Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C4E2C/E0F97572FD6511ECA2EAAFE1F1222468/1099B4C6FD6711EC90C697E5F1222468.roa
File: 1099B4C6FD6711EC90C697E5F1222468.roa (raw, json)
Hash identifier: V2LWr8hmR+58LBjz2rlvTVbnq/B1pL3dqStgUsr8zr4=
Subject key identifier: 8A:45:13:FB:75:D2:66:BC:AA:66:61:52:9A:6E:16:ED:E6:C5:3F:0E
Certificate issuer: /CN=F36C4E2CAF/serialNumber=013A38C39CCB64D8FEE8CDE6BF368F46DA738C40
Certificate serial: 02
Authority key identifier: 01:3A:38:C3:9C:CB:64:D8:FE:E8:CD:E6:BF:36:8F:46:DA:73:8C:40
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ATo4w5zLZNj-6M3mvzaPRtpzjEA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C4E2C/E0F97572FD6511ECA2EAAFE1F1222468/1099B4C6FD6711EC90C697E5F1222468.roa
Signing time: Wed 06 Jul 2022 20:06:04 +0000
ROA not before: Wed 06 Jul 2022 20:05:53 +0000
ROA not after: Sat 06 Jul 2024 20:05:53 +0000
asID: 36982
IP address blocks: 196.13.250.0/24 maxlen: 24
196.42.64.0/18 maxlen: 18
196.47.192.0/18 maxlen: 18
197.239.128.0/18 maxlen: 18
2001:43f8:70::/45 maxlen: 45
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C4E2CAF
Validity
Not Before: Jul 6 20:05:53 2022 GMT
Not After : Jul 6 20:05:53 2024 GMT
Subject: CN=62c5eb2c-ae0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cc:6f:3c:b3:28:f4:f4:73:96:5a:02:a5:e2:
a4:9b:67:cc:40:d2:5b:88:8f:ce:8e:56:b2:ab:23:
b4:1b:ca:09:9d:59:18:55:84:42:6b:d4:e3:68:4f:
a2:72:ea:ad:05:9c:33:75:7e:97:96:80:e7:5c:12:
c9:bc:c4:77:9b:7d:e6:28:33:ec:67:19:9c:1f:0d:
b1:94:ac:36:94:3d:38:4a:05:6e:3a:ed:5a:7e:de:
87:1d:f0:73:41:2d:0d:dc:50:76:f1:8b:aa:b5:ed:
13:52:45:60:e3:da:75:6e:ef:dc:e3:c8:c2:20:28:
9e:99:0a:c8:6e:b4:51:46:d8:1b:43:b2:e8:e9:b7:
06:f2:e7:51:4e:85:a0:53:2e:9f:f0:4e:34:8a:06:
40:25:bb:1f:f1:04:da:22:6f:ba:ae:14:0d:ba:8d:
e4:ed:77:29:23:8d:85:8f:99:a9:b0:fe:57:4d:71:
dc:a1:e3:6b:09:dc:df:a8:73:5f:13:45:3a:2a:31:
39:06:93:85:90:c1:d4:ca:97:c6:d5:c9:49:5a:61:
8f:98:d8:bb:8b:83:38:a6:04:ef:52:c7:34:e9:d1:
7b:d1:8c:f7:9c:08:84:09:ac:16:dd:90:cd:63:91:
75:3c:1f:59:7a:26:6b:2c:fe:68:fc:f8:7e:12:f3:
ec:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:45:13:FB:75:D2:66:BC:AA:66:61:52:9A:6E:16:ED:E6:C5:3F:0E
X509v3 Authority Key Identifier:
keyid:01:3A:38:C3:9C:CB:64:D8:FE:E8:CD:E6:BF:36:8F:46:DA:73:8C:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C4E2C/E0F97572FD6511ECA2EAAFE1F1222468/ATo4w5zLZNj-6M3mvzaPRtpzjEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ATo4w5zLZNj-6M3mvzaPRtpzjEA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C4E2C/E0F97572FD6511ECA2EAAFE1F1222468/1099B4C6FD6711EC90C697E5F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
