Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36EB6AE/381289B283DC11EA96D3CC4EF8AEA228/BA8A2C5083DD11EA86F47850F8AEA228.roa
File: BA8A2C5083DD11EA86F47850F8AEA228.roa (raw, json)
Hash identifier: CtNGv94C7PWMxJR5xIZ42aFu4M6DzlGZd88ANufspOQ=
Subject key identifier: 12:F8:EB:7F:70:00:53:22:A7:5A:FC:F2:83:F5:54:1C:7A:81:25:C0
Certificate issuer: /CN=F36EB6AEAF/serialNumber=373C1827E2704C3FDC16A878980FADC8835FA482
Certificate serial: 02
Authority key identifier: 37:3C:18:27:E2:70:4C:3F:DC:16:A8:78:98:0F:AD:C8:83:5F:A4:82
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/NzwYJ-JwTD_cFqh4mA-tyINfpII.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36EB6AE/381289B283DC11EA96D3CC4EF8AEA228/BA8A2C5083DD11EA86F47850F8AEA228.roa
Signing time: Tue 21 Apr 2020 14:38:13 +0000
ROA not before: Tue 21 Apr 2020 14:38:09 +0000
ROA not after: Thu 21 Apr 2022 14:38:09 +0000
asID: 328278
IP address blocks: 102.165.64.0/19 maxlen: 24
2c0f:ec98::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36EB6AEAF/serialNumber=373C1827E2704C3FDC16A878980FADC8835FA482
Validity
Not Before: Apr 21 14:38:09 2020 GMT
Not After : Apr 21 14:38:09 2022 GMT
Subject: CN=5e9f0555-4e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ff:ec:23:07:c5:6a:eb:36:a1:a3:18:33:29:
e3:ef:08:04:37:b5:69:4a:91:d4:47:e5:73:c1:9f:
a2:a7:f1:d4:17:1f:5f:f9:74:ca:a0:ca:01:30:6c:
91:9e:88:69:ce:a5:79:1d:f5:a0:9d:2f:a6:81:a0:
ab:5a:6a:91:6b:ba:0e:52:61:a1:8d:89:d3:07:e0:
c8:28:d1:f6:57:96:8a:59:d8:90:ad:7f:14:60:7f:
bb:5a:49:00:09:79:b6:6c:16:3c:6f:29:66:d5:4b:
6a:74:5c:24:50:f8:2f:f7:01:0e:d4:ee:42:b7:ac:
63:e5:d7:b4:b1:01:db:59:fe:79:4d:8e:1c:9e:9a:
c2:95:5d:d2:8d:a5:d9:5d:ba:f3:4f:8c:82:52:c2:
41:cf:d7:23:89:f2:fe:98:09:d2:b3:35:43:32:84:
c3:37:05:fe:09:22:e1:ce:87:8e:c2:5c:94:a2:a8:
69:01:bd:c7:02:ad:e5:ed:b4:51:66:ee:4a:b7:dd:
a0:5c:91:2f:58:80:0e:26:1a:b4:29:bd:29:5b:93:
1a:d2:5c:da:ee:91:5c:12:4b:fc:70:8a:d8:92:e9:
32:2e:08:49:62:5f:e6:65:17:93:4c:de:23:99:f5:
a6:6e:c6:0c:d2:ab:78:03:97:06:f7:2c:db:e5:4f:
db:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:F8:EB:7F:70:00:53:22:A7:5A:FC:F2:83:F5:54:1C:7A:81:25:C0
X509v3 Authority Key Identifier:
keyid:37:3C:18:27:E2:70:4C:3F:DC:16:A8:78:98:0F:AD:C8:83:5F:A4:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36EB6AE/381289B283DC11EA96D3CC4EF8AEA228/NzwYJ-JwTD_cFqh4mA-tyINfpII.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/NzwYJ-JwTD_cFqh4mA-tyINfpII.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36EB6AE/381289B283DC11EA96D3CC4EF8AEA228/BA8A2C5083DD11EA86F47850F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.165.64.0/19
