Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4268FF788A8A11EEBE9D15774AD9E6FC.roa
File: 4268FF788A8A11EEBE9D15774AD9E6FC.roa (raw, json)
Hash identifier: 3sQ8MNYlGpzmGhMXGpcarmplP8tL1/LKCdBz8Z4/z50=
Subject key identifier: A3:08:00:84:01:FD:A9:27:F4:1C:C1:85:63:A1:6C:39:8E:3F:D0:0D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 5334
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4268FF788A8A11EEBE9D15774AD9E6FC.roa
Signing time: Fri 24 Nov 2023 05:28:12 +0000
ROA not before: Fri 24 Nov 2023 05:28:09 +0000
ROA not after: Tue 26 Dec 2023 05:28:09 +0000
asID: 62240
IP address blocks: 154.195.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21300 (0x5334)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 05:28:09 2023 GMT
Not After : Dec 26 05:28:09 2023 GMT
Subject: CN=6560346c-9586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:44:f7:f0:ed:cc:82:05:d7:3f:f0:67:48:ba:
93:3b:7b:38:97:0a:cc:d7:14:9b:fc:cc:dc:06:20:
03:cf:68:a7:0f:97:01:98:86:c5:de:06:4e:a9:c4:
9e:72:9e:39:93:c7:a8:1b:22:1a:3a:dc:8e:1e:fb:
4f:df:15:db:ab:27:84:0a:18:26:17:3a:80:56:54:
1b:0d:8c:ff:64:91:5d:31:5b:8b:6f:58:28:bd:d8:
de:5f:5f:17:ea:d9:80:da:44:80:5a:89:68:b7:d5:
2f:89:1a:72:cc:13:3a:8a:fa:bc:b3:c2:bb:d5:a8:
09:6d:ec:5c:26:9b:b9:d3:47:eb:92:c9:7e:52:7e:
6c:fa:ee:89:cc:6c:63:2e:08:2b:de:27:54:fc:82:
c1:f7:8e:ea:8b:04:eb:27:89:9f:f0:c6:1a:78:df:
1b:b9:86:07:06:f6:47:f8:33:92:86:3f:b7:e5:a8:
3f:16:b3:f9:12:ee:14:8a:e3:a5:5b:6d:4b:6f:e6:
12:d9:b2:b7:08:7a:1b:bc:b6:11:6f:e1:d6:56:b9:
53:34:32:11:a7:75:a1:db:42:50:e0:03:97:6f:3e:
4b:5e:b7:78:0c:40:a0:2c:49:15:45:c0:17:13:0b:
0b:c5:ac:66:68:d7:71:79:86:aa:06:c5:c9:33:03:
9d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:08:00:84:01:FD:A9:27:F4:1C:C1:85:63:A1:6C:39:8E:3F:D0:0D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4268FF788A8A11EEBE9D15774AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.151.0/24
Signature Algorithm: sha256WithRSAEncryption
64:94:79:38:42:73:a1:ba:a5:53:a0:4e:43:83:30:68:73:8f:
2b:8a:e9:c2:28:99:19:11:ed:c4:84:19:38:56:c2:84:73:86:
92:fb:b9:e1:9c:38:82:9f:1d:28:c6:bb:f0:26:3b:e9:b0:10:
79:4d:af:74:bf:55:96:3c:50:b6:c7:b5:fd:3e:b2:e7:6d:55:
87:50:94:75:f4:41:fe:90:5e:60:39:bf:a4:16:6d:e9:67:ab:
10:53:06:06:18:b9:24:ac:9f:bc:e2:a2:8b:bf:89:14:bf:a9:
3f:76:6f:f9:f3:71:f9:aa:60:4b:5b:f7:fe:96:96:08:f9:ff:
7f:42:d9:75:8c:7e:ca:11:90:3a:2e:8a:90:4d:7f:02:b5:c3:
7a:08:1f:58:43:fe:4a:d3:7e:17:5b:90:14:8b:7f:20:b4:23:
95:ab:d2:36:9b:9d:f9:e0:e9:db:95:c7:52:ef:0c:49:bd:cd:
4e:14:1f:6c:fe:c8:f4:46:71:41:4e:bd:ae:03:a4:a2:6b:b2:
70:29:8a:e4:18:89:4d:05:e4:83:1d:8e:4f:38:57:58:ab:b5:
0c:bb:e9:80:1c:7f:b5:ce:52:c3:19:c5:99:dd:cf:a9:19:9d:
2e:ff:ec:a8:2c:ab:76:8a:b7:17:83:f3:d1:59:5e:6a:b3:4e:
2f:26:59:90
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICUzQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNTI4MDlaFw0yMzEyMjYwNTI4MDlaMBgxFjAU
BgNVBAMTDTY1NjAzNDZjLTk1ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/RPfw7cyCBdc/8GdIupM7eziXCszXFJv8zNwGIAPPaKcPlwGYhsXeBk6p
xJ5ynjmTx6gbIho63I4e+0/fFdurJ4QKGCYXOoBWVBsNjP9kkV0xW4tvWCi92N5f
Xxfq2YDaRIBaiWi31S+JGnLMEzqK+ryzwrvVqAlt7Fwmm7nTR+uSyX5Sfmz67onM
bGMuCCveJ1T8gsH3juqLBOsniZ/wxhp43xu5hgcG9kf4M5KGP7flqD8Ws/kS7hSK
46VbbUtv5hLZsrcIehu8thFv4dZWuVM0MhGndaHbQlDgA5dvPktet3gMQKAsSRVF
wBcTCwvFrGZo13F5hqoGxckzA52DAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUowgA
hAH9qSf0HMGFY6FsOY4/0A0wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzQyNjhGRjc4OEE4QTExRUVCRTlEMTU3NzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaw5cwDQYJKoZIhvcNAQEL
BQADggEBAGSUeThCc6G6pVOgTkODMGhzjyuK6cIomRkR7cSEGThWwoRzhpL7ueGc
OIKfHSjGu/AmO+mwEHlNr3S/VZY8ULbHtf0+sudtVYdQlHX0Qf6QXmA5v6QWbeln
qxBTBgYYuSSsn7zioou/iRS/qT92b/nzcfmqYEtb9/6Wlgj5/39C2XWMfsoRkDou
ipBNfwK1w3oIH1hD/krTfhdbkBSLfyC0I5Wr0jabnfng6duVx1LvDEm9zU4UH2z+
yPRGcUFOva4DpKJrsnApiuQYiU0F5IMdjk84V1irtQy76YAcf7XOUsMZxZndz6kZ
nS7/7Kgsq3aKtxeD89FZXmqzTi8mWZA=
-----END CERTIFICATE-----
Generated at Fri May 9 12:51:32 2025 by rpki-client