Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3EF520568CDD11EEAEFD5E634AD9E6FC.roa
File: 3EF520568CDD11EEAEFD5E634AD9E6FC.roa (raw, json)
Hash identifier: SK4n5Sc3InN4CgbgbPyy7dBH/E4DViXpK7fvyQVcKj8=
Subject key identifier: 1B:07:2F:43:8C:73:8D:E7:8C:BA:8E:08:E7:D9:B2:C1:C5:7E:21:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 54EF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3EF520568CDD11EEAEFD5E634AD9E6FC.roa
Signing time: Mon 27 Nov 2023 04:27:17 +0000
ROA not before: Mon 27 Nov 2023 04:27:13 +0000
ROA not after: Tue 26 Dec 2023 04:27:13 +0000
asID: 62240
IP address blocks: 154.196.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21743 (0x54ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 27 04:27:13 2023 GMT
Not After : Dec 26 04:27:13 2023 GMT
Subject: CN=65641aa5-968b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f8:16:49:50:fd:b6:8d:6d:b2:0b:57:f7:a0:
fa:e9:e2:8f:1c:4f:e7:ef:4a:dd:14:59:50:71:66:
8c:7c:27:61:46:03:61:35:c2:2c:e4:85:49:de:73:
e4:35:63:fe:69:e3:6c:63:3e:d4:f9:f1:59:fe:f3:
50:2e:16:2c:f8:b8:e9:fc:f2:c6:1f:79:48:05:22:
2a:8a:25:2b:17:5e:5e:4c:48:d2:58:4b:e9:a2:26:
63:68:f3:c2:fb:fc:a9:93:91:82:48:2f:9c:47:70:
3b:23:0f:72:44:cb:54:97:ea:ce:59:9a:1d:89:5c:
5a:ee:9c:20:a6:23:09:fb:42:0c:c5:b1:73:99:9f:
c2:47:4e:bc:f5:f4:2a:0f:2c:28:87:4d:84:63:0d:
6a:c3:12:ca:99:51:6e:a1:3a:4b:84:72:49:22:32:
fd:f2:d6:05:53:cf:df:17:80:12:64:ad:55:ec:45:
09:48:e0:7b:cb:33:7c:12:93:58:64:85:ca:6d:3f:
3b:8e:81:85:39:a1:9a:e3:8d:a8:78:57:3e:97:aa:
e2:96:18:05:67:5e:59:a7:ec:c0:6b:8f:a6:fb:49:
33:bb:f3:5d:0a:ef:83:33:2f:b5:ab:06:85:ea:fc:
fe:c5:62:3a:f3:81:bd:e4:27:32:1d:4a:31:88:3b:
9e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:07:2F:43:8C:73:8D:E7:8C:BA:8E:08:E7:D9:B2:C1:C5:7E:21:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3EF520568CDD11EEAEFD5E634AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.64.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:16:0b:ca:e0:5d:5a:1b:98:cc:c8:13:80:a0:1d:98:57:b0:
20:4a:13:5b:c3:7f:0e:f1:61:75:5a:98:f4:bc:c6:e8:e7:ac:
1f:3a:77:84:23:dc:45:63:1a:41:d7:f6:32:8d:89:3a:ae:d9:
af:c5:5a:eb:f9:33:73:f2:83:87:b2:3b:c9:be:fd:6c:fe:b5:
04:82:9e:64:ca:89:16:74:39:85:3b:1c:7f:a2:82:3f:4c:f1:
50:e5:8b:7d:c5:6f:bd:aa:b4:11:6a:c6:49:5d:1f:36:35:4a:
68:c8:b1:e7:6c:21:db:67:33:b9:f9:33:77:07:81:64:f4:ff:
b7:84:78:57:84:81:dc:34:c9:aa:7c:f3:e5:c3:cc:29:9b:3b:
fa:82:c1:68:84:c4:d9:46:7f:a4:96:86:60:ff:fc:cc:9d:cd:
5c:3c:89:26:29:a4:9b:ad:e4:27:1a:79:2c:f7:39:21:51:9d:
6e:1c:c5:5e:cd:1e:3e:ca:4a:4a:f2:44:fc:b5:1a:eb:8a:87:
8a:f2:aa:f4:8d:8b:24:29:07:1e:05:cd:77:5b:3b:c9:0f:88:
13:46:b7:20:e6:0d:88:3a:3b:53:6a:a1:fd:28:7d:ed:ce:95:
e5:55:53:09:da:85:c6:55:72:9d:05:4b:62:b2:4c:49:fb:42:
65:fe:6f:c5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVO8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjcwNDI3MTNaFw0yMzEyMjYwNDI3MTNaMBgxFjAU
BgNVBAMTDTY1NjQxYWE1LTk2OGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDZ+BZJUP22jW2yC1f3oPrp4o8cT+fvSt0UWVBxZox8J2FGA2E1wizkhUne
c+Q1Y/5p42xjPtT58Vn+81AuFiz4uOn88sYfeUgFIiqKJSsXXl5MSNJYS+miJmNo
88L7/KmTkYJIL5xHcDsjD3JEy1SX6s5Zmh2JXFrunCCmIwn7QgzFsXOZn8JHTrz1
9CoPLCiHTYRjDWrDEsqZUW6hOkuEckkiMv3y1gVTz98XgBJkrVXsRQlI4HvLM3wS
k1hkhcptPzuOgYU5oZrjjah4Vz6XquKWGAVnXlmn7MBrj6b7STO7810K74MzL7Wr
BoXq/P7FYjrzgb3kJzIdSjGIO55xAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUGwcv
Q4xzjeeMuo4I59mywcV+IWkwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzNFRjUyMDU2OENERDExRUVBRUZENUU2MzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxEAwDQYJKoZIhvcNAQEL
BQADggEBAKUWC8rgXVobmMzIE4CgHZhXsCBKE1vDfw7xYXVamPS8xujnrB86d4Qj
3EVjGkHX9jKNiTqu2a/FWuv5M3Pyg4eyO8m+/Wz+tQSCnmTKiRZ0OYU7HH+igj9M
8VDli33Fb72qtBFqxkldHzY1SmjIsedsIdtnM7n5M3cHgWT0/7eEeFeEgdw0yap8
8+XDzCmbO/qCwWiExNlGf6SWhmD//MydzVw8iSYppJut5CcaeSz3OSFRnW4cxV7N
Hj7KSkryRPy1GuuKh4ryqvSNiyQpBx4FzXdbO8kPiBNGtyDmDYg6O1Nqof0ofe3O
leVVUwnahcZVcp0FS2KyTEn7QmX+b8U=
-----END CERTIFICATE-----
Generated at Fri May 9 12:41:13 2025 by rpki-client