![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5311A896287F11EF9F00982F7DDC24C2.roa
File: 5311A896287F11EF9F00982F7DDC24C2.roa (raw, json)
Hash identifier: hESXA3IsknH2V4biRGMRbQB7NIVaR+OHG5OR6rQmewE=
Subject key identifier: F4:AF:8C:94:D2:A3:D1:3D:D9:D0:09:58:6E:82:4A:59:3E:38:51:4E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: C1D9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5311A896287F11EF9F00982F7DDC24C2.roa
Signing time: Wed 12 Jun 2024 05:47:59 +0000
ROA not before: Wed 12 Jun 2024 05:47:56 +0000
ROA not after: Tue 25 Jun 2024 05:47:56 +0000
asID: 44559
IP address blocks: 154.94.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49625 (0xc1d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 12 05:47:56 2024 GMT
Not After : Jun 25 05:47:56 2024 GMT
Subject: CN=6669368f-bf88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:82:5c:e8:37:b0:0c:6a:b5:69:bb:d0:2d:d0:
ff:73:f6:9d:55:ee:10:ec:5b:d6:28:aa:67:88:48:
64:66:44:6f:ea:3a:65:b3:85:b6:cb:b4:03:c3:52:
1e:66:fe:f3:fa:84:8f:75:89:c7:bd:ad:66:a6:d3:
95:f4:de:19:5b:8a:47:89:3a:5d:9e:86:67:6a:55:
b4:8a:fd:9b:25:49:68:ba:47:47:bc:d8:2f:49:8f:
ed:9e:b6:67:6e:a8:2c:51:d8:4e:4a:03:1d:6d:10:
39:3b:ea:e2:4c:3e:6e:a4:d8:7a:e8:bc:62:9e:b6:
c8:70:1e:6d:7e:4e:a6:93:3e:c4:8d:b4:70:5a:a4:
5a:04:ab:31:d9:73:e0:f0:d5:e4:77:d0:36:7b:11:
05:eb:c8:05:e3:e0:ae:58:0c:9e:3a:e4:58:c6:7b:
20:77:06:06:5a:cb:f6:50:eb:2e:f0:e7:e3:97:32:
6a:fc:fc:f9:61:e4:12:90:d0:07:43:82:d8:66:24:
37:09:c1:cb:2a:df:20:68:83:cf:6e:2b:70:21:c6:
cf:a1:8a:ec:d3:c0:7f:02:5d:c3:5a:84:69:d6:f7:
16:ac:16:56:8d:75:1d:36:01:58:35:6f:ed:83:60:
3b:99:c0:df:54:9f:5f:98:69:20:50:d8:8a:df:fd:
b7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AF:8C:94:D2:A3:D1:3D:D9:D0:09:58:6E:82:4A:59:3E:38:51:4E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5311A896287F11EF9F00982F7DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.128.0/17
Signature Algorithm: sha256WithRSAEncryption
90:32:55:1c:02:a8:0f:81:af:f7:30:92:31:09:99:68:35:36:
72:c6:e1:2f:ac:b2:ae:38:bd:50:a8:80:ba:18:cb:8a:e3:f5:
ac:25:62:7e:ed:15:b4:11:b4:17:d4:b5:9f:1e:c5:b3:b2:e7:
a0:f7:e2:cd:4c:a3:e9:5f:7b:33:bf:bd:97:9e:37:66:5d:70:
d1:7a:58:d0:73:0d:e0:96:6d:59:fa:0c:7b:18:66:db:bd:53:
b6:1a:ba:e4:4a:1b:62:b3:44:5d:5c:37:c1:34:93:ce:1c:85:
58:a8:32:6d:02:90:42:ec:3a:52:58:57:0f:c8:4d:52:6e:9d:
dc:33:6c:d0:05:ee:f1:de:ea:ca:a9:ce:94:56:ed:7b:61:33:
6b:b0:58:bf:2f:88:e8:fd:07:31:33:bf:83:90:ff:e4:a5:7b:
aa:ed:d7:23:1f:b0:2d:23:a6:9f:e1:7a:f7:56:f0:ea:8e:c1:
0d:dc:8d:00:56:97:1f:1b:66:81:b3:79:47:dc:2e:e7:68:3b:
28:7c:12:f9:f7:c4:6c:c9:9f:7f:36:1b:68:d1:1f:ca:c6:9c:
6e:9d:fa:0b:6f:79:d3:28:76:38:3d:9a:80:4b:c6:7d:ee:88:
c2:f4:29:47:d8:37:28:48:6d:54:2c:51:e6:64:65:b8:76:e3:
88:f0:ee:75
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAMHZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNjEyMDU0NzU2WhcNMjQwNjI1MDU0NzU2WjAYMRYw
FAYDVQQDEw02NjY5MzY4Zi1iZjg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0IJc6DewDGq1abvQLdD/c/adVe4Q7FvWKKpniEhkZkRv6jpls4W2y7QD
w1IeZv7z+oSPdYnHva1mptOV9N4ZW4pHiTpdnoZnalW0iv2bJUloukdHvNgvSY/t
nrZnbqgsUdhOSgMdbRA5O+riTD5upNh66LxinrbIcB5tfk6mkz7EjbRwWqRaBKsx
2XPg8NXkd9A2exEF68gF4+CuWAyeOuRYxnsgdwYGWsv2UOsu8OfjlzJq/Pz5YeQS
kNAHQ4LYZiQ3CcHLKt8gaIPPbitwIcbPoYrs08B/Al3DWoRp1vcWrBZWjXUdNgFY
NW/tg2A7mcDfVJ9fmGkgUNiK3/23cwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPSv
jJTSo9E92dAJWG6CSlk+OFFOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MzExQTg5NjI4N0YxMUVGOUYwMDk4MkY3RERDMjRDMi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHml6AMA0GCSqGSIb3DQEB
CwUAA4IBAQCQMlUcAqgPga/3MJIxCZloNTZyxuEvrLKuOL1QqIC6GMuK4/WsJWJ+
7RW0EbQX1LWfHsWzsueg9+LNTKPpX3szv72XnjdmXXDReljQcw3glm1Z+gx7GGbb
vVO2GrrkShtis0RdXDfBNJPOHIVYqDJtApBC7DpSWFcPyE1Sbp3cM2zQBe7x3urK
qc6UVu17YTNrsFi/L4jo/QcxM7+DkP/kpXuq7dcjH7AtI6af4Xr3VvDqjsEN3I0A
VpcfG2aBs3lH3C7naDsofBL598RsyZ9/Nhto0R/KxpxunfoLb3nTKHY4PZqAS8Z9
7ojC9ClH2DcoSG1ULFHmZGW4duOI8O51
-----END CERTIFICATE-----
Generated at Tue Jun 25 13:07:58 2024 by rpki-client on console-ams.rpki-client.org