa
File: C870D29681BD11EAAFBA935FF8AEA228.roa (raw, json)
Hash identifier: 1t/Tzp+1N5Gahxk3ov7l2fqBIzclGfsFNb67vgMGuQw=
Subject key identifier: 09:F6:AE:E0:B9:FA:C5:11:68:10:24:59:D6:92:6A:B7:28:87:5E:F7
Certificate issuer: /CN=F36AB1CDAF/serialNumber=35EC3294282FA7A35478F82F9094B03FE2606FB6
Certificate serial: 05
Authority key identifier: 35:EC:32:94:28:2F:A7:A3:54:78:F8:2F:90:94:B0:3F:E2:60:6F:B6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/NewylCgvp6NUePgvkJSwP-Jgb7Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/C870D29681BD11EAAFBA935FF8AEA228.roa
Signing time: Sat 18 Apr 2020 21:44:31 +0000
ROA not before: Sat 18 Apr 2020 21:44:24 +0000
ROA not after: Mon 18 Apr 2022 21:44:24 +0000
asID: 328266
IP address blocks: 102.135.240.0/21 maxlen: 24
2c0f:ef18::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36AB1CDAF/serialNumber=35EC3294282FA7A35478F82F9094B03FE2606FB6
Validity
Not Before: Apr 18 21:44:24 2020 GMT
Not After : Apr 18 21:44:24 2022 GMT
Subject: CN=5e9b74be-034e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:db:f9:e8:c9:be:ee:fc:ec:42:61:ff:f1:33:
00:eb:9b:29:26:cc:3c:3b:1c:ad:13:6c:7b:31:72:
4e:b0:19:69:b5:81:99:3f:4b:70:9d:1d:ff:6c:dc:
93:09:d3:5e:77:0c:6a:59:2e:f1:e0:2d:b3:fa:27:
59:0c:c3:60:a5:6e:de:2d:13:41:71:95:50:9f:44:
4c:b8:da:15:51:06:15:8b:73:6e:61:ae:3d:52:54:
45:81:83:0c:21:ff:62:e2:9d:1d:10:a8:0d:39:02:
a3:84:07:97:85:05:d0:e6:4b:6f:92:e4:53:a2:53:
b2:90:72:e4:80:47:38:50:67:f5:07:99:11:b9:48:
84:61:32:cb:32:85:e8:33:b4:53:bb:b8:a0:14:03:
35:fb:de:9d:56:f5:17:36:35:54:41:ab:be:56:05:
14:c6:5d:73:5a:5b:62:fc:85:7c:77:11:13:2c:bf:
81:6f:2d:1d:c4:76:73:1a:5c:58:bf:b4:2d:50:da:
e1:4e:b1:46:73:7e:57:23:ec:9a:2b:02:3e:82:42:
6a:12:74:7a:cc:dd:93:30:79:aa:1b:b8:93:5f:5b:
70:1e:5d:5f:86:8e:24:74:3a:3c:cd:c4:c1:3e:a1:
12:b9:9d:6b:6c:eb:4d:43:b8:82:0b:3f:18:a1:e7:
7c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F6:AE:E0:B9:FA:C5:11:68:10:24:59:D6:92:6A:B7:28:87:5E:F7
X509v3 Authority Key Identifier:
keyid:35:EC:32:94:28:2F:A7:A3:54:78:F8:2F:90:94:B0:3F:E2:60:6F:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/NewylCgvp6NUePgvkJSwP-Jgb7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/NewylCgvp6NUePgvkJSwP-Jgb7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AB1CD/9D49B92681BC11EA92D8485EF8AEA228/C870D29681BD11EAAFBA935FF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.135.240.0/21
IPv6:
2c0f:ef18::/32
Signature Algorithm: sha256WithRSAEncryption
