Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C73D9A63BBC11F0BD8A23C1DAE4EC9C.roa
File: 2C73D9A63BBC11F0BD8A23C1DAE4EC9C.roa (raw, json)
Hash identifier: 8XOBaRJMxR5Rwu1LkwvPs4ZQ65+C5lPDsPI8+iO365M=
Subject key identifier: 16:0A:8A:49:F8:3C:DF:8A:99:37:40:52:66:A5:CE:C0:05:6D:92:40
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01835E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C73D9A63BBC11F0BD8A23C1DAE4EC9C.roa
Signing time: Wed 28 May 2025 12:06:24 +0000
ROA not before: Wed 28 May 2025 12:06:19 +0000
ROA not after: Sat 07 Jun 2025 12:06:19 +0000
asID: 3561
IP address blocks: 154.197.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99166 (0x1835e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 28 12:06:19 2025 GMT
Not After : Jun 7 12:06:19 2025 GMT
Subject: CN=6836fc40-b74c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a5:1c:26:f2:a0:3d:d2:93:93:3c:27:9d:99:
56:dd:8f:64:59:66:7b:5f:6d:2b:5d:61:68:b5:9c:
cf:fc:10:31:b0:8b:07:4d:81:e1:cb:b9:1a:95:1f:
6d:d2:0b:b1:a1:13:57:99:ca:e9:0a:a0:62:83:f6:
d2:4c:62:66:5f:00:0e:55:28:70:f2:2a:07:55:51:
af:de:c6:fb:f3:4d:1c:fe:2a:d4:48:37:cd:1c:4c:
f3:ed:03:57:2b:ef:7e:b9:35:59:f7:88:16:ae:ba:
39:49:32:e6:67:29:5f:e9:5e:25:13:d1:4f:d8:11:
3f:f5:2b:74:19:f5:93:ed:26:81:82:34:33:06:05:
3c:58:25:d4:b6:87:b4:14:ae:db:9b:e2:1d:ce:b6:
b6:db:9a:fc:a1:19:56:e2:43:22:49:2a:7e:6d:8d:
fb:10:56:cb:6b:f9:bd:1b:9c:86:45:7c:1d:ca:0a:
95:8c:4f:6e:68:e2:ba:9c:5e:73:89:b5:58:c9:b0:
80:29:88:21:23:3f:a7:c1:dd:5f:69:4f:95:39:9a:
c1:9f:b3:39:17:f8:0e:c1:8e:0b:dc:83:0a:54:6b:
3c:ca:e8:d6:79:5f:c9:fe:5b:bf:46:8b:2e:57:2c:
b1:ae:ab:2c:e0:63:1f:9e:5c:07:f0:f8:ad:64:eb:
1e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0A:8A:49:F8:3C:DF:8A:99:37:40:52:66:A5:CE:C0:05:6D:92:40
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C73D9A63BBC11F0BD8A23C1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.8.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:71:f8:0c:3f:b1:50:ce:a3:ff:8f:a3:22:b8:45:30:d7:5e:
81:59:37:56:06:e5:a7:f1:fc:8d:b4:40:64:20:85:cf:b2:eb:
a0:b8:27:54:58:27:12:fe:90:07:9d:b5:d4:ef:80:84:62:7f:
d0:9b:24:f5:83:c1:5b:48:8b:0b:66:9d:19:b1:76:dd:7f:78:
e7:04:51:02:0b:be:fd:ad:29:66:6e:85:90:62:81:27:2f:1e:
f5:2a:8d:a1:7a:fc:d1:ae:f0:e4:0d:f2:ec:95:f1:10:fc:01:
e5:6b:30:da:af:39:f3:d9:be:a0:43:92:98:ad:66:69:eb:5f:
87:7a:b2:eb:af:69:d3:fc:e9:d7:ec:2c:4e:93:67:ef:7e:1e:
fe:83:1b:53:c2:9d:4c:9b:17:d8:58:75:9b:1e:68:af:6e:7c:
4a:4c:ca:b2:a7:4a:59:e1:f0:9b:17:f5:cb:f8:f3:df:69:71:
16:d7:1b:a9:db:6b:9b:c8:74:19:3f:2b:85:41:64:d4:8d:51:
14:dc:ed:4e:37:07:18:2d:dd:14:16:86:4e:52:28:17:0b:2c:
14:65:66:5c:05:c8:9e:14:06:c5:90:be:c7:45:05:9d:b1:a0:
be:40:36:26:d8:e6:51:10:e4:17:e3:d7:ab:1b:35:40:87:69:
8c:29:a1:b1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYNeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI4MTIwNjE5WhcNMjUwNjA3MTIwNjE5WjAYMRYw
FAYDVQQDEw02ODM2ZmM0MC1iNzRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtaUcJvKgPdKTkzwnnZlW3Y9kWWZ7X20rXWFotZzP/BAxsIsHTYHhy7ka
lR9t0guxoRNXmcrpCqBig/bSTGJmXwAOVShw8ioHVVGv3sb7800c/irUSDfNHEzz
7QNXK+9+uTVZ94gWrro5STLmZylf6V4lE9FP2BE/9St0GfWT7SaBgjQzBgU8WCXU
toe0FK7bm+Idzra225r8oRlW4kMiSSp+bY37EFbLa/m9G5yGRXwdygqVjE9uaOK6
nF5zibVYybCAKYghIz+nwd1faU+VOZrBn7M5F/gOwY4L3IMKVGs8yujWeV/J/lu/
RosuVyyxrqss4GMfnlwH8PitZOseLQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBYK
ikn4PN+KmTdAUmalzsAFbZJAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQzczRDlBNjNCQkMxMUYwQkQ4QTIzQzFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsUIMA0GCSqGSIb3DQEB
CwUAA4IBAQCucfgMP7FQzqP/j6MiuEUw116BWTdWBuWn8fyNtEBkIIXPsuuguCdU
WCcS/pAHnbXU74CEYn/QmyT1g8FbSIsLZp0ZsXbdf3jnBFECC779rSlmboWQYoEn
Lx71Ko2hevzRrvDkDfLslfEQ/AHlazDarznz2b6gQ5KYrWZp61+HerLrr2nT/OnX
7CxOk2fvfh7+gxtTwp1MmxfYWHWbHmivbnxKTMqyp0pZ4fCbF/XL+PPfaXEW1xup
22ubyHQZPyuFQWTUjVEU3O1ONwcYLd0UFoZOUigXCywUZWZcBcieFAbFkL7HRQWd
saC+QDYm2OZREOQX49erGzVAh2mMKaGx
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:26:44 2025 by rpki-client