Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/4FFB98D44A0411EDBB18F6A1F1222468.roa
File: 4FFB98D44A0411EDBB18F6A1F1222468.roa (raw, json)
Hash identifier: 1KzA3F3nImYslzESsWVz3qVJJCWe3cpbxQRmW/PHFH8=
Subject key identifier: CF:68:53:7C:FA:83:24:E3:11:95:4A:BA:8E:D4:B1:58:9D:6E:CB:85
Certificate issuer: /CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
Certificate serial: 02
Authority key identifier: F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/4FFB98D44A0411EDBB18F6A1F1222468.roa
Signing time: Wed 12 Oct 2022 08:03:10 +0000
ROA not before: Wed 12 Oct 2022 08:03:06 +0000
ROA not after: Tue 30 Apr 2024 08:03:06 +0000
asID: 23764
IP address blocks: 102.217.164.0/22 maxlen: 24
102.217.164.0/24 maxlen: 24
102.217.165.0/24 maxlen: 24
102.217.166.0/24 maxlen: 24
102.217.167.0/24 maxlen: 24
2c0f:f7a8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36DB492AF/serialNumber=F43E0668EF72BD87FA5368BE2B6815C0BCB40149
Validity
Not Before: Oct 12 08:03:06 2022 GMT
Not After : Apr 30 08:03:06 2024 GMT
Subject: CN=634674be-67c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:57:39:d2:0c:16:ff:db:30:02:0b:8f:f5:e7:
41:8d:be:2b:0b:73:98:55:18:e8:82:13:a5:7c:02:
06:d7:92:20:5e:99:d4:53:ee:b1:fa:73:ef:37:2f:
89:16:71:be:dd:8b:63:d5:ed:a3:1d:ba:77:6d:dd:
a4:fd:68:63:49:5a:59:70:b7:8d:44:f5:a3:23:71:
5d:ed:da:3a:ad:17:56:10:4d:50:37:cd:18:03:ae:
0b:f2:39:62:01:21:a1:ea:da:9e:36:05:61:36:6e:
49:18:f4:25:21:3f:60:d6:2c:f7:74:e1:78:6b:58:
bb:97:c1:36:54:81:41:50:c1:92:af:4a:56:d6:45:
9b:b1:03:42:8d:0f:80:c5:2f:8f:0e:be:f8:55:77:
f6:14:31:9c:f3:d8:0b:9f:e7:32:af:6b:c6:28:4c:
61:35:b5:47:e5:aa:57:30:42:62:73:28:0e:fe:a9:
9f:b9:86:7d:ca:95:a0:8d:e8:e5:fa:84:82:a5:dd:
1a:03:7c:f2:9a:44:42:39:cd:22:89:00:95:b5:a5:
26:65:81:f8:83:bc:cb:76:fe:d8:a3:48:ca:79:df:
82:86:3f:32:22:17:55:1b:53:b2:c6:e8:3e:e3:22:
cb:52:0f:c4:32:32:32:27:2c:35:53:a2:f1:56:be:
8d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:68:53:7C:FA:83:24:E3:11:95:4A:BA:8E:D4:B1:58:9D:6E:CB:85
X509v3 Authority Key Identifier:
keyid:F4:3E:06:68:EF:72:BD:87:FA:53:68:BE:2B:68:15:C0:BC:B4:01:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/9D4GaO9yvYf6U2i-K2gVwLy0AUk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9D4GaO9yvYf6U2i-K2gVwLy0AUk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36DB492/10DA99764A0311ED8F59D89EF1222468/4FFB98D44A0411EDBB18F6A1F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.164.0/22
IPv6:
2c0f:f7a8::/29
