Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/16D32A92F16211EFBD7B9C9E762E951A.roa
File: 16D32A92F16211EFBD7B9C9E762E951A.roa (raw, json)
Hash identifier: SeOhHoprBsq9opz0xcXFekKGUB53FWqQsL2oyxgA264=
Subject key identifier: 57:4D:49:59:CF:46:F8:61:6F:DD:65:17:CE:55:B2:DE:18:3E:7A:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015A7C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/16D32A92F16211EFBD7B9C9E762E951A.roa
Signing time: Sat 22 Feb 2025 21:15:06 +0000
ROA not before: Sat 22 Feb 2025 21:15:03 +0000
ROA not after: Wed 26 Mar 2025 21:15:03 +0000
asID: 8796
IP address blocks: 154.201.72.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88700 (0x15a7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 22 21:15:03 2025 GMT
Not After : Mar 26 21:15:03 2025 GMT
Subject: CN=67ba3e5a-316a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a5:a3:0b:6e:ab:6b:48:25:e8:2e:d3:72:3d:
8e:26:17:bd:c4:b0:2b:90:05:db:b6:a1:c4:a3:9a:
d9:10:94:ba:18:cc:9f:d6:3c:13:bd:78:61:0e:d5:
35:ca:ba:8f:13:88:c1:0f:19:59:09:5a:68:e9:8c:
b0:85:00:b0:a0:47:b6:06:b7:ea:6d:b1:9b:a2:de:
e7:de:88:ef:ef:93:dc:6e:25:6d:b9:ca:ba:17:2e:
35:e9:53:d7:c1:e1:0a:09:a8:91:c1:d4:bc:a1:9f:
9f:79:52:f7:bb:14:76:c4:38:61:d9:23:b5:7f:1b:
24:e3:33:ec:19:6d:af:06:61:51:d1:ec:10:fb:e7:
b3:0c:7b:75:95:46:d2:20:f1:65:ba:09:94:f7:c3:
06:56:5b:54:3a:de:dd:34:b0:04:c5:3c:88:e4:10:
33:b1:37:ac:2c:38:cc:82:61:5f:83:e5:8e:91:61:
99:ff:6a:fb:e0:02:eb:46:3f:19:81:05:32:2d:c4:
4d:b2:3c:71:f0:db:d8:6f:0e:52:b5:bf:c8:9c:ae:
30:b0:a9:49:bb:ec:ef:14:b0:1d:49:de:2c:3e:67:
de:1c:b0:f6:6e:fa:cd:ec:fd:b2:6f:a2:af:4f:60:
87:a0:74:01:b8:7b:70:b0:ea:12:73:c5:0d:cf:f9:
e8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:4D:49:59:CF:46:F8:61:6F:DD:65:17:CE:55:B2:DE:18:3E:7A:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/16D32A92F16211EFBD7B9C9E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.72.0/21
Signature Algorithm: sha256WithRSAEncryption
a9:6d:87:7a:8a:df:ff:c1:4c:7c:a0:cb:1c:be:7c:4a:0d:39:
94:b4:3c:f7:b4:bb:c5:4a:ff:b7:bf:9a:e8:d8:74:77:18:84:
bd:7e:67:79:9f:ef:c6:aa:43:af:e7:f8:f8:1b:91:9e:4b:25:
a9:10:53:ad:b4:f8:cc:e1:bb:7b:b9:ef:76:4b:7e:62:59:a3:
c6:5c:6b:28:2c:f4:87:4e:5e:c5:6a:27:5c:7b:93:67:9d:80:
a1:28:93:da:11:4d:34:be:0b:63:58:4b:74:24:83:3a:f3:46:
74:8f:52:d3:95:dd:fb:fe:59:be:16:92:bc:e1:02:3e:55:3c:
e1:16:b6:e1:5f:f6:ac:db:df:23:9c:d9:ce:98:07:7d:f5:05:
c2:7a:b8:0e:fb:88:00:9b:82:8a:61:41:46:30:94:22:82:8e:
65:ea:72:99:b9:35:11:86:35:1a:69:cd:2a:87:b7:04:d4:87:
a3:af:59:e6:d3:10:2e:87:31:c9:53:a9:bd:90:41:5b:68:b0:
5a:f8:cd:68:42:58:cc:8b:aa:b7:25:23:86:5b:b9:0c:8a:6b:
10:e5:6a:49:7a:b4:5d:d7:f0:4f:dd:54:9d:71:24:d4:8c:d5:
bf:7e:37:ca:a2:47:3e:63:07:3a:22:3e:a0:11:bb:6c:0b:b9:
37:0d:ad:78
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVp8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIyMjExNTAzWhcNMjUwMzI2MjExNTAzWjAYMRYw
FAYDVQQDEw02N2JhM2U1YS0zMTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy6WjC26ra0gl6C7Tcj2OJhe9xLArkAXbtqHEo5rZEJS6GMyf1jwTvXhh
DtU1yrqPE4jBDxlZCVpo6YywhQCwoEe2BrfqbbGbot7n3ojv75PcbiVtucq6Fy41
6VPXweEKCaiRwdS8oZ+feVL3uxR2xDhh2SO1fxsk4zPsGW2vBmFR0ewQ++ezDHt1
lUbSIPFlugmU98MGVltUOt7dNLAExTyI5BAzsTesLDjMgmFfg+WOkWGZ/2r74ALr
Rj8ZgQUyLcRNsjxx8NvYbw5Stb/InK4wsKlJu+zvFLAdSd4sPmfeHLD2bvrN7P2y
b6KvT2CHoHQBuHtwsOoSc8UNz/noiwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFdN
SVnPRvhhb91lF85Vst4YPnrYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNkQzMkE5MkYxNjIxMUVGQkQ3QjlDOUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmslIMA0GCSqGSIb3DQEB
CwUAA4IBAQCpbYd6it//wUx8oMscvnxKDTmUtDz3tLvFSv+3v5ro2HR3GIS9fmd5
n+/GqkOv5/j4G5GeSyWpEFOttPjM4bt7ue92S35iWaPGXGsoLPSHTl7Faidce5Nn
nYChKJPaEU00vgtjWEt0JIM680Z0j1LTld37/lm+FpK84QI+VTzhFrbhX/as298j
nNnOmAd99QXCergO+4gAm4KKYUFGMJQigo5l6nKZuTURhjUaac0qh7cE1Iejr1nm
0xAuhzHJU6m9kEFbaLBa+M1oQljMi6q3JSOGW7kMimsQ5WpJerRd1/BP3VSdcSTU
jNW/fjfKokc+Ywc6Ij6gEbtsC7k3Da14
-----END CERTIFICATE-----
Generated at Fri May 9 06:49:28 2025 by rpki-client