Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DC8ACE28A8211EE8184935B4AD9E6FC.roa
File: 2DC8ACE28A8211EE8184935B4AD9E6FC.roa (raw, json)
Hash identifier: Yka5q2DqzoxFmxD5blPzcPHWba58FYpwWldHkqYpMBY=
Subject key identifier: A7:31:1A:A1:9C:FE:5F:56:B3:A3:E6:29:C6:BE:C8:19:04:18:C2:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 52DC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DC8ACE28A8211EE8184935B4AD9E6FC.roa
Signing time: Fri 24 Nov 2023 04:30:21 +0000
ROA not before: Fri 24 Nov 2023 04:30:18 +0000
ROA not after: Mon 25 Dec 2023 04:30:18 +0000
asID: 147176
IP address blocks: 154.84.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21212 (0x52dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 04:30:18 2023 GMT
Not After : Dec 25 04:30:18 2023 GMT
Subject: CN=656026dd-9eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:99:78:ed:2e:d8:95:ab:55:d5:98:0f:9b:02:
26:53:c5:d1:fb:82:1a:0e:5b:b8:c2:c4:27:f3:38:
d3:19:7e:ce:49:42:56:c0:eb:3a:01:61:14:22:98:
36:77:c6:05:9d:86:cd:7a:36:2c:c2:84:7e:d0:49:
02:32:bb:f9:ab:07:8b:41:70:9b:c6:d3:d5:f2:35:
7f:b6:b7:98:96:ba:76:10:c5:31:b7:4b:70:10:74:
97:2c:5a:cd:df:36:c6:61:bb:2e:62:a6:7b:16:a2:
4e:df:1f:bf:fa:15:b5:ea:4e:a9:8c:86:fb:e3:47:
7e:6b:22:ad:00:8f:78:23:4e:32:72:7b:f2:32:6e:
d2:1d:18:94:53:34:27:71:6e:11:dc:0b:22:1a:2f:
db:f4:5f:a2:b0:1a:aa:77:a6:9c:1f:dd:7d:f1:c4:
51:63:55:ca:74:c2:fa:fd:02:30:f7:38:0f:84:4d:
45:cc:65:d6:dd:94:9d:09:9b:0d:c2:e0:fd:f6:27:
8d:e3:15:fa:b4:22:52:99:a0:ed:c2:94:4f:da:99:
d3:56:a2:cb:1d:ef:9b:7d:8a:45:db:11:33:dc:c8:
b4:b5:a8:ce:5e:ba:1b:57:30:7f:d2:c8:ef:19:eb:
bd:e6:58:aa:57:6a:d1:c5:1d:c3:6e:8d:f7:ab:32:
83:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:31:1A:A1:9C:FE:5F:56:B3:A3:E6:29:C6:BE:C8:19:04:18:C2:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DC8ACE28A8211EE8184935B4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.153.0/24
Signature Algorithm: sha256WithRSAEncryption
25:34:ce:72:c1:17:5b:c0:fb:32:a0:32:4e:b1:ef:3f:08:39:
fe:c2:0b:e7:b5:39:05:ec:c8:c3:79:03:09:79:27:dc:8b:a6:
0b:a2:25:46:08:7c:76:7e:b8:ae:d4:80:34:01:a9:73:65:3a:
55:b0:d8:b6:bc:d3:bd:c7:e0:8b:f5:10:2a:d2:63:3b:f1:ff:
90:0b:d4:49:bd:c7:3c:b2:82:00:3e:b2:9f:20:8c:0e:62:2b:
7b:13:7b:c9:9f:32:13:e8:32:31:2e:3f:77:a1:a3:9c:4d:7f:
0e:06:23:4d:87:11:cf:3f:9d:c0:65:e1:e6:77:1a:ca:3d:7b:
83:a6:86:41:39:b2:c0:b4:78:bd:9c:1b:1d:78:db:91:1c:14:
74:72:08:ae:fc:33:55:7e:70:1b:a6:07:78:a3:74:a0:b1:1a:
a7:5a:c5:fa:03:1c:94:e2:22:db:43:b8:3f:c8:e7:bc:8c:4f:
ea:eb:1f:3f:b3:8d:06:c4:99:c6:73:ac:02:4b:05:d5:60:1b:
2b:65:03:81:a7:14:cc:18:3d:94:91:c0:e1:a8:24:0a:d2:28:
c1:04:0c:82:c1:7a:90:85:f2:4f:3f:77:39:e3:2a:5e:da:ab:
f2:fb:ec:e8:40:a9:06:04:8e:9d:56:37:be:fc:de:7e:1a:f6:
25:d3:85:7b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICUtwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNDMwMThaFw0yMzEyMjUwNDMwMThaMBgxFjAU
BgNVBAMTDTY1NjAyNmRkLTllYjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7mXjtLtiVq1XVmA+bAiZTxdH7ghoOW7jCxCfzONMZfs5JQlbA6zoBYRQi
mDZ3xgWdhs16NizChH7QSQIyu/mrB4tBcJvG09XyNX+2t5iWunYQxTG3S3AQdJcs
Ws3fNsZhuy5ipnsWok7fH7/6FbXqTqmMhvvjR35rIq0Aj3gjTjJye/IybtIdGJRT
NCdxbhHcCyIaL9v0X6KwGqp3ppwf3X3xxFFjVcp0wvr9AjD3OA+ETUXMZdbdlJ0J
mw3C4P32J43jFfq0IlKZoO3ClE/amdNWossd75t9ikXbETPcyLS1qM5euhtXMH/S
yO8Z673mWKpXatHFHcNujferMoMDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpzEa
oZz+X1azo+Ypxr7IGQQYwoQwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzJEQzhBQ0UyOEE4MjExRUU4MTg0OTM1QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaVJkwDQYJKoZIhvcNAQEL
BQADggEBACU0znLBF1vA+zKgMk6x7z8IOf7CC+e1OQXsyMN5Awl5J9yLpguiJUYI
fHZ+uK7UgDQBqXNlOlWw2La8073H4Iv1ECrSYzvx/5AL1Em9xzyyggA+sp8gjA5i
K3sTe8mfMhPoMjEuP3eho5xNfw4GI02HEc8/ncBl4eZ3Gso9e4OmhkE5ssC0eL2c
Gx1425EcFHRyCK78M1V+cBumB3ijdKCxGqdaxfoDHJTiIttDuD/I57yMT+rrHz+z
jQbEmcZzrAJLBdVgGytlA4GnFMwYPZSRwOGoJArSKMEEDILBepCF8k8/dznjKl7a
q/L77OhAqQYEjp1WN7783n4a9iXThXs=
-----END CERTIFICATE-----
Generated at Sun May 11 18:22:22 2025 by rpki-client