Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20DE268CF40E11EFA828FA6A762E951A.roa
File: 20DE268CF40E11EFA828FA6A762E951A.roa (raw, json)
Hash identifier: rsGtPQOS0FUqjjOmbdzg4ymlm2B2BtgmBNKKlFVPbNU=
Subject key identifier: A0:13:7D:FB:E7:CE:AE:77:D9:EC:BC:C6:39:AE:31:5B:8A:5E:B1:D7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016103
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20DE268CF40E11EFA828FA6A762E951A.roa
Signing time: Wed 26 Feb 2025 06:51:39 +0000
ROA not before: Wed 26 Feb 2025 06:51:35 +0000
ROA not after: Fri 28 Mar 2025 06:51:35 +0000
asID: 214413
IP address blocks: 154.193.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90371 (0x16103)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 26 06:51:35 2025 GMT
Not After : Mar 28 06:51:35 2025 GMT
Subject: CN=67beb9fb-ddd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:eb:30:34:ee:21:fb:e3:ae:3e:8e:92:26:b7:
a0:b9:35:d9:4b:85:23:bc:a9:50:e4:71:1f:f6:52:
6b:79:c3:be:45:09:6e:96:28:b3:ea:f0:f1:ef:97:
f9:c1:da:84:b3:07:00:89:d6:ef:73:b4:f0:73:bd:
9e:65:c0:09:c2:14:1d:f5:4e:26:aa:a8:c9:23:5a:
67:ae:e5:b0:82:75:52:3c:68:ca:19:2e:ec:2f:3d:
bd:57:08:32:73:6a:b3:87:43:0a:9f:ea:2a:53:3d:
df:16:aa:3b:ea:c4:bb:6f:1a:94:dc:88:5f:e1:5d:
79:48:c4:eb:c7:1b:dc:1d:6f:30:31:b5:93:b0:2f:
78:bb:bd:40:bb:f2:b3:b5:b8:e9:88:a6:5d:8a:cd:
cf:e5:f3:56:26:be:c3:35:eb:1b:d4:e4:6e:64:e2:
0f:b6:b6:d0:e5:12:fe:79:76:a5:98:0e:2a:a0:4b:
f9:a4:df:6f:b9:65:ea:c5:6d:41:c5:99:c5:64:43:
7a:1d:5d:18:7e:d8:6b:20:3d:99:71:e4:50:d5:e5:
82:67:03:2c:46:3a:58:ce:7b:8b:af:a2:21:a5:d9:
47:ae:79:f4:20:77:87:b3:8c:c8:24:a9:b9:5f:e6:
d9:73:dd:b9:48:a6:bc:01:4c:3d:88:1b:10:f2:3b:
d4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:13:7D:FB:E7:CE:AE:77:D9:EC:BC:C6:39:AE:31:5B:8A:5E:B1:D7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20DE268CF40E11EFA828FA6A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.168.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:d5:93:da:97:b2:6f:1a:03:f0:6a:7c:91:fd:d2:86:0f:2b:
cb:e7:c2:1b:65:9a:41:14:5e:ff:83:2f:0c:0f:f2:27:b5:39:
32:2f:e6:b8:1b:89:78:df:75:3e:79:03:3f:b1:7f:c8:1c:c9:
b2:21:4a:98:48:66:8f:1c:0e:1b:06:81:1f:1c:cf:81:84:9b:
2a:a2:c5:79:97:5a:9c:31:2c:87:2b:12:cd:e4:0c:9f:40:21:
12:20:40:76:ee:1b:89:c2:67:d7:00:10:f6:c9:3c:cf:01:e6:
de:8a:c7:ee:48:8a:12:ab:32:35:1d:45:8c:25:2a:d9:a2:32:
59:05:4b:cf:ef:f8:4d:10:cb:98:7d:c9:28:bb:c8:f0:1c:6c:
9a:dc:45:84:e4:87:b0:9c:e8:0e:83:fc:92:b8:b7:3c:78:a6:
68:69:7c:4f:4e:b9:99:5e:c7:7c:63:9d:41:09:0a:97:c6:aa:
83:88:2e:24:6c:6f:b1:a9:49:9b:ef:ef:ec:ac:56:7b:fb:95:
b0:4a:78:3b:7c:88:ea:bc:26:c1:8a:04:f0:aa:c7:ff:e1:e4:
3f:dd:dc:a6:ea:6c:60:9b:b4:f9:db:78:46:c4:38:8f:c9:bf:
49:31:fd:fd:68:6f:bb:1d:8b:dc:81:b4:6f:19:67:4e:14:e4:
38:95:06:a8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWEDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDY1MTM1WhcNMjUwMzI4MDY1MTM1WjAYMRYw
FAYDVQQDEw02N2JlYjlmYi1kZGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz+swNO4h++OuPo6SJreguTXZS4UjvKlQ5HEf9lJrecO+RQluliiz6vDx
75f5wdqEswcAidbvc7Twc72eZcAJwhQd9U4mqqjJI1pnruWwgnVSPGjKGS7sLz29
Vwgyc2qzh0MKn+oqUz3fFqo76sS7bxqU3Ihf4V15SMTrxxvcHW8wMbWTsC94u71A
u/KztbjpiKZdis3P5fNWJr7DNesb1ORuZOIPtrbQ5RL+eXalmA4qoEv5pN9vuWXq
xW1BxZnFZEN6HV0YfthrID2ZceRQ1eWCZwMsRjpYznuLr6IhpdlHrnn0IHeHs4zI
JKm5X+bZc925SKa8AUw9iBsQ8jvUVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKAT
ffvnzq532ey8xjmuMVuKXrHXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMERFMjY4Q0Y0MEUxMUVGQTgyOEZBNkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsGoMA0GCSqGSIb3DQEB
CwUAA4IBAQA+1ZPal7JvGgPwanyR/dKGDyvL58IbZZpBFF7/gy8MD/IntTkyL+a4
G4l433U+eQM/sX/IHMmyIUqYSGaPHA4bBoEfHM+BhJsqosV5l1qcMSyHKxLN5Ayf
QCESIEB27huJwmfXABD2yTzPAebeisfuSIoSqzI1HUWMJSrZojJZBUvP7/hNEMuY
fckou8jwHGya3EWE5IewnOgOg/ySuLc8eKZoaXxPTrmZXsd8Y51BCQqXxqqDiC4k
bG+xqUmb7+/srFZ7+5WwSng7fIjqvCbBigTwqsf/4eQ/3dym6mxgm7T523hGxDiP
yb9JMf39aG+7HYvcgbRvGWdOFOQ4lQao
-----END CERTIFICATE-----
Generated at Fri May 9 12:23:01 2025 by rpki-client