Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A9A2FDAF68D11EFA74BD0A1762E951A.roa
File: 4A9A2FDAF68D11EFA74BD0A1762E951A.roa (raw, json)
Hash identifier: cl6t/pce5sk0o0JsZREDhaRmco87qPee2ywCfoiJBKw=
Subject key identifier: F5:78:11:BE:C6:1E:F7:A0:2A:5B:14:1E:B5:06:CA:ED:5C:4C:7A:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016DF3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A9A2FDAF68D11EFA74BD0A1762E951A.roa
Signing time: Sat 01 Mar 2025 11:06:57 +0000
ROA not before: Sat 01 Mar 2025 11:06:54 +0000
ROA not after: Mon 31 Mar 2025 11:06:54 +0000
asID: 202656
IP address blocks: 154.222.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93683 (0x16df3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 11:06:54 2025 GMT
Not After : Mar 31 11:06:54 2025 GMT
Subject: CN=67c2ea51-2220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6e:cc:ec:68:97:d3:85:aa:b2:34:ca:23:df:
8e:c9:6a:47:ac:44:fb:43:e7:92:74:9c:5c:88:03:
9a:8d:1f:c9:4f:51:f2:3e:1c:29:81:08:5b:38:c1:
a9:9f:51:82:12:f5:b2:99:d4:4a:57:fb:45:26:56:
e9:68:4f:e4:ab:1f:88:28:03:48:ff:12:de:f1:f1:
ea:2c:e0:29:ed:df:7e:f9:ac:a0:21:82:51:8a:41:
04:43:76:ec:42:78:45:0a:5d:89:fd:0c:31:9e:1b:
0f:67:09:2e:44:76:e8:80:7a:a2:0b:ef:22:f2:7c:
81:ae:f7:e7:af:12:56:88:ef:31:99:41:28:a5:14:
cb:3c:7c:74:a6:ee:d0:5f:36:55:68:bc:bc:74:0c:
bc:30:c1:7e:09:6d:d1:78:4c:eb:57:b2:af:b6:7d:
dd:39:d5:fe:2f:c8:7a:9a:f9:d8:0c:06:04:db:4c:
23:fa:4c:fa:82:35:b7:5e:3a:72:c8:9a:3e:1c:12:
10:a2:e0:06:c9:41:b0:a5:99:06:b6:d9:b0:66:2b:
b8:d3:0e:44:ef:1c:67:13:98:56:92:84:f9:99:e3:
ed:39:6c:04:b1:ea:7a:ac:67:b3:e4:58:e9:09:5b:
b5:b8:c3:bc:73:ad:c4:ee:2b:b6:29:ac:41:a3:4e:
cc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:78:11:BE:C6:1E:F7:A0:2A:5B:14:1E:B5:06:CA:ED:5C:4C:7A:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A9A2FDAF68D11EFA74BD0A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.46.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:55:32:56:a1:2b:cd:90:8f:c5:55:a2:a5:54:04:8e:e1:0b:
c7:36:c3:d1:6d:ba:97:7e:85:22:44:6d:48:0f:92:a8:0b:fa:
34:4a:fd:99:c0:06:e2:19:c2:df:3c:bb:89:26:a4:12:8f:9c:
53:66:d7:9b:b5:9f:9f:7d:80:48:23:47:36:3c:07:82:4a:ff:
a1:fb:d9:96:98:92:54:a2:ba:79:4d:1a:01:9a:ea:b1:a6:59:
72:39:4b:89:28:43:d5:19:b5:80:64:1b:1b:75:52:43:36:ec:
18:33:ec:3f:db:c9:1b:5e:af:7a:c8:ef:ff:2d:78:12:35:79:
e5:18:aa:66:09:0e:a2:be:56:79:50:93:d1:33:a4:37:0e:34:
ff:75:0c:6f:1d:58:83:a7:1f:3a:c1:56:5f:4e:43:03:c4:1c:
37:9c:43:3e:7a:01:0b:21:ba:a3:52:fa:ca:0a:73:43:9f:23:
24:0f:55:f6:0d:83:41:42:53:9c:af:f5:29:c6:6d:1b:b2:09:
06:98:2c:39:82:b0:ba:52:e3:b5:6c:9c:63:30:fe:04:4b:b0:
b8:60:24:b3:7a:ef:97:ad:24:5d:b5:82:10:b9:7d:a7:4d:50:
e3:8d:a0:df:62:27:96:3c:48:c5:b2:05:aa:bf:fa:27:45:f6:
5b:00:e7:16
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW3zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTEwNjU0WhcNMjUwMzMxMTEwNjU0WjAYMRYw
FAYDVQQDEw02N2MyZWE1MS0yMjIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvW7M7GiX04WqsjTKI9+OyWpHrET7Q+eSdJxciAOajR/JT1HyPhwpgQhb
OMGpn1GCEvWymdRKV/tFJlbpaE/kqx+IKANI/xLe8fHqLOAp7d9++aygIYJRikEE
Q3bsQnhFCl2J/QwxnhsPZwkuRHbogHqiC+8i8nyBrvfnrxJWiO8xmUEopRTLPHx0
pu7QXzZVaLy8dAy8MMF+CW3ReEzrV7Kvtn3dOdX+L8h6mvnYDAYE20wj+kz6gjW3
XjpyyJo+HBIQouAGyUGwpZkGttmwZiu40w5E7xxnE5hWkoT5mePtOWwEsep6rGez
5FjpCVu1uMO8c63E7iu2KaxBo07MXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPV4
Eb7GHvegKlsUHrUGyu1cTHrYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QTlBMkZEQUY2OEQxMUVGQTc0QkQwQTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt4uMA0GCSqGSIb3DQEB
CwUAA4IBAQCwVTJWoSvNkI/FVaKlVASO4QvHNsPRbbqXfoUiRG1ID5KoC/o0Sv2Z
wAbiGcLfPLuJJqQSj5xTZtebtZ+ffYBII0c2PAeCSv+h+9mWmJJUorp5TRoBmuqx
pllyOUuJKEPVGbWAZBsbdVJDNuwYM+w/28kbXq96yO//LXgSNXnlGKpmCQ6ivlZ5
UJPRM6Q3DjT/dQxvHViDpx86wVZfTkMDxBw3nEM+egELIbqjUvrKCnNDnyMkD1X2
DYNBQlOcr/Upxm0bsgkGmCw5grC6UuO1bJxjMP4ES7C4YCSzeu+XrSRdtYIQuX2n
TVDjjaDfYieWPEjFsgWqv/onRfZbAOcW
-----END CERTIFICATE-----
Generated at Fri May 9 12:03:23 2025 by rpki-client