Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A5868D6EF9511EFBA35F660762E951A.roa
File: 1A5868D6EF9511EFBA35F660762E951A.roa (raw, json)
Hash identifier: Ag7c6XSvdIMh/uLTiw5843OfN9MUgIOx7Nal4SZBuiQ=
Subject key identifier: A0:41:B0:1B:31:F9:27:1F:01:6E:34:AD:24:E8:31:A4:B5:F7:28:0B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01591F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A5868D6EF9511EFBA35F660762E951A.roa
Signing time: Thu 20 Feb 2025 14:15:14 +0000
ROA not before: Thu 20 Feb 2025 14:15:11 +0000
ROA not after: Thu 20 Mar 2025 14:15:11 +0000
asID: 54600
IP address blocks: 154.89.160.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88351 (0x1591f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 20 14:15:11 2025 GMT
Not After : Mar 20 14:15:11 2025 GMT
Subject: CN=67b738f2-14c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e1:23:38:5f:0c:70:64:76:f4:1e:17:a9:e2:
da:74:e3:be:c2:3d:72:33:25:25:98:d8:f4:5d:5c:
39:36:0b:ca:40:e3:11:8e:dc:b9:94:8a:57:3a:8c:
23:c1:72:92:00:eb:4c:31:22:25:d4:33:37:53:db:
96:e2:fa:11:32:da:11:fc:0d:ec:89:cf:0c:d7:88:
60:61:94:7a:d2:b7:a2:60:93:2b:b4:fc:62:7c:0d:
26:26:06:34:a9:ec:84:da:39:07:b9:3a:07:0f:00:
91:9d:a2:a9:17:fc:e9:4d:31:8e:12:19:51:70:f7:
11:da:82:ac:b3:0f:0d:96:ec:d4:7e:0b:1d:44:1a:
cb:32:db:b3:fb:af:58:68:a3:c3:03:2b:86:bf:bc:
9d:0c:4d:2f:64:b9:b9:3a:98:dd:33:e8:71:e4:ba:
cb:44:df:78:99:e1:82:0b:f0:f1:33:5b:3c:ce:88:
70:a3:85:df:50:dd:a2:db:cc:e2:4d:46:66:3e:11:
dd:f4:13:81:07:23:b5:4c:63:df:a1:1c:4d:f2:81:
bb:a3:bf:22:20:a5:dc:60:91:f8:4e:a2:53:47:95:
a6:73:90:7c:2f:be:78:5c:4f:89:d7:a6:e9:dd:8d:
0f:f0:6e:9d:73:93:4b:45:17:a8:8b:d8:23:4e:51:
1e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:41:B0:1B:31:F9:27:1F:01:6E:34:AD:24:E8:31:A4:B5:F7:28:0B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A5868D6EF9511EFBA35F660762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.160.0/19
Signature Algorithm: sha256WithRSAEncryption
5e:f2:0e:e0:97:ae:49:57:29:30:c5:39:c9:a9:13:50:28:ee:
8b:63:75:67:c5:b4:d8:22:1f:2f:1d:8f:91:58:46:1f:f1:d4:
86:4d:76:d1:e8:af:79:e0:73:53:95:5d:f8:ae:a1:a1:d6:f7:
55:fe:bc:e2:05:5d:32:af:0d:4f:0e:02:19:3b:7c:f6:5f:ba:
ff:e7:a1:be:16:a1:5d:d6:98:45:6b:67:cb:86:0c:7e:aa:9e:
88:eb:f8:3a:a3:5e:d3:0c:7e:80:c7:88:2c:26:73:ef:b7:2d:
3c:ee:96:64:f7:9d:4f:38:60:1a:25:a7:de:fa:cf:2d:9d:96:
97:92:9f:2a:3a:d5:e6:4e:0b:40:1c:92:92:9d:7e:81:6b:85:
8a:7b:35:95:79:70:6b:1f:6d:a8:51:bc:df:b2:50:3e:3e:5d:
8d:35:9c:65:6e:1c:a8:c2:35:9a:42:98:de:a4:3e:db:cc:cc:
c0:90:9d:88:44:c6:13:3b:8f:e0:b2:de:7c:ec:5e:b7:bd:6e:
e3:2a:e5:ab:aa:4a:ae:00:af:d5:89:dd:28:71:da:b2:df:9b:
30:ec:10:88:bd:55:27:68:0c:18:f9:03:e5:c4:1f:8e:be:e3:
e2:3c:1d:09:77:3b:90:94:d3:54:b3:3c:27:2d:58:cd:3d:bd:
c5:13:f0:b4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVkfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIwMTQxNTExWhcNMjUwMzIwMTQxNTExWjAYMRYw
FAYDVQQDEw02N2I3MzhmMi0xNGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5+EjOF8McGR29B4XqeLadOO+wj1yMyUlmNj0XVw5NgvKQOMRjty5lIpX
OowjwXKSAOtMMSIl1DM3U9uW4voRMtoR/A3sic8M14hgYZR60reiYJMrtPxifA0m
JgY0qeyE2jkHuToHDwCRnaKpF/zpTTGOEhlRcPcR2oKssw8NluzUfgsdRBrLMtuz
+69YaKPDAyuGv7ydDE0vZLm5OpjdM+hx5LrLRN94meGCC/DxM1s8zohwo4XfUN2i
28ziTUZmPhHd9BOBByO1TGPfoRxN8oG7o78iIKXcYJH4TqJTR5Wmc5B8L754XE+J
16bp3Y0P8G6dc5NLRReoi9gjTlEeMQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKBB
sBsx+ScfAW40rSToMaS19ygLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQTU4NjhENkVGOTUxMUVGQkEzNUY2NjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlmgMA0GCSqGSIb3DQEB
CwUAA4IBAQBe8g7gl65JVykwxTnJqRNQKO6LY3VnxbTYIh8vHY+RWEYf8dSGTXbR
6K954HNTlV34rqGh1vdV/rziBV0yrw1PDgIZO3z2X7r/56G+FqFd1phFa2fLhgx+
qp6I6/g6o17TDH6Ax4gsJnPvty087pZk951POGAaJafe+s8tnZaXkp8qOtXmTgtA
HJKSnX6Ba4WKezWVeXBrH22oUbzfslA+Pl2NNZxlbhyowjWaQpjepD7bzMzAkJ2I
RMYTO4/gst587F63vW7jKuWrqkquAK/Vid0ocdqy35sw7BCIvVUnaAwY+QPlxB+O
vuPiPB0JdzuQlNNUszwnLVjNPb3FE/C0
-----END CERTIFICATE-----
Generated at Fri May 9 09:42:46 2025 by rpki-client