![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99649430294B11EF8ABD98207DDC24C2.roa
File: 99649430294B11EF8ABD98207DDC24C2.roa (raw, json)
Hash identifier: 4oK6F/H73rTgmloBFvVInDP5AayqRZFbAZRFv5ED0AQ=
Subject key identifier: C1:0C:E5:51:B2:87:E7:B6:E0:34:E1:46:8C:BE:97:98:4E:92:08:21
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: C20E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99649430294B11EF8ABD98207DDC24C2.roa
Signing time: Thu 13 Jun 2024 06:10:14 +0000
ROA not before: Thu 13 Jun 2024 06:10:11 +0000
ROA not after: Fri 21 Jun 2024 06:10:11 +0000
asID: 44559
IP address blocks: 154.205.224.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49678 (0xc20e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 13 06:10:11 2024 GMT
Not After : Jun 21 06:10:11 2024 GMT
Subject: CN=666a8d46-cfec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:67:25:da:7c:3e:9a:55:c6:24:e4:72:8d:51:
2b:8a:64:c5:1a:44:e0:1d:d5:44:b8:a6:91:b3:e0:
1e:c6:2d:2e:52:a6:00:21:a4:e3:27:99:ed:7a:4d:
43:ba:db:3e:fa:da:8d:3c:1a:cf:33:b3:5c:6e:df:
4e:2e:10:93:cb:b7:03:67:cc:d9:d6:4f:4c:a8:dd:
7c:a3:26:4e:26:ad:c1:13:d0:a1:d6:2c:7d:ec:e3:
8c:4a:56:6a:6c:47:c6:b4:12:e6:25:16:bf:53:66:
e0:d9:d7:36:5b:af:a8:43:f9:cd:87:eb:e6:7c:42:
ba:67:7c:6a:c2:bc:e7:c1:1e:e8:a8:aa:98:b6:11:
11:30:d8:a2:8c:26:d7:64:88:64:a4:8b:b5:56:0d:
47:20:02:e9:c1:4b:43:2e:f8:6c:27:f9:ca:6e:2c:
40:07:f3:0e:b1:4e:4e:6b:8d:f0:aa:ee:b2:87:97:
cf:96:e9:30:1b:13:8c:a3:bf:87:70:5f:a9:e8:37:
c4:1c:78:a8:68:dc:5e:56:9c:8d:6a:ce:1f:f3:e7:
1b:b2:01:28:21:0a:96:a9:be:9a:81:e5:f3:92:90:
32:cd:f6:0a:0d:d8:f5:71:af:75:62:b1:94:03:47:
66:da:12:f5:6e:bd:5f:3a:cc:5e:7e:dc:a7:9e:0f:
16:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:0C:E5:51:B2:87:E7:B6:E0:34:E1:46:8C:BE:97:98:4E:92:08:21
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99649430294B11EF8ABD98207DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.224.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:f4:70:85:6a:6e:1d:ae:5f:73:75:71:b3:f7:4b:23:a1:db:
1e:80:90:9b:b1:d9:d7:c6:d2:a4:a9:ef:62:d9:47:38:a4:50:
12:78:29:c7:6a:e8:e7:1d:3c:30:d5:6e:16:b8:3b:d0:e9:24:
e3:c2:bc:93:3e:61:a7:8f:f5:80:72:ac:b1:3a:cc:1a:d5:21:
a4:64:88:57:4a:e5:12:36:53:5b:07:af:2a:a5:af:fe:39:a4:
06:e5:2f:aa:2e:66:57:9a:64:7b:1d:f0:c9:b5:0c:76:f7:aa:
bc:19:eb:93:4d:bb:8a:ab:e6:4d:ad:5d:4c:bb:a4:60:94:7f:
58:43:8e:ac:4d:df:53:15:78:af:57:0a:04:7e:c0:e7:22:15:
3f:4e:03:3a:ac:6f:02:ef:06:cd:bd:f6:97:19:61:25:7c:97:
b1:11:96:9a:ef:69:ea:af:11:14:e3:71:2c:c3:05:82:13:3c:
12:bf:4f:57:24:78:08:00:23:dd:5b:fb:d6:26:11:f3:61:01:
af:26:6b:f2:78:3a:3c:fe:d9:7c:1c:eb:02:6d:1b:1f:23:ba:
b1:13:91:e6:73:20:10:f8:9c:9c:0d:d0:f0:fb:50:ac:f4:7d:
be:46:88:74:3f:8a:13:8c:0e:e1:e8:b5:2d:e9:3a:c2:d1:68:
62:55:a6:ad
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAMIOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNjEzMDYxMDExWhcNMjQwNjIxMDYxMDExWjAYMRYw
FAYDVQQDEw02NjZhOGQ0Ni1jZmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp2cl2nw+mlXGJORyjVErimTFGkTgHdVEuKaRs+Aexi0uUqYAIaTjJ5nt
ek1Duts++tqNPBrPM7Ncbt9OLhCTy7cDZ8zZ1k9MqN18oyZOJq3BE9Ch1ix97OOM
SlZqbEfGtBLmJRa/U2bg2dc2W6+oQ/nNh+vmfEK6Z3xqwrznwR7oqKqYthERMNii
jCbXZIhkpIu1Vg1HIALpwUtDLvhsJ/nKbixAB/MOsU5Oa43wqu6yh5fPlukwGxOM
o7+HcF+p6DfEHHioaNxeVpyNas4f8+cbsgEoIQqWqb6ageXzkpAyzfYKDdj1ca91
YrGUA0dm2hL1br1fOsxeftynng8WlwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMEM
5VGyh+e24DThRoy+l5hOkgghMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OTY0OTQzMDI5NEIxMUVGOEFCRDk4MjA3RERDMjRDMi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFms3gMA0GCSqGSIb3DQEB
CwUAA4IBAQBt9HCFam4drl9zdXGz90sjodsegJCbsdnXxtKkqe9i2Uc4pFASeCnH
aujnHTww1W4WuDvQ6STjwryTPmGnj/WAcqyxOswa1SGkZIhXSuUSNlNbB68qpa/+
OaQG5S+qLmZXmmR7HfDJtQx296q8GeuTTbuKq+ZNrV1Mu6RglH9YQ46sTd9TFXiv
VwoEfsDnIhU/TgM6rG8C7wbNvfaXGWElfJexEZaa72nqrxEU43EswwWCEzwSv09X
JHgIACPdW/vWJhHzYQGvJmvyeDo8/tl8HOsCbRsfI7qxE5HmcyAQ+JycDdDw+1Cs
9H2+Roh0P4oTjA7h6LUt6TrC0WhiVaat
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:57:31 2024 by rpki-client on console-ams.rpki-client.org