Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0DE4718A8A8811EE8D7BDC6F4AD9E6FC.roa
File: 0DE4718A8A8811EE8D7BDC6F4AD9E6FC.roa (raw, json)
Hash identifier: TImEu7s+PYIxFWwA95psxBXkXCTwDJ8jVCRuNGZXMWk=
Subject key identifier: 86:01:D3:0F:EF:8F:BF:0C:57:52:19:D1:37:2E:9C:0B:CC:BD:8F:42
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 531A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0DE4718A8A8811EE8D7BDC6F4AD9E6FC.roa
Signing time: Fri 24 Nov 2023 05:12:25 +0000
ROA not before: Fri 24 Nov 2023 05:12:21 +0000
ROA not after: Tue 26 Dec 2023 05:12:21 +0000
asID: 62240
IP address blocks: 154.194.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21274 (0x531a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 05:12:21 2023 GMT
Not After : Dec 26 05:12:21 2023 GMT
Subject: CN=656030b9-3078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2b:79:b2:74:4c:79:98:f1:bd:5c:83:29:f7:
40:d8:86:07:1c:cf:b3:dd:83:65:6b:5b:06:0b:c7:
fe:c8:90:fb:66:42:e1:c5:b9:ab:79:c6:8d:bd:50:
da:f2:6d:0c:3c:9e:de:f0:41:4c:68:6b:82:80:ae:
aa:63:cf:e7:52:16:f7:6e:c2:20:59:3b:f4:2c:55:
31:7d:ae:f1:bb:25:c4:a8:f4:96:32:57:4c:20:37:
9d:e9:16:8b:cd:a9:70:6d:c9:03:bf:27:d7:cf:15:
76:27:f4:bf:d4:f1:af:3a:cc:f7:46:63:9c:ff:09:
81:7d:80:07:0c:7e:d4:06:6a:cd:31:8e:8f:3e:64:
91:3b:d5:7d:51:a5:1f:4e:cc:8c:bb:ab:3d:fc:f2:
5a:b2:77:c7:07:06:52:28:e0:7e:ae:55:79:c4:e4:
c2:07:22:f8:66:7d:28:ff:ab:d1:ce:33:bf:d3:82:
1f:fc:2e:ee:b0:94:8c:9b:ea:49:f0:7b:4b:b1:eb:
13:c3:ac:33:29:83:0f:e6:9d:bb:34:20:c4:33:bf:
2c:b4:12:bc:d0:b5:6c:ae:35:a6:a9:2b:15:9c:91:
0c:4b:a7:5a:d4:c7:95:a6:aa:8a:51:70:a1:98:0e:
bd:3d:9a:9a:c8:7d:96:ec:aa:c3:e2:ca:ec:f1:0e:
9a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:01:D3:0F:EF:8F:BF:0C:57:52:19:D1:37:2E:9C:0B:CC:BD:8F:42
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0DE4718A8A8811EE8D7BDC6F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.76.0/24
Signature Algorithm: sha256WithRSAEncryption
84:ec:12:81:30:61:6e:48:ec:59:ea:49:d7:02:21:1b:34:33:
79:d5:57:7f:91:bf:09:75:bc:78:16:39:63:cb:52:95:ed:de:
5e:f2:96:02:64:90:1e:83:cf:5c:c1:a6:27:4f:58:be:01:dd:
d8:e5:f1:34:c4:55:ee:bd:0f:12:4a:75:e7:2f:ff:19:31:12:
fd:33:56:aa:a9:95:23:c5:b0:25:98:9f:70:60:4f:50:76:aa:
24:44:cb:74:37:4a:52:d9:95:a6:c4:cf:8a:12:c0:30:c1:22:
0f:ad:f3:5e:70:43:61:0e:ee:fe:cb:af:01:1c:b6:3a:50:d7:
be:61:fc:16:3b:1c:eb:36:c6:b6:f8:ec:b8:58:74:cd:5b:df:
3c:eb:2d:f1:e0:d1:ec:75:57:18:e5:07:d9:ca:b5:6e:04:e5:
22:a2:ea:09:dd:7e:33:e0:30:f6:d4:85:b4:ce:37:b6:d5:e7:
56:be:87:bd:d6:ea:06:54:d4:06:7f:1c:4d:bb:77:f2:d3:27:
1a:16:c1:6d:10:d2:5e:dd:ef:a7:8d:c7:70:4b:ae:c0:13:5d:
19:77:88:7a:65:0e:bf:c6:c1:a3:e9:3b:17:6b:f6:18:5d:69:
7e:6a:50:ad:3c:a6:a9:43:c2:e7:67:1b:5e:61:b8:84:3e:30:
4a:a9:c3:bc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICUxowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNTEyMjFaFw0yMzEyMjYwNTEyMjFaMBgxFjAU
BgNVBAMTDTY1NjAzMGI5LTMwNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDgK3mydEx5mPG9XIMp90DYhgccz7Pdg2VrWwYLx/7IkPtmQuHFuat5xo29
UNrybQw8nt7wQUxoa4KArqpjz+dSFvduwiBZO/QsVTF9rvG7JcSo9JYyV0wgN53p
FovNqXBtyQO/J9fPFXYn9L/U8a86zPdGY5z/CYF9gAcMftQGas0xjo8+ZJE71X1R
pR9OzIy7qz388lqyd8cHBlIo4H6uVXnE5MIHIvhmfSj/q9HOM7/Tgh/8Lu6wlIyb
6knwe0ux6xPDrDMpgw/mnbs0IMQzvyy0ErzQtWyuNaapKxWckQxLp1rUx5WmqopR
cKGYDr09mprIfZbsqsPiyuzxDprlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhgHT
D++PvwxXUhnRNy6cC8y9j0IwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzBERTQ3MThBOEE4ODExRUU4RDdCREM2RjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACawkwwDQYJKoZIhvcNAQEL
BQADggEBAITsEoEwYW5I7FnqSdcCIRs0M3nVV3+Rvwl1vHgWOWPLUpXt3l7ylgJk
kB6Dz1zBpidPWL4B3djl8TTEVe69DxJKdecv/xkxEv0zVqqplSPFsCWYn3BgT1B2
qiREy3Q3SlLZlabEz4oSwDDBIg+t815wQ2EO7v7LrwEctjpQ175h/BY7HOs2xrb4
7LhYdM1b3zzrLfHg0ex1VxjlB9nKtW4E5SKi6gndfjPgMPbUhbTON7bV51a+h73W
6gZU1AZ/HE27d/LTJxoWwW0Q0l7d76eNx3BLrsATXRl3iHplDr/GwaPpOxdr9hhd
aX5qUK08pqlDwudnG15huIQ+MEqpw7w=
-----END CERTIFICATE-----
Generated at Fri May 9 11:04:05 2025 by rpki-client