Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4907F404F16511EFBDBEB3B2762E951A.roa
File: 4907F404F16511EFBDBEB3B2762E951A.roa (raw, json)
Hash identifier: rSWxb0SQ7Ty9grMwfQDYwEkn3G0tyg3LQNq5K1kkTK8=
Subject key identifier: 72:BD:9F:85:72:0E:A8:10:4F:FA:BF:51:04:2A:9F:28:BE:7F:CD:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015A93
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4907F404F16511EFBDBEB3B2762E951A.roa
Signing time: Sat 22 Feb 2025 21:37:59 +0000
ROA not before: Sat 22 Feb 2025 21:37:55 +0000
ROA not after: Wed 26 Mar 2025 21:37:55 +0000
asID: 395886
IP address blocks: 154.201.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88723 (0x15a93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 22 21:37:55 2025 GMT
Not After : Mar 26 21:37:55 2025 GMT
Subject: CN=67ba43b7-5c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:10:b9:9f:e8:d8:9c:91:a2:bd:d2:1b:28:da:
c6:70:4d:94:bd:f5:27:11:fc:a1:73:d8:a7:b1:fd:
ff:15:8b:a4:e7:ae:8b:cb:e1:7e:4b:60:71:4d:fc:
4a:99:01:fe:89:9e:8c:64:0b:3a:42:05:7d:9f:4b:
8a:33:6a:b5:81:72:b1:7c:10:b4:6c:0f:8e:4d:38:
6a:3f:26:bc:79:56:a6:68:77:3b:8e:45:94:d1:08:
3f:13:86:ec:d8:5c:a7:ec:be:a5:9c:3f:15:01:cd:
a3:c6:d6:99:94:5f:83:4d:af:68:f6:44:70:69:96:
e3:cb:a3:96:37:bc:62:b4:08:ec:02:ec:0d:4d:51:
10:f7:6f:d0:52:da:1c:f3:b6:f1:be:7c:7e:1d:39:
db:9e:2e:d1:17:2f:d5:8b:df:59:86:b6:86:92:67:
10:27:71:35:5f:4d:31:29:25:33:65:5a:1e:1b:c3:
21:a6:38:b5:29:1a:17:4e:30:b1:4f:5b:31:13:ce:
a1:91:6c:72:f4:89:73:2f:6e:fc:fd:d9:97:e0:4a:
58:37:a7:49:a1:44:5b:6b:06:76:b0:4d:72:17:93:
10:7a:02:63:de:07:7b:aa:60:3d:b6:9c:b3:62:63:
d8:d6:4a:0c:30:2b:26:86:fe:89:6c:e4:ac:dc:1e:
f3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:BD:9F:85:72:0E:A8:10:4F:FA:BF:51:04:2A:9F:28:BE:7F:CD:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4907F404F16511EFBDBEB3B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.88.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:24:a1:d3:a6:01:48:40:26:38:e9:65:f1:cd:a4:d3:21:ea:
d1:da:8a:25:b4:30:59:90:98:24:63:37:4f:68:1c:90:aa:77:
7f:52:2d:eb:b2:b6:0e:e8:b9:f4:99:0c:b9:20:e5:45:e5:51:
a2:6e:89:a8:9a:95:9c:dc:65:2d:44:be:4e:24:24:a4:81:cf:
f6:cf:7a:36:e8:19:93:26:56:76:8d:68:b7:f9:82:96:0c:b5:
a9:92:db:9b:9c:fa:42:fc:ab:3a:4a:32:d0:27:7e:ef:32:98:
7a:b2:29:52:5a:76:83:70:26:71:5f:49:81:52:c7:3d:c7:85:
d2:92:bf:1f:c4:cd:04:b1:1c:22:dc:dc:f1:30:dc:79:e2:0e:
c7:96:1e:10:6e:91:92:8d:28:c8:88:ff:2f:71:5e:4b:69:ab:
01:6d:9b:07:2b:a3:d0:1e:3b:1e:24:61:77:23:26:80:94:89:
55:8e:22:97:ba:a7:54:0a:73:f1:dc:82:41:59:53:f3:ad:62:
f6:f1:58:89:71:02:9a:0a:71:c5:a7:4c:96:82:6c:aa:bf:1f:
0d:30:41:bd:a9:6c:17:61:7f:f5:33:43:a1:1e:a1:d2:d0:b1:
8a:0d:63:9b:d8:d4:95:bf:63:d5:92:97:8b:2f:db:af:8d:75:
12:5d:94:10
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVqTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIyMjEzNzU1WhcNMjUwMzI2MjEzNzU1WjAYMRYw
FAYDVQQDEw02N2JhNDNiNy01Yzg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApxC5n+jYnJGivdIbKNrGcE2UvfUnEfyhc9insf3/FYuk566Ly+F+S2Bx
TfxKmQH+iZ6MZAs6QgV9n0uKM2q1gXKxfBC0bA+OTThqPya8eVamaHc7jkWU0Qg/
E4bs2Fyn7L6lnD8VAc2jxtaZlF+DTa9o9kRwaZbjy6OWN7xitAjsAuwNTVEQ92/Q
Utoc87bxvnx+HTnbni7RFy/Vi99ZhraGkmcQJ3E1X00xKSUzZVoeG8Mhpji1KRoX
TjCxT1sxE86hkWxy9IlzL278/dmX4EpYN6dJoURbawZ2sE1yF5MQegJj3gd7qmA9
tpyzYmPY1koMMCsmhv6JbOSs3B7zfQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHK9
n4VyDqgQT/q/UQQqnyi+f80AMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OTA3RjQwNEYxNjUxMUVGQkRCRUIzQjI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmslYMA0GCSqGSIb3DQEB
CwUAA4IBAQDDJKHTpgFIQCY46WXxzaTTIerR2ooltDBZkJgkYzdPaByQqnd/Ui3r
srYO6Ln0mQy5IOVF5VGibomompWc3GUtRL5OJCSkgc/2z3o26BmTJlZ2jWi3+YKW
DLWpktubnPpC/Ks6SjLQJ37vMph6silSWnaDcCZxX0mBUsc9x4XSkr8fxM0EsRwi
3NzxMNx54g7Hlh4QbpGSjSjIiP8vcV5LaasBbZsHK6PQHjseJGF3IyaAlIlVjiKX
uqdUCnPx3IJBWVPzrWL28ViJcQKaCnHFp0yWgmyqvx8NMEG9qWwXYX/1M0OhHqHS
0LGKDWOb2NSVv2PVkpeLL9uvjXUSXZQQ
-----END CERTIFICATE-----
Generated at Fri May 9 06:24:51 2025 by rpki-client