Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4771F7B2F51011EFBCFCDD6A762E951A.roa
File: 4771F7B2F51011EFBCFCDD6A762E951A.roa (raw, json)
Hash identifier: dTTQC8lCoFVEsAIH0XTJrQAu0IqeWTP4f5JuQ491+pE=
Subject key identifier: 19:13:61:3E:56:EB:D5:FB:5B:45:E7:A9:5D:24:35:DC:43:81:1F:2D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016894
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4771F7B2F51011EFBCFCDD6A762E951A.roa
Signing time: Thu 27 Feb 2025 13:39:34 +0000
ROA not before: Thu 27 Feb 2025 13:39:30 +0000
ROA not after: Wed 26 Mar 2025 13:39:30 +0000
asID: 62240
IP address blocks: 154.196.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92308 (0x16894)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 13:39:30 2025 GMT
Not After : Mar 26 13:39:30 2025 GMT
Subject: CN=67c06b16-9ef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3e:ed:38:ce:f0:21:9b:28:52:c4:60:19:3d:
2f:1c:5b:ee:21:2d:5d:80:2b:56:00:d4:52:fb:dc:
bf:cc:e8:d7:a1:d1:fc:76:9e:39:75:5c:d9:0a:ed:
0a:87:58:58:b1:95:4c:d2:26:00:b8:af:ac:98:db:
41:c0:71:f6:fe:f7:db:14:4e:c7:de:d9:4e:f7:84:
79:71:3a:ff:0d:56:62:75:13:c3:7f:c0:05:42:e5:
f4:94:a7:eb:de:26:6c:8a:2c:f3:0c:7a:b3:f7:af:
ca:60:68:be:ed:2f:34:f6:2a:d9:0f:2a:66:f4:0f:
f5:54:a4:be:62:45:5b:68:de:d6:9e:fa:7c:9c:32:
4b:37:ca:56:d1:fe:a5:6e:49:59:59:0b:c6:85:f4:
a7:16:1b:ac:b6:cf:37:00:44:2d:8b:97:fa:2a:b1:
77:ed:7b:60:8b:b6:8c:41:72:08:fa:b7:40:c5:6a:
ad:a6:01:9a:67:95:d8:53:50:47:6d:81:69:60:3b:
42:e6:62:e6:48:a6:32:6d:cf:89:ae:d0:1a:f8:a5:
68:40:cf:ad:bd:b5:00:51:f8:f4:d0:50:ac:f5:26:
3c:e6:2c:b5:85:9c:77:7b:35:ec:df:2c:56:2b:4a:
d4:98:c2:09:e5:f3:17:c5:70:e1:52:2f:c9:a7:7f:
51:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:13:61:3E:56:EB:D5:FB:5B:45:E7:A9:5D:24:35:DC:43:81:1F:2D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4771F7B2F51011EFBCFCDD6A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.23.0/24
Signature Algorithm: sha256WithRSAEncryption
14:f9:0f:91:30:7e:fa:6e:bf:6b:51:ea:6a:c2:4e:1e:32:5d:
4d:b0:06:68:38:5b:b9:92:fe:01:12:ef:54:d1:46:4b:d5:31:
df:cb:16:88:6b:83:e6:dc:94:7d:a5:c1:2b:66:4c:73:3c:fa:
fa:42:d0:15:50:0d:80:53:ee:49:ec:78:8e:94:12:c6:91:df:
51:c1:d8:fc:2d:39:90:b0:93:95:b6:23:c3:30:90:4b:99:ab:
45:c5:bb:47:68:32:1b:e3:df:fe:c5:86:7a:eb:ab:d6:9e:a9:
5d:9c:ee:72:ae:02:d4:46:e9:b2:52:ef:3a:a7:ef:c5:1e:6d:
16:b7:97:fd:5f:16:7e:44:55:5d:84:d6:35:6c:87:8b:41:05:
a0:e4:2e:19:57:6a:1e:69:54:e7:1e:0b:87:0e:c5:2a:98:79:
30:74:53:54:b7:58:60:99:19:6b:e9:08:27:1b:55:45:df:63:
00:7a:aa:00:4f:a0:4d:3d:00:83:98:20:c1:79:6a:b0:e0:83:
3d:bd:9c:34:b9:5e:09:ce:7f:04:47:73:43:47:16:20:16:b4:
0d:bb:01:85:c8:62:99:d7:1e:86:00:ce:f3:00:5a:51:73:4e:
f4:04:9f:4d:25:7d:81:65:8f:e4:28:d5:e5:a3:a1:0d:fb:ac:
7c:ca:e0:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWiUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTMzOTMwWhcNMjUwMzI2MTMzOTMwWjAYMRYw
FAYDVQQDEw02N2MwNmIxNi05ZWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArD7tOM7wIZsoUsRgGT0vHFvuIS1dgCtWANRS+9y/zOjXodH8dp45dVzZ
Cu0Kh1hYsZVM0iYAuK+smNtBwHH2/vfbFE7H3tlO94R5cTr/DVZidRPDf8AFQuX0
lKfr3iZsiizzDHqz96/KYGi+7S809irZDypm9A/1VKS+YkVbaN7Wnvp8nDJLN8pW
0f6lbklZWQvGhfSnFhusts83AEQti5f6KrF37Xtgi7aMQXII+rdAxWqtpgGaZ5XY
U1BHbYFpYDtC5mLmSKYybc+JrtAa+KVoQM+tvbUAUfj00FCs9SY85iy1hZx3ezXs
3yxWK0rUmMIJ5fMXxXDhUi/Jp39RhwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBkT
YT5W69X7W0XnqV0kNdxDgR8tMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NzcxRjdCMkY1MTAxMUVGQkNGQ0RENkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQXMA0GCSqGSIb3DQEB
CwUAA4IBAQAU+Q+RMH76br9rUepqwk4eMl1NsAZoOFu5kv4BEu9U0UZL1THfyxaI
a4Pm3JR9pcErZkxzPPr6QtAVUA2AU+5J7HiOlBLGkd9Rwdj8LTmQsJOVtiPDMJBL
matFxbtHaDIb49/+xYZ666vWnqldnO5yrgLURumyUu86p+/FHm0Wt5f9XxZ+RFVd
hNY1bIeLQQWg5C4ZV2oeaVTnHguHDsUqmHkwdFNUt1hgmRlr6QgnG1VF32MAeqoA
T6BNPQCDmCDBeWqw4IM9vZw0uV4Jzn8ER3NDRxYgFrQNuwGFyGKZ1x6GAM7zAFpR
c070BJ9NJX2BZY/kKNXlo6EN+6x8yuAj
-----END CERTIFICATE-----
Generated at Fri May 9 11:52:34 2025 by rpki-client