![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA3262E0287E11EFA3196A2B7DDC24C2.roa
File: CA3262E0287E11EFA3196A2B7DDC24C2.roa (raw, json)
Hash identifier: ALSBq0Llgy3len4OXj5VpYmQD3xEyvFlxZNbvJFvZL0=
Subject key identifier: 39:2E:97:74:F0:98:76:87:3B:02:E6:E7:3F:60:E1:B9:C8:7A:0E:EB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: C1D5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA3262E0287E11EFA3196A2B7DDC24C2.roa
Signing time: Wed 12 Jun 2024 05:44:10 +0000
ROA not before: Wed 12 Jun 2024 05:44:06 +0000
ROA not after: Tue 25 Jun 2024 05:44:06 +0000
asID: 44559
IP address blocks: 154.83.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49621 (0xc1d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 12 05:44:06 2024 GMT
Not After : Jun 25 05:44:06 2024 GMT
Subject: CN=666935a9-8417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:bf:5f:35:37:df:19:97:97:21:5e:4d:b1:e8:
4c:b0:7a:66:3f:76:64:b1:d0:71:83:27:2c:76:06:
06:8a:29:a5:32:ab:17:c4:f3:eb:c3:58:ab:0c:6b:
8a:12:b9:e6:9a:2a:23:17:8e:2d:6b:6d:01:c0:7e:
7a:ce:70:a2:bf:a4:40:82:c4:82:7c:8e:02:b4:59:
87:5f:19:c0:6b:a2:34:b0:cc:b7:b7:a0:51:9b:17:
b2:3f:8e:c1:17:98:0e:1c:b8:b7:ec:46:2e:5d:11:
38:86:12:a4:70:3d:79:58:d4:c8:af:8c:16:77:d9:
ab:1c:e8:b3:01:d1:90:80:ef:07:8d:9b:ce:68:b7:
72:b2:d8:a7:2f:38:a3:53:c0:72:3a:5f:76:47:bf:
45:6c:73:47:0e:cc:4f:a4:b0:0b:80:9f:a1:93:b4:
79:85:8d:11:3e:f9:7f:22:7f:5e:bd:e3:0a:57:71:
e1:79:f6:1c:c9:91:f9:e9:bb:a2:2f:9b:36:af:8c:
dd:30:4a:ec:e2:6d:68:67:10:73:fc:c8:f7:35:01:
1b:8b:7d:ba:02:cd:3d:b9:ae:72:9f:cd:51:24:71:
d3:e6:ad:52:a4:50:ba:be:42:b3:2a:4d:83:f9:04:
a0:19:ae:5e:c4:77:22:85:1d:7d:c6:d1:8e:7c:78:
20:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2E:97:74:F0:98:76:87:3B:02:E6:E7:3F:60:E1:B9:C8:7A:0E:EB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA3262E0287E11EFA3196A2B7DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.128.0/18
Signature Algorithm: sha256WithRSAEncryption
58:4f:ef:9b:0c:22:23:e7:3a:b5:e9:35:2c:26:23:7b:69:0b:
94:cf:a6:ae:01:31:bd:cf:37:bf:9d:0e:76:12:d7:13:c7:63:
de:6a:fa:a4:38:5b:79:00:37:76:13:a9:7b:cf:d7:52:77:27:
1b:6d:f8:ca:2c:b6:15:78:65:2a:47:fb:32:03:c5:e2:15:a6:
8e:fd:2e:52:2f:54:cf:7c:0d:51:71:e6:d3:52:15:d4:0e:d8:
6d:e1:0e:9c:a5:ad:d6:49:14:b8:0c:f6:e0:99:c6:65:3b:e4:
b6:b6:69:96:87:96:66:93:aa:e4:28:fd:5d:e3:cd:0d:7e:cf:
c7:a0:03:50:3f:ce:7f:36:ff:71:da:de:76:22:a3:b1:55:d1:
5f:4b:54:b5:ba:16:d4:f8:c4:a4:72:cf:56:0c:3c:4f:27:b1:
d2:fc:b6:bf:13:2c:4a:ee:6d:47:c9:83:52:e6:1e:d9:bf:39:
c7:c3:88:65:ae:ba:28:d4:45:cb:21:78:6d:ba:7e:59:80:92:
0f:1b:83:32:a7:ec:9d:d0:6c:bf:70:6e:ca:23:5a:97:96:e2:
09:6f:3b:d6:a2:3b:6a:38:75:c1:84:ef:a1:55:5d:ac:a8:cc:
d6:70:c8:cf:9e:aa:4f:13:d0:2e:f8:54:db:2d:7c:90:27:a0:
2a:01:99:b3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAMHVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNjEyMDU0NDA2WhcNMjQwNjI1MDU0NDA2WjAYMRYw
FAYDVQQDEw02NjY5MzVhOS04NDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9r9fNTffGZeXIV5NsehMsHpmP3ZksdBxgycsdgYGiimlMqsXxPPrw1ir
DGuKErnmmiojF44ta20BwH56znCiv6RAgsSCfI4CtFmHXxnAa6I0sMy3t6BRmxey
P47BF5gOHLi37EYuXRE4hhKkcD15WNTIr4wWd9mrHOizAdGQgO8HjZvOaLdystin
LzijU8ByOl92R79FbHNHDsxPpLALgJ+hk7R5hY0RPvl/In9eveMKV3HhefYcyZH5
6buiL5s2r4zdMErs4m1oZxBz/Mj3NQEbi326As09ua5yn81RJHHT5q1SpFC6vkKz
Kk2D+QSgGa5exHcihR19xtGOfHggswIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDku
l3TwmHaHOwLm5z9g4bnIeg7rMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQTMyNjJFMDI4N0UxMUVGQTMxOTZBMkI3RERDMjRDMi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmlOAMA0GCSqGSIb3DQEB
CwUAA4IBAQBYT++bDCIj5zq16TUsJiN7aQuUz6auATG9zze/nQ52EtcTx2Peavqk
OFt5ADd2E6l7z9dSdycbbfjKLLYVeGUqR/syA8XiFaaO/S5SL1TPfA1RcebTUhXU
Dtht4Q6cpa3WSRS4DPbgmcZlO+S2tmmWh5Zmk6rkKP1d480Nfs/HoANQP85/Nv9x
2t52IqOxVdFfS1S1uhbU+MSkcs9WDDxPJ7HS/La/EyxK7m1HyYNS5h7ZvznHw4hl
rroo1EXLIXhtun5ZgJIPG4Myp+yd0Gy/cG7KI1qXluIJbzvWojtqOHXBhO+hVV2s
qMzWcMjPnqpPE9Au+FTbLXyQJ6AqAZmz
-----END CERTIFICATE-----
Generated at Tue Jun 25 09:14:30 2024 by rpki-client on console-fra.rpki-client.org