Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D8ADD/99DB6EFC6AC711EBB90AF548F8AEA228/40E7CA127B5611EB87F1A947F8AEA228.roa
File: 40E7CA127B5611EB87F1A947F8AEA228.roa (raw, json)
Hash identifier: 1v8KcgN5CbBXGbEyXyOmPiLb5V57fW3KkD5lMampEIk=
Subject key identifier: 6B:E1:B3:2C:11:03:AE:36:18:9D:A1:3E:A3:38:C7:6F:51:77:34:DC
Certificate issuer: /CN=F36D8ADDAF/serialNumber=26B3A758B2D8D2BEB5C6F681CA5BD9258C79F777
Certificate serial: 17
Authority key identifier: 26:B3:A7:58:B2:D8:D2:BE:B5:C6:F6:81:CA:5B:D9:25:8C:79:F7:77
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JrOnWLLY0r61xvaBylvZJYx593c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D8ADD/99DB6EFC6AC711EBB90AF548F8AEA228/40E7CA127B5611EB87F1A947F8AEA228.roa
Signing time: Tue 02 Mar 2021 12:53:15 +0000
ROA not before: Tue 02 Mar 2021 12:53:10 +0000
ROA not after: Fri 01 Mar 2024 12:53:10 +0000
asID: 37248
IP address blocks: 41.87.65.0/24 maxlen: 24
41.87.94.0/24 maxlen: 24
41.87.95.0/24 maxlen: 24
2c0f:fea8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D8ADDAF/serialNumber=26B3A758B2D8D2BEB5C6F681CA5BD9258C79F777
Validity
Not Before: Mar 2 12:53:10 2021 GMT
Not After : Mar 1 12:53:10 2024 GMT
Subject: CN=603e353b-6eac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0a:9a:10:be:9f:0f:85:34:07:81:2a:04:02:
5e:16:88:18:d3:20:82:56:12:fe:8d:14:dd:ac:6c:
d4:e7:50:5e:11:18:81:e0:a6:e7:83:5e:ee:7e:4f:
b4:ca:46:0a:7d:70:1d:42:93:72:5a:df:c8:3f:2d:
b9:b6:e7:84:23:08:30:b5:49:2e:b1:ac:63:ba:29:
00:ad:c8:c9:1c:82:9b:46:d1:bc:f4:86:cb:d3:c4:
12:64:db:9c:68:04:23:f9:96:e0:b9:e9:00:b9:5e:
9d:b4:cb:92:4e:da:2f:83:34:2d:ac:ea:8c:fe:83:
4a:59:df:66:1f:43:49:2c:99:60:aa:f1:5f:cc:a6:
29:bd:3d:8e:17:a7:46:16:1c:67:7b:ba:5e:12:ae:
b0:8f:de:f5:d5:03:9d:65:e7:87:1e:66:bf:25:96:
35:4b:83:d8:a0:1d:4b:b8:21:81:e5:a1:bf:47:32:
a9:1a:13:ec:94:99:2a:98:16:2a:90:ef:0e:30:0a:
de:52:13:bc:26:ca:98:34:f9:44:ce:51:3d:33:1d:
43:25:c1:ad:b8:4d:54:72:c6:12:ad:b8:e2:e6:ae:
6c:7e:05:3c:eb:74:2b:bb:2c:7a:5e:5c:03:2a:21:
d0:2b:f0:62:e9:05:92:17:03:6d:87:70:ce:18:2b:
78:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E1:B3:2C:11:03:AE:36:18:9D:A1:3E:A3:38:C7:6F:51:77:34:DC
X509v3 Authority Key Identifier:
keyid:26:B3:A7:58:B2:D8:D2:BE:B5:C6:F6:81:CA:5B:D9:25:8C:79:F7:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D8ADD/99DB6EFC6AC711EBB90AF548F8AEA228/JrOnWLLY0r61xvaBylvZJYx593c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JrOnWLLY0r61xvaBylvZJYx593c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D8ADD/99DB6EFC6AC711EBB90AF548F8AEA228/40E7CA127B5611EB87F1A947F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.87.65.0/24
