Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95A6A53A070411F0B787F59C762E951A.roa
File: 95A6A53A070411F0B787F59C762E951A.roa (raw, json)
Hash identifier: qeJEdgf7qOJoqLyYYsKV2HbulZVcZaYzYpd33tb1UR8=
Subject key identifier: 7E:19:BE:C1:51:BE:6F:36:61:77:77:54:82:A9:44:DD:C4:FB:F2:6A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017582
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95A6A53A070411F0B787F59C762E951A.roa
Signing time: Sat 22 Mar 2025 10:01:12 +0000
ROA not before: Sat 22 Mar 2025 10:01:08 +0000
ROA not after: Sun 30 Mar 2025 10:01:08 +0000
asID: 142403
IP address blocks: 154.221.16.0/24 maxlen: 24
154.221.17.0/24 maxlen: 24
154.221.18.0/24 maxlen: 24
154.221.19.0/24 maxlen: 24
154.221.20.0/24 maxlen: 24
154.221.21.0/24 maxlen: 24
154.221.22.0/24 maxlen: 24
154.221.23.0/24 maxlen: 24
154.221.24.0/24 maxlen: 24
154.221.25.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95618 (0x17582)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 22 10:01:08 2025 GMT
Not After : Mar 30 10:01:08 2025 GMT
Subject: CN=67de8a68-6f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:da:ba:1f:5c:c5:60:34:2d:d4:64:de:3e:b5:
69:2c:e2:b2:65:3c:fd:cd:48:5a:33:56:bb:a7:0e:
ee:f8:9f:b3:c9:37:f0:18:23:16:bc:ac:d8:5f:74:
44:3c:f6:47:d7:f7:5a:7c:78:6b:ab:9c:c1:62:cc:
71:2d:b3:b6:9c:64:91:46:f0:7f:ac:29:2b:6d:c1:
48:e2:7f:e2:3e:27:49:34:53:f6:06:c9:28:ea:3c:
8a:1d:b9:6c:75:dd:ca:93:e9:bf:38:0f:90:6e:80:
2c:db:ff:62:4d:b9:8e:d3:19:74:96:03:59:bf:c7:
28:a4:7d:74:8c:42:ed:08:b6:0f:1d:09:94:99:57:
ae:ec:27:c3:b0:95:bf:81:f8:87:64:8f:1b:08:ab:
09:20:97:2d:44:26:2c:d4:fc:24:e1:d5:c2:86:9a:
18:bd:93:fd:42:03:25:dd:db:8b:8b:8c:2a:8a:c3:
c1:4d:42:92:50:64:4f:78:d2:d3:0b:10:1c:22:a1:
ca:65:2c:c1:72:ae:ef:38:94:6a:45:a1:98:b4:bc:
f6:fa:96:12:6e:e1:a0:f7:89:9b:8a:76:e1:69:5c:
fd:4f:82:f9:01:e3:cc:61:43:68:09:2b:a3:17:02:
c8:6d:29:02:86:af:c0:48:e9:6e:dd:dc:d3:ea:1a:
1e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:19:BE:C1:51:BE:6F:36:61:77:77:54:82:A9:44:DD:C4:FB:F2:6A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95A6A53A070411F0B787F59C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.16.0-154.221.25.255
Signature Algorithm: sha256WithRSAEncryption
a8:b3:22:dc:44:8d:9c:67:eb:bd:9e:ad:8f:73:24:0f:a7:e0:
8b:e3:1d:04:cb:b2:83:28:84:a1:6c:e5:c1:38:7d:23:63:d4:
cf:98:6b:d4:7d:3f:c4:d5:41:9a:b2:10:b7:24:29:c7:f8:1e:
72:3c:f1:6e:63:74:10:a0:37:b6:ce:df:cb:70:55:29:4c:73:
84:ee:71:68:a8:dc:88:49:87:07:44:71:92:35:8d:e3:6c:5e:
fe:5b:49:62:99:af:9b:29:e3:a5:9d:7e:59:73:5a:50:d9:69:
e4:c2:13:bf:60:0a:c7:59:c9:60:9c:f3:e0:cf:5a:01:13:61:
5b:a3:95:23:9b:f2:1e:ce:d0:f9:b4:5e:93:d4:74:87:ad:9e:
40:9f:80:c5:60:ce:35:3d:b6:da:15:db:e0:7d:7b:9f:26:9c:
04:bc:b2:3e:39:d5:24:7e:c0:9b:47:ce:02:f2:73:86:22:5d:
0d:ac:2f:df:75:e2:03:df:00:6c:ec:af:60:24:31:53:36:8d:
16:f7:7e:4d:58:bf:c1:b0:a2:40:a9:33:1f:36:73:d5:a6:55:
7e:88:d4:ba:77:97:ea:d9:c1:59:49:0d:09:b0:14:99:51:18:
b7:25:67:58:d9:3c:c5:c3:9e:ea:59:df:0a:8d:8f:de:bb:2c:
90:4a:ec:e1
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAXWCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIyMTAwMTA4WhcNMjUwMzMwMTAwMTA4WjAYMRYw
FAYDVQQDEw02N2RlOGE2OC02ZjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1dq6H1zFYDQt1GTePrVpLOKyZTz9zUhaM1a7pw7u+J+zyTfwGCMWvKzY
X3REPPZH1/dafHhrq5zBYsxxLbO2nGSRRvB/rCkrbcFI4n/iPidJNFP2Bsko6jyK
Hblsdd3Kk+m/OA+QboAs2/9iTbmO0xl0lgNZv8copH10jELtCLYPHQmUmVeu7CfD
sJW/gfiHZI8bCKsJIJctRCYs1Pwk4dXChpoYvZP9QgMl3duLi4wqisPBTUKSUGRP
eNLTCxAcIqHKZSzBcq7vOJRqRaGYtLz2+pYSbuGg94mbinbhaVz9T4L5AePMYUNo
CSujFwLIbSkChq/ASOlu3dzT6hoeIwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFH4Z
vsFRvm82YXd3VIKpRN3E+/JqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NUE2QTUzQTA3MDQxMUYwQjc4N0Y1OUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASa3RADBAGa3RgwDQYJ
KoZIhvcNAQELBQADggEBAKizItxEjZxn672erY9zJA+n4IvjHQTLsoMohKFs5cE4
fSNj1M+Ya9R9P8TVQZqyELckKcf4HnI88W5jdBCgN7bO38twVSlMc4TucWio3IhJ
hwdEcZI1jeNsXv5bSWKZr5sp46WdfllzWlDZaeTCE79gCsdZyWCc8+DPWgETYVuj
lSOb8h7O0Pm0XpPUdIetnkCfgMVgzjU9ttoV2+B9e58mnAS8sj451SR+wJtHzgLy
c4YiXQ2sL9914gPfAGzsr2AkMVM2jRb3fk1Yv8GwokCpMx82c9WmVX6I1Lp3l+rZ
wVlJDQmwFJlRGLclZ1jZPMXDnupZ3wqNj967LJBK7OE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:02:32 2025 by rpki-client