Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/1ED27D1ABF5A11ED8B3BE3C6F1222468.roa
File: 1ED27D1ABF5A11ED8B3BE3C6F1222468.roa (raw, json)
Hash identifier: zTcrlEu03+f925//MQeRmkMoE4NMS+GnmyZ0grt8zd8=
Subject key identifier: C3:D3:7E:E1:A1:54:A7:50:E5:8E:D5:96:E8:42:D4:6E:F7:0B:47:0F
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 0AC3
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/1ED27D1ABF5A11ED8B3BE3C6F1222468.roa
Signing time: Fri 10 Mar 2023 15:42:11 +0000
ROA not before: Fri 10 Mar 2023 15:42:07 +0000
ROA not after: Sun 10 Mar 2024 15:42:07 +0000
asID: 29802
IP address blocks: 102.129.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2755 (0xac3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Mar 10 15:42:07 2023 GMT
Not After : Mar 10 15:42:07 2024 GMT
Subject: CN=640b4fd2-7d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:cd:d3:dc:f4:42:75:f0:aa:7d:fb:47:46:f4:
c8:7f:c0:25:88:6a:ea:88:b5:3b:6b:d9:ee:74:f1:
89:b6:59:b3:21:0b:2a:f3:4a:16:3a:a4:5c:16:87:
b9:b4:63:35:2e:be:70:36:41:96:c9:96:21:ac:58:
b1:cd:a3:c7:f1:ad:d7:2b:1f:14:e9:b8:ad:58:33:
a8:32:33:08:ff:ef:f3:be:b0:b0:8c:24:26:14:39:
29:76:28:2d:af:2a:11:d1:37:ec:74:10:b2:64:33:
33:09:b9:14:dc:0e:77:48:da:14:2b:c8:e4:97:16:
24:73:4f:2a:de:f6:b9:d1:32:3e:e1:83:d2:2d:b2:
bf:06:a6:c0:38:c5:3d:5b:4e:64:d1:20:b7:3c:64:
10:a8:0a:82:d3:7a:f7:dc:65:c8:bd:e1:a5:ea:a4:
42:c1:15:c5:c2:be:b3:90:74:3f:f4:14:8d:12:6f:
42:5d:66:f8:11:5a:3e:1a:d0:cf:a2:d5:b2:24:89:
72:15:d9:25:34:19:45:16:df:3a:8c:d9:e3:56:e1:
d7:95:9a:2a:e0:32:43:a9:c5:09:73:3b:44:03:6a:
83:0c:3e:67:97:dc:60:5d:6d:a9:60:2e:4c:47:86:
95:a5:4b:38:9a:b3:ca:df:e8:71:06:67:76:b6:a4:
7b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D3:7E:E1:A1:54:A7:50:E5:8E:D5:96:E8:42:D4:6E:F7:0B:47:0F
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/1ED27D1ABF5A11ED8B3BE3C6F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.212.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:f3:fb:f0:75:ce:39:b0:81:77:23:56:8d:83:63:00:ed:f5:
13:13:b3:86:14:ac:a9:ca:0d:52:78:bf:f5:f4:9f:6a:25:9f:
fa:0c:0d:0a:2d:7a:c0:7b:7a:99:07:62:07:86:c4:94:b7:6a:
2b:22:63:fa:6c:b1:cb:ed:1e:61:98:61:ac:f5:50:e5:54:e4:
5d:42:6c:e8:90:bb:f1:9f:d5:f8:6d:fd:55:20:22:bf:23:81:
2f:58:07:7d:e2:45:f6:69:03:45:b9:fa:9e:b6:8a:20:27:11:
24:79:f0:f8:4a:41:4d:fe:d3:a6:39:4c:22:10:51:8a:18:fc:
94:fa:74:2b:67:ed:9a:3d:e5:2e:66:00:20:cd:3f:a4:b9:68:
af:a1:61:fd:16:77:bb:c6:d1:7a:76:c3:15:1c:1e:1a:25:80:
77:3f:9d:9d:28:d8:3f:ec:a7:17:a7:ec:82:09:24:5b:92:a1:
cb:f5:51:32:48:5b:ad:67:f1:e7:5c:07:4b:04:a2:14:73:3b:
fa:6a:c8:40:ac:ef:c5:57:5b:7b:74:fc:7a:f4:65:8b:85:23:
2c:fa:40:86:8d:d1:20:b5:b9:a4:e0:4c:97:1a:6f:c3:17:56:
bd:54:c5:a9:dc:b9:d7:84:b8:bd:a0:5b:ef:09:84:b1:28:be:
76:a3:04:d1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCsMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMzAzMTAxNTQyMDdaFw0yNDAzMTAxNTQyMDdaMBgxFjAU
BgNVBAMMDTY0MGI0ZmQyLTdkM2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDxzdPc9EJ18Kp9+0dG9Mh/wCWIauqItTtr2e508Ym2WbMhCyrzShY6pFwW
h7m0YzUuvnA2QZbJliGsWLHNo8fxrdcrHxTpuK1YM6gyMwj/7/O+sLCMJCYUOSl2
KC2vKhHRN+x0ELJkMzMJuRTcDndI2hQryOSXFiRzTyre9rnRMj7hg9Itsr8GpsA4
xT1bTmTRILc8ZBCoCoLTevfcZci94aXqpELBFcXCvrOQdD/0FI0Sb0JdZvgRWj4a
0M+i1bIkiXIV2SU0GUUW3zqM2eNW4deVmirgMkOpxQlzO0QDaoMMPmeX3GBdbalg
LkxHhpWlSzias8rf6HEGZ3a2pHvzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUw9N+
4aFUp1DljtWW6ELUbvcLRw8wHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzFFRDI3RDFBQkY1QTExRUQ4QjNCRTNDNkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgdQwDQYJKoZIhvcNAQEL
BQADggEBAKHz+/B1zjmwgXcjVo2DYwDt9RMTs4YUrKnKDVJ4v/X0n2oln/oMDQot
esB7epkHYgeGxJS3aisiY/psscvtHmGYYaz1UOVU5F1CbOiQu/Gf1fht/VUgIr8j
gS9YB33iRfZpA0W5+p62iiAnESR58PhKQU3+06Y5TCIQUYoY/JT6dCtn7Zo95S5m
ACDNP6S5aK+hYf0Wd7vG0Xp2wxUcHholgHc/nZ0o2D/spxen7IIJJFuSocv1UTJI
W61n8edcB0sEohRzO/pqyECs78VXW3t0/Hr0ZYuFIyz6QIaN0SC1uaTgTJcab8MX
Vr1UxancudeEuL2gW+8JhLEovnajBNE=
-----END CERTIFICATE-----
Generated at Mon Mar 11 02:41:25 2024 by rpki-client on console-ams.rpki-client.org