Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FDDCF/ED44E9306A1B11EBBA744416F8AEA228/BA01DCC26BAB11EB90B05334F8AEA228.roa
File: BA01DCC26BAB11EB90B05334F8AEA228.roa (raw, json)
Hash identifier: 3tS4diwoz9mUiV/DtNbl5+UUE6XKVca056m5tgEl1L8=
Subject key identifier: A6:6D:D1:86:FA:09:FA:3B:56:6F:FD:B1:F0:19:EA:13:D6:2C:A1:32
Certificate issuer: /CN=F36FDDCFAF/serialNumber=EB2FF6334345973A74B009002E369171D938F033
Certificate serial: 04
Authority key identifier: EB:2F:F6:33:43:45:97:3A:74:B0:09:00:2E:36:91:71:D9:38:F0:33
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/6y_2M0NFlzp0sAkALjaRcdk48DM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FDDCF/ED44E9306A1B11EBBA744416F8AEA228/BA01DCC26BAB11EB90B05334F8AEA228.roa
Signing time: Wed 10 Feb 2021 14:24:48 +0000
ROA not before: Wed 10 Feb 2021 14:24:41 +0000
ROA not after: Sat 10 Feb 2024 14:24:41 +0000
asID: 328316
IP address blocks: 102.176.176.0/22 maxlen: 22
102.176.176.0/24 maxlen: 24
102.176.177.0/24 maxlen: 24
102.176.178.0/24 maxlen: 24
102.176.179.0/24 maxlen: 24
2c0f:eed0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FDDCFAF/serialNumber=EB2FF6334345973A74B009002E369171D938F033
Validity
Not Before: Feb 10 14:24:41 2021 GMT
Not After : Feb 10 14:24:41 2024 GMT
Subject: CN=6023ecaf-5840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d4:70:b9:84:ed:4c:de:b2:03:bf:1b:92:99:
5a:a6:26:cb:35:32:38:15:a0:67:d2:7b:6b:42:b4:
fe:fc:d3:bf:a6:75:ab:8b:74:7e:19:71:ef:db:f0:
13:7d:5d:56:e2:5c:a9:45:d0:ca:27:83:ed:44:aa:
6b:f4:de:27:9c:6e:ca:f1:9b:52:98:79:7f:ff:f1:
6c:a7:b2:16:25:5a:e2:48:00:fe:90:8c:0a:c8:3a:
05:7d:f4:04:4c:2e:33:6e:98:ad:cf:0a:ae:36:57:
6d:42:9b:88:3d:c4:f3:ec:17:a0:45:80:11:c5:ea:
bf:2a:ee:cd:80:6e:85:1e:de:84:ac:6b:50:51:2a:
95:4f:c9:12:7c:a9:9a:26:90:09:39:20:d9:20:32:
7b:be:47:bc:bf:73:3f:42:0c:5c:65:42:69:09:0f:
d0:53:10:ef:15:fa:7c:35:a1:88:0e:50:81:36:f4:
1f:f7:d4:5b:94:0d:ba:46:85:8b:16:9a:4e:95:82:
93:13:b8:23:25:22:05:aa:b4:ce:ba:e3:f2:35:f1:
25:21:23:dd:37:99:f1:df:db:a9:d0:6f:0c:85:23:
27:b9:40:fc:74:3f:b4:1f:39:76:a6:bf:ad:57:a2:
5c:27:8d:bd:ff:77:90:55:d4:c0:e3:49:eb:23:0c:
19:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6D:D1:86:FA:09:FA:3B:56:6F:FD:B1:F0:19:EA:13:D6:2C:A1:32
X509v3 Authority Key Identifier:
keyid:EB:2F:F6:33:43:45:97:3A:74:B0:09:00:2E:36:91:71:D9:38:F0:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDDCF/ED44E9306A1B11EBBA744416F8AEA228/6y_2M0NFlzp0sAkALjaRcdk48DM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/6y_2M0NFlzp0sAkALjaRcdk48DM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FDDCF/ED44E9306A1B11EBBA744416F8AEA228/BA01DCC26BAB11EB90B05334F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.176.176.0/22