41.87.94.0/23
IPv6:
2c0f:fea8::/32
Signature Algorithm: sha256WithRSAEncryption
8a:c7:0b:49:d7:aa:f2:f1:9b:c8:cf:7e:14:d3:8b:8d:16:43:
98:77:12:d0:61:41:91:3e:be:97:1b:06:28:d7:31:9b:a2:d6:
23:da:49:ad:a3:01:d9:f2:32:f2:51:01:b0:d1:f6:a3:9c:3c:
d0:8a:f4:26:47:95:36:f4:e1:f1:bf:1f:d8:5f:f7:e9:51:e3:
49:13:9b:34:98:1a:05:e3:0d:53:a7:f9:92:cf:44:72:20:22:
d7:5c:cf:60:c3:f0:b9:a6:a1:32:a6:88:59:b0:a0:dd:b3:d6:
46:d7:2f:8f:fb:7e:b0:49:e2:f9:09:bd:46:b0:18:c2:d3:5c:
40:ff:b4:04:88:15:4e:85:a6:9a:73:9e:d9:b5:36:96:50:32:
13:7e:9b:fb:15:44:a0:a4:71:f5:d9:08:e4:29:9e:85:e5:b9:
f4:db:3e:93:6d:fa:05:59:87:3e:b3:1d:1a:1d:55:95:13:b1:
b6:11:37:8a:53:74:bc:26:e4:cc:53:e1:09:aa:31:36:da:ab:
ed:33:32:9e:87:22:8b:d8:62:7d:dc:3a:13:2c:0c:ee:32:d9:
2d:9a:95:4a:2e:a2:f1:bf:a2:2f:b9:af:31:80:ef:33:7e:a8:
dd:69:1c:e6:75:a8:a8:38:cc:86:27:39:df:7d:ee:c9:1a:99:
45:a6:4f:82
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBFzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
OEFEREFGMTEwLwYDVQQFEygyNkIzQTc1OEIyRDhEMkJFQjVDNkY2ODFDQTVCRDky
NThDNzlGNzc3MB4XDTIxMDMwMjEyNTMxMFoXDTI0MDMwMTEyNTMxMFowGDEWMBQG
A1UEAxMNNjAzZTM1M2ItNmVhYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEKmhC+nw+FNAeBKgQCXhaIGNMgglYS/o0U3axs1OdQXhEYgeCm54Ne7n5P
tMpGCn1wHUKTclrfyD8tubbnhCMIMLVJLrGsY7opAK3IyRyCm0bRvPSGy9PEEmTb
nGgEI/mW4LnpALlenbTLkk7aL4M0LazqjP6DSlnfZh9DSSyZYKrxX8ymKb09jhen
RhYcZ3u6XhKusI/e9dUDnWXnhx5mvyWWNUuD2KAdS7ghgeWhv0cyqRoT7JSZKpgW
KpDvDjAK3lITvCbKmDT5RM5RPTMdQyXBrbhNVHLGEq244uaubH4FPOt0K7ssel5c
Ayoh0CvwYukFkhcDbYdwzhgreKsCAwEAAaOCArowggK2MB0GA1UdDgQWBBRr4bMs
EQOuNhidoT6jOMdvUXc03DAfBgNVHSMEGDAWgBQms6dYstjSvrXG9oHKW9kljHn3
dzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDhBREQvOTlEQjZFRkM2QUM3MTFFQkI5MEFGNTQ4RjhBRUEyMjgvSnJPbldM
TFkwcjYxeHZhQnlsdlpKWXg1OTNjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSnJPbldMTFkwcjYxeHZhQnlsdlpKWXg1OTNjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RDhBREQvOTlEQjZFRkM2QUM3MTFFQkI5MEFGNTQ4RjhB
RUEyMjgvNDBFN0NBMTI3QjU2MTFFQjg3RjFBOTQ3RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAClXQQMEASlXXjANBAIAAjAH
AwUALA/+qDANBgkqhkiG9w0BAQsFAAOCAQEAiscLSdeq8vGbyM9+FNOLjRZDmHcS
0GFBkT6+lxsGKNcxm6LWI9pJraMB2fIy8lEBsNH2o5w80Ir0JkeVNvTh8b8f2F/3
6VHjSRObNJgaBeMNU6f5ks9EciAi11zPYMPwuaahMqaIWbCg3bPWRtcvj/t+sEni
+Qm9RrAYwtNcQP+0BIgVToWmmnOe2bU2llAyE36b+xVEoKRx9dkI5CmeheW59Ns+
k236BVmHPrMdGh1VlROxthE3ilN0vCbkzFPhCaoxNtqr7TMynocii9hifdw6EywM
7jLZLZqVSi6i8b+iL7mvMYDvM36o3Wkc5nWoqDjMhic5333uyRqZRaZPgg==
-----END CERTIFICATE-----
Generated at Sat Mar 2 02:06:44 2024 by rpki-client on console-fra.rpki-client.org