Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E927AFE8CDE11EE974DB0664AD9E6FC.roa
File: 3E927AFE8CDE11EE974DB0664AD9E6FC.roa (raw, json)
Hash identifier: w/rN6RAOFKnAt148+4er8HEQ64afjF142wehwhw/1Sc=
Subject key identifier: 7A:6D:54:99:5A:C0:20:F2:19:A9:02:A2:07:7D:EE:B4:78:7B:5F:DD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 5508
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E927AFE8CDE11EE974DB0664AD9E6FC.roa
Signing time: Mon 27 Nov 2023 04:34:26 +0000
ROA not before: Mon 27 Nov 2023 04:34:22 +0000
ROA not after: Tue 26 Dec 2023 04:34:22 +0000
asID: 62240
IP address blocks: 154.194.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21768 (0x5508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 27 04:34:22 2023 GMT
Not After : Dec 26 04:34:22 2023 GMT
Subject: CN=65641c51-caa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ce:c6:2a:05:87:f5:ff:0e:8c:80:f4:26:6e:
d1:10:86:57:79:b1:b8:b5:da:64:18:78:df:dc:f9:
24:7a:7a:cb:71:f3:32:1c:95:c1:de:9f:e8:26:00:
06:c7:da:18:1c:79:21:58:78:c7:83:2f:c8:11:16:
de:63:5c:fd:3e:27:45:bf:a4:a3:69:dd:69:71:d5:
75:6c:1e:29:39:8f:c2:8b:e3:06:16:f5:63:06:83:
2d:61:ac:f1:39:e7:af:c6:33:af:d0:2d:c9:59:22:
7e:28:a9:e1:2e:04:ff:56:ab:05:e8:97:e3:2b:33:
18:37:4c:07:62:9c:c5:07:6d:0a:1a:3c:4e:b5:31:
1f:10:db:70:74:79:30:cb:a0:24:fc:4f:44:35:ba:
b0:22:f4:29:7d:ed:21:38:cc:c9:36:d1:2b:89:68:
81:87:73:c1:f2:83:23:b0:da:f9:b2:b0:5d:67:8f:
50:bb:78:78:d7:65:87:3d:ec:8d:61:b1:49:27:4c:
78:ce:34:0f:9b:00:ae:2e:35:3a:76:97:a0:24:af:
d8:26:ae:6c:5d:dc:46:bd:a6:1d:02:e3:98:5a:8b:
0c:4a:94:18:dd:23:2e:b7:f6:ee:2c:db:c7:a1:b0:
f0:16:b0:d2:1a:61:e1:fa:53:71:28:ba:21:da:cb:
f2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:6D:54:99:5A:C0:20:F2:19:A9:02:A2:07:7D:EE:B4:78:7B:5F:DD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E927AFE8CDE11EE974DB0664AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.87.0/24
Signature Algorithm: sha256WithRSAEncryption
70:96:b7:a1:2d:c5:63:4d:9d:84:75:30:53:bc:7b:fa:19:17:
82:cb:9d:32:63:9e:63:ac:e3:f9:e1:95:2e:25:f5:f9:16:e5:
67:46:29:6f:6a:5e:ea:2c:b6:31:5a:14:16:50:a1:ec:09:04:
8e:4e:d5:ae:a7:97:c5:34:c9:6b:24:f4:68:7d:93:40:1a:3f:
66:6c:50:f9:a3:f5:59:0d:fe:08:a8:ef:10:d0:13:25:d3:75:
3a:c2:c4:92:cf:9b:54:f9:df:dc:08:5a:5a:65:19:d7:97:cb:
8d:73:3d:b6:56:ba:d8:69:86:6c:56:6f:59:70:16:e9:a4:7f:
57:c4:4b:dd:f0:37:b3:33:fa:f2:b9:d1:6b:1d:6a:c5:e4:65:
71:e7:cf:3c:ac:da:e9:65:86:54:fd:05:09:de:3d:ea:04:dd:
74:f8:6c:97:02:9c:af:2d:58:60:12:33:26:92:de:90:9d:10:
98:9e:1b:42:a1:0c:05:3e:a1:17:29:c3:ea:78:1b:32:c6:f3:
d0:aa:bc:10:52:54:1c:57:41:7b:33:fb:ef:97:d2:c4:d2:8f:
e0:d7:53:f6:62:af:3d:55:ce:77:bc:0c:88:cc:61:c5:2c:2a:
fb:ed:db:af:8f:7d:64:54:3e:f2:7c:93:f6:90:6c:63:30:0e:
ba:00:00:c1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVQgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjcwNDM0MjJaFw0yMzEyMjYwNDM0MjJaMBgxFjAU
BgNVBAMTDTY1NjQxYzUxLWNhYTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCrzsYqBYf1/w6MgPQmbtEQhld5sbi12mQYeN/c+SR6estx8zIclcHen+gm
AAbH2hgceSFYeMeDL8gRFt5jXP0+J0W/pKNp3Wlx1XVsHik5j8KL4wYW9WMGgy1h
rPE556/GM6/QLclZIn4oqeEuBP9WqwXol+MrMxg3TAdinMUHbQoaPE61MR8Q23B0
eTDLoCT8T0Q1urAi9Cl97SE4zMk20SuJaIGHc8HygyOw2vmysF1nj1C7eHjXZYc9
7I1hsUknTHjONA+bAK4uNTp2l6Akr9gmrmxd3Ea9ph0C45haiwxKlBjdIy639u4s
28ehsPAWsNIaYeH6U3EouiHay/LPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUem1U
mVrAIPIZqQKiB33utHh7X90wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzNFOTI3QUZFOENERTExRUU5NzREQjA2NjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACawlcwDQYJKoZIhvcNAQEL
BQADggEBAHCWt6EtxWNNnYR1MFO8e/oZF4LLnTJjnmOs4/nhlS4l9fkW5WdGKW9q
XuostjFaFBZQoewJBI5O1a6nl8U0yWsk9Gh9k0AaP2ZsUPmj9VkN/gio7xDQEyXT
dTrCxJLPm1T539wIWlplGdeXy41zPbZWuthphmxWb1lwFumkf1fES93wN7Mz+vK5
0WsdasXkZXHnzzys2ullhlT9BQnePeoE3XT4bJcCnK8tWGASMyaS3pCdEJieG0Kh
DAU+oRcpw+p4GzLG89CqvBBSVBxXQXsz+++X0sTSj+DXU/Zirz1Vzne8DIjMYcUs
Kvvt26+PfWRUPvJ8k/aQbGMwDroAAME=
-----END CERTIFICATE-----
Generated at Fri May 9 12:51:28 2025 by rpki-client