Signature Algorithm: sha256WithRSAEncryption
01:36:99:47:91:c4:d1:14:75:29:5a:13:b1:08:28:54:76:75:
fa:9a:75:4d:5f:c7:70:7b:cb:61:89:77:28:58:1c:fd:15:24:
2d:65:2e:f8:68:f7:90:21:4b:e9:84:a7:43:86:12:d2:1d:45:
74:b6:9f:0c:8e:5a:56:90:15:cb:fb:ae:60:d2:10:af:65:b8:
7f:17:3a:33:6b:73:4e:78:ba:82:26:0a:be:da:9c:74:76:c0:
a4:19:2f:2a:ac:1b:61:f3:a6:f8:4d:63:be:ce:9e:2e:ea:ba:
30:a9:5c:fb:3b:f6:99:fc:73:ca:58:8c:38:41:f5:47:4d:ca:
93:c0:39:1f:6e:17:96:40:6c:c3:27:ac:b9:f7:36:a7:84:32:
7a:59:e4:7a:70:41:a1:0e:e4:4d:7a:3a:52:f9:0c:3c:17:b1:
d2:88:30:a9:52:85:22:58:a9:1e:16:71:a5:76:f1:22:e2:e1:
33:9c:4e:06:a8:69:0c:ec:e2:de:a3:a4:50:b3:6c:a5:60:52:
ba:d4:0d:ff:f1:b7:da:de:ee:44:95:5d:dd:6e:1f:c9:f2:f8:
e0:b9:a8:37:f8:4b:96:e1:bd:8f:2c:59:46:bb:3e:31:90:53:
b1:f2:0e:23:cb:eb:fc:9c:2b:b8:15:db:e8:1e:93:d0:5c:ac:
07:6d:98:a5
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZE
QjQ5MkFGMTEwLwYDVQQFEyhGNDNFMDY2OEVGNzJCRDg3RkE1MzY4QkUyQjY4MTVD
MEJDQjQwMTQ5MB4XDTIyMTAxMjA4MDMwNloXDTI0MDQzMDA4MDMwNlowGDEWMBQG
A1UEAwwNNjM0Njc0YmUtNjdjNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBXOdIMFv/bMAILj/XnQY2+KwtzmFUY6IITpXwCBteSIF6Z1FPusfpz7zcv
iRZxvt2LY9Xtox26d23dpP1oY0laWXC3jUT1oyNxXe3aOq0XVhBNUDfNGAOuC/I5
YgEhoeranjYFYTZuSRj0JSE/YNYs93TheGtYu5fBNlSBQVDBkq9KVtZFm7EDQo0P
gMUvjw6++FV39hQxnPPYC5/nMq9rxihMYTW1R+WqVzBCYnMoDv6pn7mGfcqVoI3o
5fqEgqXdGgN88ppEQjnNIokAlbWlJmWB+IO8y3b+2KNIynnfgoY/MiIXVRtTssbo
PuMiy1IPxDIyMicsNVOi8Va+jZECAwEAAaOCArQwggKwMB0GA1UdDgQWBBTPaFN8
+oMk4xGVSrqO1LFYnW7LhTAfBgNVHSMEGDAWgBT0PgZo73K9h/pTaL4raBXAvLQB
STAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2REI0OTIvMTBEQTk5NzY0QTAzMTFFRDhGNTlEODlFRjEyMjI0NjgvOUQ0R2FP
OXl2WWY2VTJpLUsyZ1Z3THkwQVVrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOUQ0R2FPOXl2WWY2VTJpLUsyZ1Z3THkwQVVrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2REI0OTIvMTBEQTk5NzY0QTAzMTFFRDhGNTlEODlFRjEy
MjI0NjgvNEZGQjk4RDQ0QTA0MTFFREJCMThGNkExRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbZpDANBAIAAjAHAwUDLA/3
qDANBgkqhkiG9w0BAQsFAAOCAQEAATaZR5HE0RR1KVoTsQgoVHZ1+pp1TV/HcHvL
YYl3KFgc/RUkLWUu+Gj3kCFL6YSnQ4YS0h1FdLafDI5aVpAVy/uuYNIQr2W4fxc6
M2tzTni6giYKvtqcdHbApBkvKqwbYfOm+E1jvs6eLuq6MKlc+zv2mfxzyliMOEH1
R03Kk8A5H24XlkBswyesufc2p4QyelnkenBBoQ7kTXo6UvkMPBex0ogwqVKFIlip
HhZxpXbxIuLhM5xOBqhpDOzi3qOkULNspWBSutQN//G32t7uRJVd3W4fyfL44Lmo
N/hLluG9jyxZRrs+MZBTsfIOI8vr/JwruBXb6B6T0FysB22YpQ==
-----END CERTIFICATE-----
Generated at Wed May 1 05:17:31 2024 by rpki-client on console-fra.rpki-client.org