Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21EFF3CA03DB11F0B33A64B7762E951A.roa
File: 21EFF3CA03DB11F0B33A64B7762E951A.roa (raw, json)
Hash identifier: RbZg3o+J5euDaFh8063ubrNu4m49tJriw1Iu4hPOQ5E=
Subject key identifier: 3C:22:6F:9A:10:12:34:83:22:46:8B:05:3E:EA:AE:A8:1E:0D:0B:5E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01747C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21EFF3CA03DB11F0B33A64B7762E951A.roa
Signing time: Tue 18 Mar 2025 09:26:55 +0000
ROA not before: Tue 18 Mar 2025 09:26:51 +0000
ROA not after: Fri 28 Mar 2025 09:26:51 +0000
asID: 133180
IP address blocks: 154.194.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95356 (0x1747c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 18 09:26:51 2025 GMT
Not After : Mar 28 09:26:51 2025 GMT
Subject: CN=67d93c5f-258d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:33:23:5d:25:9c:65:1c:51:5f:f0:71:34:8a:
a3:9b:12:45:8e:e8:9c:54:d4:52:2e:e5:65:b8:64:
d8:78:d2:e9:1b:34:df:c9:00:57:9a:4d:07:ec:03:
49:98:9f:7c:7c:05:68:5b:45:90:a2:a1:ab:bb:92:
1f:ad:7b:c1:6d:5a:a0:bd:2f:60:72:74:fa:be:bf:
89:7b:62:05:7c:2f:5d:d5:bc:5a:e5:a0:4f:43:b9:
4e:66:1b:89:2d:42:cf:86:ff:14:c2:35:ec:05:60:
f9:eb:0e:df:a3:be:76:e5:d1:0d:8d:6f:a6:df:32:
8b:d4:3d:0b:31:e7:9e:64:b7:1f:ca:99:ed:b7:f5:
d4:6b:5f:09:e0:8e:a4:ab:ac:36:1f:7a:a2:10:09:
54:7f:e1:bf:64:de:4f:cd:d8:6e:ec:f9:09:92:e9:
21:6f:d5:a7:a7:a8:d4:51:c4:ad:d7:fb:d2:21:68:
07:a4:1c:04:20:e8:3f:9d:b8:db:03:dd:92:f6:81:
27:fb:fc:0b:3c:e0:a1:eb:4f:bd:1c:a7:86:da:27:
1c:71:95:a5:cf:73:69:91:2c:28:f0:11:c3:5d:df:
29:9f:ec:f0:2f:3c:3e:22:2f:96:43:a9:0c:11:2c:
64:e3:eb:4b:99:37:33:b9:36:ab:8f:53:77:aa:f1:
37:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:22:6F:9A:10:12:34:83:22:46:8B:05:3E:EA:AE:A8:1E:0D:0B:5E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21EFF3CA03DB11F0B33A64B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.128.0/18
Signature Algorithm: sha256WithRSAEncryption
02:cb:ab:e6:ca:72:c4:4f:b1:63:37:96:6e:ef:85:d6:7b:44:
a9:af:be:7d:16:df:09:94:e2:86:59:81:c8:6d:31:c5:56:4e:
b5:4a:2d:90:9e:73:3c:12:50:06:ec:30:26:56:91:fe:4e:26:
01:cf:5d:9f:d4:98:c5:ac:20:a2:a6:d6:92:b6:c2:9b:3a:51:
42:30:24:17:7c:dc:cb:23:d6:18:63:10:b1:7d:e1:b0:70:fa:
68:c8:1f:89:d6:bf:c0:d0:35:ac:09:77:b1:21:be:40:c2:13:
48:16:a7:39:9d:a3:d6:43:6c:77:50:ec:6a:51:4c:dd:ae:7d:
b1:3a:ed:f9:77:52:89:b1:1b:60:fc:1c:38:24:22:fe:4e:80:
77:bc:08:d3:28:8d:9d:d7:b3:22:80:28:90:a3:f2:50:74:78:
49:96:6e:19:0a:d9:7d:e7:06:ce:53:7f:5e:9a:d9:69:8f:09:
60:37:07:28:02:78:af:ef:a2:70:3f:6c:36:a7:2b:a6:b6:0f:
2a:02:39:5f:5f:fa:41:2f:cb:c0:85:3f:01:5a:1a:58:69:b2:
cc:da:14:08:be:c1:8e:44:3e:60:77:9d:a4:80:b2:9a:1b:3d:
19:5a:48:25:57:ff:fa:39:d8:49:8f:6b:1e:ca:8b:dd:ed:c5:
76:22:e8:25
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXR8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE4MDkyNjUxWhcNMjUwMzI4MDkyNjUxWjAYMRYw
FAYDVQQDEw02N2Q5M2M1Zi0yNThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxTMjXSWcZRxRX/BxNIqjmxJFjuicVNRSLuVluGTYeNLpGzTfyQBXmk0H
7ANJmJ98fAVoW0WQoqGru5IfrXvBbVqgvS9gcnT6vr+Je2IFfC9d1bxa5aBPQ7lO
ZhuJLULPhv8UwjXsBWD56w7fo7525dENjW+m3zKL1D0LMeeeZLcfypntt/XUa18J
4I6kq6w2H3qiEAlUf+G/ZN5Pzdhu7PkJkukhb9Wnp6jUUcSt1/vSIWgHpBwEIOg/
nbjbA92S9oEn+/wLPOCh60+9HKeG2icccZWlz3NpkSwo8BHDXd8pn+zwLzw+Ii+W
Q6kMESxk4+tLmTczuTarj1N3qvE3zQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDwi
b5oQEjSDIkaLBT7qrqgeDQteMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMUVGRjNDQTAzREIxMUYwQjMzQTY0Qjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmsKAMA0GCSqGSIb3DQEB
CwUAA4IBAQACy6vmynLET7FjN5Zu74XWe0Spr759Ft8JlOKGWYHIbTHFVk61Si2Q
nnM8ElAG7DAmVpH+TiYBz12f1JjFrCCiptaStsKbOlFCMCQXfNzLI9YYYxCxfeGw
cPpoyB+J1r/A0DWsCXexIb5AwhNIFqc5naPWQ2x3UOxqUUzdrn2xOu35d1KJsRtg
/Bw4JCL+ToB3vAjTKI2d17MigCiQo/JQdHhJlm4ZCtl95wbOU39emtlpjwlgNwco
Aniv76JwP2w2pyumtg8qAjlfX/pBL8vAhT8BWhpYabLM2hQIvsGORD5gd52kgLKa
Gz0ZWkglV//6OdhJj2seyovd7cV2Iugl
-----END CERTIFICATE-----
Generated at Fri May 9 06:34:43 2025 by rpki-client