IPv6:
2c0f:ec98::/32
Signature Algorithm: sha256WithRSAEncryption
a6:fe:68:12:e3:b1:d1:c5:42:78:ce:63:1d:55:c7:4d:24:c1:
a7:56:30:cb:60:3a:ef:40:d1:85:92:39:04:11:ba:54:b8:89:
6a:6e:5a:4c:80:ff:ba:ba:43:1f:ad:17:07:1c:67:50:7b:3e:
8e:54:f7:17:0c:e5:00:7d:0e:f9:5e:22:a1:76:2f:0b:19:23:
c6:95:ca:ee:38:8c:3e:a0:37:d0:b8:9e:62:c9:96:79:6f:e3:
6d:4f:63:0f:bc:7a:6e:d1:aa:c2:89:7a:4d:48:8b:1e:43:c7:
aa:d3:73:3a:83:c2:20:11:6e:8d:8e:d0:4b:99:8a:c0:2d:b1:
f5:45:b6:0c:dc:94:e5:48:32:97:21:e4:a6:12:dc:de:23:ce:
8d:a2:08:f7:2c:a3:d6:da:9e:81:34:90:c9:57:d0:08:ae:f3:
b3:dd:b0:d7:b6:4b:d9:9b:8c:07:95:80:01:db:ff:3d:05:63:
d3:81:27:cb:d3:d1:1a:60:43:d7:56:6d:75:f3:9c:7d:3e:01:
72:82:1f:db:d5:98:0b:82:19:27:a1:fa:39:e5:c7:36:cb:b6:
da:30:af:4d:57:e7:89:6a:5a:27:80:c2:64:ed:98:4e:aa:74:
b5:96:82:d0:fc:c9:eb:60:01:4d:21:ad:31:03:82:ef:0b:1c:
0a:93:75:ae
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
QjZBRUFGMTEwLwYDVQQFEygzNzNDMTgyN0UyNzA0QzNGREMxNkE4Nzg5ODBGQURD
ODgzNUZBNDgyMB4XDTIwMDQyMTE0MzgwOVoXDTIyMDQyMTE0MzgwOVowGDEWMBQG
A1UEAxMNNWU5ZjA1NTUtNGUwZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOj/7CMHxWrrNqGjGDMp4+8IBDe1aUqR1Eflc8Gfoqfx1BcfX/l0yqDKATBs
kZ6Iac6leR31oJ0vpoGgq1pqkWu6DlJhoY2J0wfgyCjR9leWilnYkK1/FGB/u1pJ
AAl5tmwWPG8pZtVLanRcJFD4L/cBDtTuQresY+XXtLEB21n+eU2OHJ6awpVd0o2l
2V2680+MglLCQc/XI4ny/pgJ0rM1QzKEwzcF/gki4c6HjsJclKKoaQG9xwKt5e20
UWbuSrfdoFyRL1iADiYatCm9KVuTGtJc2u6RXBJL/HCK2JLpMi4ISWJf5mUXk0ze
I5n1pm7GDNKreAOXBvcs2+VP27kCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQS+Ot/
cABTIqda/PKD9VQceoElwDAfBgNVHSMEGDAWgBQ3PBgn4nBMP9wWqHiYD63Ig1+k
gjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RUI2QUUvMzgxMjg5QjI4M0RDMTFFQTk2RDNDQzRFRjhBRUEyMjgvTnp3WUot
SndURF9jRnFoNG1BLXR5SU5mcElJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTnp3WUotSndURF9jRnFoNG1BLXR5SU5mcElJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RUI2QUUvMzgxMjg5QjI4M0RDMTFFQTk2RDNDQzRFRjhB
RUEyMjgvQkE4QTJDNTA4M0REMTFFQTg2RjQ3ODUwRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBWalQDANBAIAAjAHAwUALA/s
mDANBgkqhkiG9w0BAQsFAAOCAQEApv5oEuOx0cVCeM5jHVXHTSTBp1Ywy2A670DR
hZI5BBG6VLiJam5aTID/urpDH60XBxxnUHs+jlT3FwzlAH0O+V4ioXYvCxkjxpXK
7jiMPqA30LieYsmWeW/jbU9jD7x6btGqwol6TUiLHkPHqtNzOoPCIBFujY7QS5mK
wC2x9UW2DNyU5UgylyHkphLc3iPOjaII9yyj1tqegTSQyVfQCK7zs92w17ZL2ZuM
B5WAAdv/PQVj04Eny9PRGmBD11ZtdfOcfT4BcoIf29WYC4IZJ6H6OeXHNsu22jCv
TVfniWpaJ4DCZO2YTqp0tZaC0PzJ62ABTSGtMQOC7wscCpN1rg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:31 2023 by rpki-client on console-ams.rpki-client.org