IPv6:
2c0f:eed0::/32
Signature Algorithm: sha256WithRSAEncryption
50:13:f4:10:92:6b:6a:c8:b4:a6:95:ca:0a:44:09:a8:f4:fa:
63:50:af:bf:34:f0:d4:38:44:35:28:b9:d1:ef:ce:91:d5:22:
7a:24:5f:a7:3c:23:83:a7:1c:63:36:10:1d:75:1a:25:e8:7e:
3a:ff:21:c3:ae:18:29:e1:4d:b0:cf:5a:f7:2b:8f:c8:15:8e:
b0:48:8e:53:56:ea:73:42:da:a6:53:45:23:2a:97:ed:23:fa:
42:af:be:7f:0e:a4:1a:cb:70:33:a3:8a:29:3b:5b:54:15:3e:
c5:bb:6e:c4:0a:3d:70:30:44:a9:ec:ed:38:2d:d6:e0:77:9f:
86:44:3a:2b:74:7b:d3:49:9c:50:e7:46:d9:0a:10:d3:c4:79:
06:8f:19:52:72:b9:d0:ea:3c:92:a7:1e:7e:ae:af:23:13:36:
cc:83:d1:43:b7:ae:ab:49:bd:02:a2:dd:5c:19:90:f5:fb:e2:
c1:d6:92:61:4b:f0:4a:57:de:ad:95:f6:f7:16:e9:28:22:84:
e3:1c:bb:c9:76:32:7f:25:22:12:c8:16:c8:2d:5f:5d:45:e4:
35:70:0f:7b:7b:31:10:c5:06:ae:a1:dc:7f:0f:b6:b3:60:ce:
f3:ec:16:f4:8e:59:08:ac:1c:81:77:67:08:9b:57:de:c7:cb:
da:64:b3:3b
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
RERDRkFGMTEwLwYDVQQFEyhFQjJGRjYzMzQzNDU5NzNBNzRCMDA5MDAyRTM2OTE3
MUQ5MzhGMDMzMB4XDTIxMDIxMDE0MjQ0MVoXDTI0MDIxMDE0MjQ0MVowGDEWMBQG
A1UEAxMNNjAyM2VjYWYtNTg0MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLUcLmE7UzesgO/G5KZWqYmyzUyOBWgZ9J7a0K0/vzTv6Z1q4t0fhlx79vw
E31dVuJcqUXQyieD7USqa/TeJ5xuyvGbUph5f//xbKeyFiVa4kgA/pCMCsg6BX30
BEwuM26Yrc8KrjZXbUKbiD3E8+wXoEWAEcXqvyruzYBuhR7ehKxrUFEqlU/JEnyp
miaQCTkg2SAye75HvL9zP0IMXGVCaQkP0FMQ7xX6fDWhiA5QgTb0H/fUW5QNukaF
ixaaTpWCkxO4IyUiBaq0zrrj8jXxJSEj3TeZ8d/bqdBvDIUjJ7lA/HQ/tB85dqa/
rVeiXCeNvf93kFXUwONJ6yMMGUUCAwEAAaOCArQwggKwMB0GA1UdDgQWBBSmbdGG
+gn6O1Zv/bHwGeoT1iyhMjAfBgNVHSMEGDAWgBTrL/YzQ0WXOnSwCQAuNpFx2Tjw
MzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkREQ0YvRUQ0NEU5MzA2QTFCMTFFQkJBNzQ0NDE2RjhBRUEyMjgvNnlfMk0w
TkZsenAwc0FrQUxqYVJjZGs0OERNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNnlfMk0wTkZsenAwc0FrQUxqYVJjZGs0OERNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkREQ0YvRUQ0NEU5MzA2QTFCMTFFQkJBNzQ0NDE2RjhB
RUEyMjgvQkEwMURDQzI2QkFCMTFFQjkwQjA1MzM0RjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmawsDANBAIAAjAHAwUALA/u
0DANBgkqhkiG9w0BAQsFAAOCAQEAUBP0EJJrasi0ppXKCkQJqPT6Y1CvvzTw1DhE
NSi50e/OkdUieiRfpzwjg6ccYzYQHXUaJeh+Ov8hw64YKeFNsM9a9yuPyBWOsEiO
U1bqc0LaplNFIyqX7SP6Qq++fw6kGstwM6OKKTtbVBU+xbtuxAo9cDBEqeztOC3W
4HefhkQ6K3R700mcUOdG2QoQ08R5Bo8ZUnK50Oo8kqcefq6vIxM2zIPRQ7euq0m9
AqLdXBmQ9fviwdaSYUvwSlferZX29xbpKCKE4xy7yXYyfyUiEsgWyC1fXUXkNXAP
e3sxEMUGrqHcfw+2s2DO8+wW9I5ZCKwcgXdnCJtX3sfL2mSzOw==
-----END CERTIFICATE-----
Generated at Sun Feb 11 03:22:01 2024 by rpki-client on console-fra.rpki-client.org