196.13.250.0/24
196.42.64.0/18
196.47.192.0/18
197.239.128.0/18
IPv6:
2001:43f8:70::/45
Signature Algorithm: sha256WithRSAEncryption
19:aa:d1:7e:2a:d9:09:14:b2:d1:94:b4:b8:2e:f1:fc:82:46:
5b:d6:1a:61:10:b4:bc:35:70:db:5e:43:04:fe:19:c7:ba:63:
c6:d9:09:76:97:b7:d1:80:d4:af:b6:74:cf:5f:96:18:bb:5e:
00:91:2d:86:1a:38:2b:bd:69:bb:72:cd:73:ef:c0:52:4a:8c:
df:71:8f:e1:1b:d5:ed:a9:5a:e2:d9:a2:72:43:4c:fc:e1:0c:
0b:34:00:e1:09:48:2e:27:95:3d:f3:68:4d:2a:d1:35:e9:c4:
4f:b1:77:81:32:08:54:a1:4c:0e:76:a2:b5:cb:f5:b8:49:9f:
e1:da:6a:b2:d3:74:e6:fb:48:61:d8:33:20:87:bf:8d:6f:57:
a8:d8:26:2c:8e:d3:73:a5:31:9a:8c:7f:99:0b:5e:df:43:82:
39:29:aa:6f:44:8a:1b:d8:1d:58:c8:46:bf:4a:e7:ed:31:26:
d8:39:46:3e:1b:6b:b9:95:08:d2:43:e1:51:4e:83:ba:b2:7b:
e4:35:b4:17:0e:1d:7b:2c:61:58:37:45:e9:cc:31:aa:25:25:
e3:94:a0:9f:0b:45:e3:42:11:96:97:90:4e:30:36:fc:3e:40:
c2:8a:f0:9a:d3:06:58:21:31:2c:35:f8:b9:a6:07:45:29:c7:
1a:b6:91:fe
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZD
NEUyQ0FGMTEwLwYDVQQFEygwMTNBMzhDMzlDQ0I2NEQ4RkVFOENERTZCRjM2OEY0
NkRBNzM4QzQwMB4XDTIyMDcwNjIwMDU1M1oXDTI0MDcwNjIwMDU1M1owGDEWMBQG
A1UEAwwNNjJjNWViMmMtYWUwYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKvMbzyzKPT0c5ZaAqXipJtnzEDSW4iPzo5WsqsjtBvKCZ1ZGFWEQmvU42hP
onLqrQWcM3V+l5aA51wSybzEd5t95igz7GcZnB8NsZSsNpQ9OEoFbjrtWn7ehx3w
c0EtDdxQdvGLqrXtE1JFYOPadW7v3OPIwiAonpkKyG60UUbYG0Oy6Om3BvLnUU6F
oFMun/BONIoGQCW7H/EE2iJvuq4UDbqN5O13KSONhY+ZqbD+V01x3KHjawnc36hz
XxNFOioxOQaThZDB1MqXxtXJSVphj5jYu4uDOKYE71LHNOnRe9GM95wIhAmsFt2Q
zWORdTwfWXomayz+aPz4fhLz7IUCAwEAAaOCAsgwggLEMB0GA1UdDgQWBBSKRRP7
ddJmvKpmYVKabhbt5sU/DjAfBgNVHSMEGDAWgBQBOjjDnMtk2P7ozea/No9G2nOM
QDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzRFMkMvRTBGOTc1NzJGRDY1MTFFQ0EyRUFBRkUxRjEyMjI0NjgvQVRvNHc1
ekxaTmotNk0zbXZ6YVBSdHB6akVBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQVRvNHc1ekxaTmotNk0zbXZ6YVBSdHB6akVBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzRFMkMvRTBGOTc1NzJGRDY1MTFFQ0EyRUFBRkUxRjEy
MjI0NjgvMTA5OUI0QzZGRDY3MTFFQzkwQzY5N0U1RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBCBggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEAMQN+gMEBsQqQAMEBsQvwAME
BsXvgDAPBAIAAjAJAwcDIAFD+ABwMA0GCSqGSIb3DQEBCwUAA4IBAQAZqtF+KtkJ
FLLRlLS4LvH8gkZb1hphELS8NXDbXkME/hnHumPG2Ql2l7fRgNSvtnTPX5YYu14A
kS2GGjgrvWm7cs1z78BSSozfcY/hG9XtqVri2aJyQ0z84QwLNADhCUguJ5U982hN
KtE16cRPsXeBMghUoUwOdqK1y/W4SZ/h2mqy03Tm+0hh2DMgh7+Nb1eo2CYsjtNz
pTGajH+ZC17fQ4I5KapvRIob2B1YyEa/SuftMSbYOUY+G2u5lQjSQ+FRToO6snvk
NbQXDh17LGFYN0XpzDGqJSXjlKCfC0XjQhGWl5BOMDb8PkDCivCa0wZYITEsNfi5
pgdFKccatpH+
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:56:53 2025 by rpki-client