Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DE2F3F48CDF11EEA752BF694AD9E6FC.roa
File: 2DE2F3F48CDF11EEA752BF694AD9E6FC.roa (raw, json)
Hash identifier: /qfFcNa6o/ztXe1HMGUrCfSUhXNTefT4VgJPJ+iugjQ=
Subject key identifier: 57:07:D8:8B:7B:A7:1F:31:46:A6:25:B2:02:B5:0F:94:48:89:7E:45
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 551D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DE2F3F48CDF11EEA752BF694AD9E6FC.roa
Signing time: Mon 27 Nov 2023 04:41:07 +0000
ROA not before: Mon 27 Nov 2023 04:41:04 +0000
ROA not after: Tue 26 Dec 2023 04:41:04 +0000
asID: 62240
IP address blocks: 154.195.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21789 (0x551d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 27 04:41:04 2023 GMT
Not After : Dec 26 04:41:04 2023 GMT
Subject: CN=65641de3-a75a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:72:10:e8:b4:b7:80:fe:15:42:bc:e1:13:bf:
fb:c5:83:ac:ab:d8:fc:e5:44:58:70:fc:9a:34:39:
71:ee:3f:39:54:26:52:69:67:93:4d:0f:be:e9:70:
97:a3:a1:00:a1:e0:c2:93:4e:d2:f8:3b:ee:62:35:
13:5c:83:a1:0b:0e:b3:62:56:06:37:ab:47:79:a2:
bf:af:6c:b2:d3:10:d7:f4:12:2a:5c:4b:39:0a:39:
23:14:12:82:3f:c3:a7:e4:78:ad:3b:9c:f7:fe:e9:
b6:3a:c1:56:9b:32:53:07:f4:1d:40:93:5a:25:e3:
28:f1:98:e1:75:93:45:45:83:ba:2d:52:f5:e2:8a:
9a:d0:88:95:c5:c1:d6:59:20:63:af:e1:7c:77:79:
5f:4f:fa:0f:f5:ce:03:4d:ec:04:9c:b1:20:85:d8:
a2:2d:f7:a3:2a:29:fc:06:76:53:b7:48:52:9c:30:
01:44:50:28:27:f3:cd:45:02:b3:c2:76:54:ca:bb:
27:a4:1b:08:d5:1a:37:50:1f:7c:cd:a7:38:24:d4:
66:f2:5e:00:3a:6a:b8:a3:fb:a1:36:54:43:89:79:
3c:7c:e1:4b:4d:77:ba:b1:c8:5f:29:ab:4e:56:42:
09:3c:bd:bb:fd:be:03:92:28:25:c5:f2:e0:b6:65:
f1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:07:D8:8B:7B:A7:1F:31:46:A6:25:B2:02:B5:0F:94:48:89:7E:45
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DE2F3F48CDF11EEA752BF694AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.189.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:a7:0f:db:98:3b:d1:62:d4:06:d3:eb:6f:ef:5b:68:3f:2e:
1e:4b:76:7b:6e:50:e7:4d:fa:30:b9:b0:7c:0c:10:15:0a:8b:
7a:7e:b3:30:df:29:46:93:1b:2f:61:70:1d:35:20:3e:78:d6:
de:5f:7d:c5:9b:c5:5d:3e:63:39:18:8d:a1:4b:79:f3:be:78:
2c:81:5c:4d:f5:58:ec:7a:f2:f0:62:5f:e1:26:87:3e:25:df:
39:f1:4d:56:01:b5:72:ce:b0:7d:4f:6f:8c:0a:db:6a:24:f2:
77:f6:01:dc:26:b5:54:71:38:b1:a8:8a:f8:5c:2b:61:fb:72:
f6:25:30:be:7d:03:28:33:3b:b7:b1:26:25:33:ad:f7:b9:d9:
ca:27:2d:bd:07:27:bf:c7:08:f9:aa:a4:ff:96:43:5e:e7:1d:
e0:21:cb:3a:ff:ed:ae:6c:ce:4e:6b:0d:03:86:d4:1b:d9:38:
ea:2c:da:54:98:20:c0:35:2f:06:f9:1f:ad:cf:3b:18:73:3d:
0f:9b:4b:aa:17:bd:8f:ac:b2:7a:0c:03:e2:60:95:03:8c:65:
2f:75:90:63:58:92:58:32:f1:c9:5b:39:9c:29:55:ee:fd:85:
d2:96:21:ef:b3:ed:83:25:5f:ce:7e:09:ac:30:31:6f:15:a2:
02:3d:93:b3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVR0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjcwNDQxMDRaFw0yMzEyMjYwNDQxMDRaMBgxFjAU
BgNVBAMTDTY1NjQxZGUzLWE3NWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzchDotLeA/hVCvOETv/vFg6yr2PzlRFhw/Jo0OXHuPzlUJlJpZ5NND77p
cJejoQCh4MKTTtL4O+5iNRNcg6ELDrNiVgY3q0d5or+vbLLTENf0EipcSzkKOSMU
EoI/w6fkeK07nPf+6bY6wVabMlMH9B1Ak1ol4yjxmOF1k0VFg7otUvXiiprQiJXF
wdZZIGOv4Xx3eV9P+g/1zgNN7AScsSCF2KIt96MqKfwGdlO3SFKcMAFEUCgn881F
ArPCdlTKuyekGwjVGjdQH3zNpzgk1GbyXgA6arij+6E2VEOJeTx84UtNd7qxyF8p
q05WQgk8vbv9vgOSKCXF8uC2ZfHdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUVwfY
i3unHzFGpiWyArUPlEiJfkUwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzJERTJGM0Y0OENERjExRUVBNzUyQkY2OTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaw70wDQYJKoZIhvcNAQEL
BQADggEBAKynD9uYO9Fi1AbT62/vW2g/Lh5LdntuUOdN+jC5sHwMEBUKi3p+szDf
KUaTGy9hcB01ID541t5ffcWbxV0+YzkYjaFLefO+eCyBXE31WOx68vBiX+Emhz4l
3znxTVYBtXLOsH1Pb4wK22ok8nf2AdwmtVRxOLGoivhcK2H7cvYlML59AygzO7ex
JiUzrfe52conLb0HJ7/HCPmqpP+WQ17nHeAhyzr/7a5szk5rDQOG1BvZOOos2lSY
IMA1Lwb5H63POxhzPQ+bS6oXvY+ssnoMA+JglQOMZS91kGNYklgy8clbOZwpVe79
hdKWIe+z7YMlX85+CawwMW8VogI9k7M=
-----END CERTIFICATE-----
Generated at Fri May 9 11:03:04 2025 by rpki-client