01:06:a1:62:45:49:89:4b:90:89:8f:58:8e:5d:e1:c3:49:f4:
9e:07:29:b3:e2:e9:6a:1e:54:d0:37:46:46:1a:92:9d:b2:fb:
d6:1a:22:a3:4f:32:67:ea:d5:e1:01:2e:06:85:b2:47:74:f2:
71:59:6b:b2:b9:7a:bd:3f:ee:b6:53:93:0d:de:09:02:67:c6:
9d:3d:9b:14:d5:85:8f:97:1b:04:36:39:02:10:88:7b:8c:32:
ee:8d:74:24:dc:05:d9:b4:06:a0:63:d5:19:30:a0:a3:5e:c3:
4e:0a:ef:de:82:c6:27:a7:73:b8:dd:8d:12:3c:f3:8d:09:e2:
cd:12:a1:06:17:7e:ec:6b:e7:2a:92:53:15:6e:42:6c:63:2e:
f7:23:69:96:92:09:1d:7f:e8:4d:ff:ab:76:b0:7c:12:21:c0:
4f:c7:f0:b0:0c:79:c1:b2:b6:e2:4b:7f:cc:2e:c7:2b:51:a9:
eb:e1:6d:bb:7a:dd:10:d3:9a:db:0c:9d:16:31:da:09:9c:90:
b6:f8:61:94:1e:bd:8a:1c:02:7e:d4:55:c6:ba:99:86:82:4f:
20:0e:cc:1e:df:d0:b9:ff:61:71:38:1e:20:71:77:b2:b5:8d:
26:72:27:fe:7a:3f:cc:12:be:90:fd:f8:de:ea:42:cb:c6:d5:
4c:5e:0c:61
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
QjFDREFGMTEwLwYDVQQFEygzNUVDMzI5NDI4MkZBN0EzNTQ3OEY4MkY5MDk0QjAz
RkUyNjA2RkI2MB4XDTIwMDQxODIxNDQyNFoXDTIyMDQxODIxNDQyNFowGDEWMBQG
A1UEAxMNNWU5Yjc0YmUtMDM0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjb+ejJvu787EJh//EzAOubKSbMPDscrRNsezFyTrAZabWBmT9LcJ0d/2zc
kwnTXncMalku8eAts/onWQzDYKVu3i0TQXGVUJ9ETLjaFVEGFYtzbmGuPVJURYGD
DCH/YuKdHRCoDTkCo4QHl4UF0OZLb5LkU6JTspBy5IBHOFBn9QeZEblIhGEyyzKF
6DO0U7u4oBQDNfvenVb1FzY1VEGrvlYFFMZdc1pbYvyFfHcREyy/gW8tHcR2cxpc
WL+0LVDa4U6xRnN+VyPsmisCPoJCahJ0eszdkzB5qhu4k19bcB5dX4aOJHQ6PM3E
wT6hErmda2zrTUO4ggs/GKHnfK0CAwEAAaOCArQwggKwMB0GA1UdDgQWBBQJ9q7g
ufrFEWgQJFnWkmq3KIde9zAfBgNVHSMEGDAWgBQ17DKUKC+no1R4+C+QlLA/4mBv
tjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QUIxQ0QvOUQ0OUI5MjY4MUJDMTFFQTkyRDg0ODVFRjhBRUEyMjgvTmV3eWxD
Z3ZwNk5VZVBndmtKU3dQLUpnYjdZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTmV3eWxDZ3ZwNk5VZVBndmtKU3dQLUpnYjdZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QUIxQ0QvOUQ0OUI5MjY4MUJDMTFFQTkyRDg0ODVFRjhB
RUEyMjgvQzg3MEQyOTY4MUJEMTFFQUFGQkE5MzVGRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA2aH8DANBAIAAjAHAwUALA/v
GDANBgkqhkiG9w0BAQsFAAOCAQEAAQahYkVJiUuQiY9Yjl3hw0n0ngcps+Lpah5U
0DdGRhqSnbL71hoio08yZ+rV4QEuBoWyR3TycVlrsrl6vT/utlOTDd4JAmfGnT2b
FNWFj5cbBDY5AhCIe4wy7o10JNwF2bQGoGPVGTCgo17DTgrv3oLGJ6dzuN2NEjzz
jQnizRKhBhd+7GvnKpJTFW5CbGMu9yNplpIJHX/oTf+rdrB8EiHAT8fwsAx5wbK2
4kt/zC7HK1Gp6+Ftu3rdENOa2wydFjHaCZyQtvhhlB69ihwCftRVxrqZhoJPIA7M
Ht/Quf9hcTgeIHF3srWNJnIn/no/zBK+kP343upCy8bVTF4MYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:22 2024 by rpki-client on console-ams.rpki-client.org