Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/056E5342F4D911EFBCAFCE72762E951A.roa
File: 056E5342F4D911EFBCAFCE72762E951A.roa (raw, json)
Hash identifier: aee69CHRTmCpIU17TWTXzADvu+RngY6qZbNDj2xjcbM=
Subject key identifier: E0:7A:EA:63:40:05:CB:BE:30:65:62:00:D9:BC:3E:5A:D7:5E:47:E8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01668D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/056E5342F4D911EFBCAFCE72762E951A.roa
Signing time: Thu 27 Feb 2025 07:04:01 +0000
ROA not before: Thu 27 Feb 2025 07:03:57 +0000
ROA not after: Fri 28 Mar 2025 07:03:57 +0000
asID: 214413
IP address blocks: 154.193.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91789 (0x1668d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 07:03:57 2025 GMT
Not After : Mar 28 07:03:57 2025 GMT
Subject: CN=67c00e61-e7f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a4:12:13:fe:7a:ad:02:79:1b:af:d2:be:2c:
40:35:b8:4e:fe:e9:a8:de:47:8b:9d:79:25:e8:43:
68:66:dd:62:cd:ed:24:69:cc:9e:d3:01:2d:4a:3d:
a7:7c:76:90:b8:69:eb:46:6d:d1:12:4d:d2:70:20:
b0:a7:65:8c:76:44:ee:4c:da:f5:51:6a:dc:0c:33:
3a:01:02:6b:3b:c7:c5:ce:97:dc:e2:81:6b:d1:88:
e7:dd:28:1e:52:ab:19:06:3f:42:b2:e6:8b:0d:48:
01:00:35:7f:7c:56:b1:22:64:0a:e5:e3:06:13:b0:
19:e0:4d:30:1c:31:73:7f:0a:7b:fa:86:cc:74:32:
5a:5e:c7:72:eb:fd:e1:95:46:ec:81:0d:2d:58:62:
85:cc:a6:18:cc:cb:46:04:3f:f5:d4:7f:85:8e:c1:
0e:98:72:f6:a9:d8:f5:a5:f9:9d:3a:8a:c4:d7:2c:
0f:d9:a9:2d:e5:e1:78:af:eb:e0:f7:60:3c:a8:7d:
11:49:b3:4f:39:22:84:7d:54:f2:37:ee:6d:b4:70:
f7:c8:8e:f0:89:4c:68:50:97:79:d2:ff:91:60:74:
ca:b4:56:b9:63:1b:b0:97:29:80:ae:10:e3:75:9b:
60:b7:d6:49:b7:2f:c9:67:7d:70:b7:18:65:19:62:
44:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7A:EA:63:40:05:CB:BE:30:65:62:00:D9:BC:3E:5A:D7:5E:47:E8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/056E5342F4D911EFBCAFCE72762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.168.0/22
Signature Algorithm: sha256WithRSAEncryption
53:59:a9:d3:02:bc:27:97:9d:77:86:27:86:92:8e:42:64:a1:
33:33:56:8e:6c:21:59:b2:7e:72:c9:5b:ba:ad:cd:4e:17:91:
3d:43:d6:14:40:44:fe:d3:20:f7:fb:ac:07:12:92:ff:96:ab:
cb:76:70:f0:a2:6b:67:80:2e:03:4e:61:8d:71:7b:77:13:94:
33:b2:bf:32:46:5d:80:b5:de:69:6e:cd:c5:af:f3:ad:d3:72:
48:55:b7:bc:d1:c5:2f:f8:ab:c9:51:0a:88:1a:50:9a:e9:09:
2e:b9:7e:35:06:7c:c5:d7:23:d4:74:5b:84:5c:b3:c3:49:12:
fd:86:26:a5:9b:18:ab:72:1c:99:b9:e5:23:b9:d4:da:ba:b8:
4f:1c:93:8e:72:d2:c6:89:bb:21:16:9c:78:b9:94:cb:7a:3b:
17:2f:6b:c6:69:cf:a6:e3:32:72:2c:17:01:34:cf:df:ab:39:
58:b5:a3:09:5e:37:32:d9:ea:d8:13:a1:62:41:17:e0:d9:ac:
6a:95:da:36:58:22:47:ca:17:33:1d:41:dc:36:90:f0:44:ea:
43:61:91:e1:08:08:11:c0:f0:a2:a8:43:f9:94:8a:4e:a1:d0:
39:45:a5:57:65:72:11:c9:58:7a:93:e5:bb:fd:f0:9b:d5:e5:
17:28:9a:1b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWaNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDcwMzU3WhcNMjUwMzI4MDcwMzU3WjAYMRYw
FAYDVQQDEw02N2MwMGU2MS1lN2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvaQSE/56rQJ5G6/SvixANbhO/umo3keLnXkl6ENoZt1ize0kacye0wEt
Sj2nfHaQuGnrRm3REk3ScCCwp2WMdkTuTNr1UWrcDDM6AQJrO8fFzpfc4oFr0Yjn
3SgeUqsZBj9CsuaLDUgBADV/fFaxImQK5eMGE7AZ4E0wHDFzfwp7+obMdDJaXsdy
6/3hlUbsgQ0tWGKFzKYYzMtGBD/11H+FjsEOmHL2qdj1pfmdOorE1ywP2akt5eF4
r+vg92A8qH0RSbNPOSKEfVTyN+5ttHD3yI7wiUxoUJd50v+RYHTKtFa5YxuwlymA
rhDjdZtgt9ZJty/JZ31wtxhlGWJExwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOB6
6mNABcu+MGViANm8PlrXXkfoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNTZFNTM0MkY0RDkxMUVGQkNBRkNFNzI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsGoMA0GCSqGSIb3DQEB
CwUAA4IBAQBTWanTArwnl513hieGko5CZKEzM1aObCFZsn5yyVu6rc1OF5E9Q9YU
QET+0yD3+6wHEpL/lqvLdnDwomtngC4DTmGNcXt3E5Qzsr8yRl2Atd5pbs3Fr/Ot
03JIVbe80cUv+KvJUQqIGlCa6QkuuX41BnzF1yPUdFuEXLPDSRL9hialmxirchyZ
ueUjudTaurhPHJOOctLGibshFpx4uZTLejsXL2vGac+m4zJyLBcBNM/fqzlYtaMJ
Xjcy2erYE6FiQRfg2axqldo2WCJHyhczHUHcNpDwROpDYZHhCAgRwPCiqEP5lIpO
odA5RaVXZXIRyVh6k+W7/fCb1eUXKJob
-----END CERTIFICATE-----
Generated at Fri May 9 17:15:17 2025 by rpki-client