Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4AC0D5C6F35011EF90D6F85D762E951A.roa
File: 4AC0D5C6F35011EF90D6F85D762E951A.roa (raw, json)
Hash identifier: mBaP31D8NdDex04JhdxaQ0UXT7cQk1/HFy1ArdIL4OA=
Subject key identifier: 46:2B:DF:79:3E:34:74:99:61:90:2B:34:05:56:C7:F9:A2:59:D0:6D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015D8A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4AC0D5C6F35011EF90D6F85D762E951A.roa
Signing time: Tue 25 Feb 2025 08:12:45 +0000
ROA not before: Tue 25 Feb 2025 08:12:41 +0000
ROA not after: Thu 27 Mar 2025 08:12:41 +0000
asID: 398704
IP address blocks: 154.200.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89482 (0x15d8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 25 08:12:41 2025 GMT
Not After : Mar 27 08:12:41 2025 GMT
Subject: CN=67bd7b7d-0ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:04:2d:40:53:b6:6c:ee:a9:e2:bd:73:fe:61:
20:eb:be:3e:be:18:54:52:4c:c5:d0:e2:b3:94:78:
eb:da:d0:96:b6:e9:34:89:8d:05:e2:35:b4:6d:1d:
25:5b:48:f6:6d:49:58:1f:59:0a:e3:71:23:aa:37:
85:23:5f:5f:a6:a7:3b:29:d8:79:98:df:ea:3e:c0:
3d:7a:1d:03:4d:75:c5:56:cb:7b:7e:c2:77:ba:e6:
0c:14:41:33:7b:fb:b6:40:f9:c4:49:d8:12:a1:3a:
3a:94:06:ea:d7:61:81:8f:29:fc:60:8f:5e:56:2f:
f9:05:a6:e4:41:b4:7f:06:06:92:ac:5a:ef:b9:32:
a0:63:86:2d:b7:4f:ef:ee:44:0a:63:98:8c:73:c6:
e7:d6:24:1c:dd:c7:d8:db:28:2a:9b:17:25:3c:1f:
d1:11:18:19:38:8b:38:7c:30:56:0a:5b:84:6f:ac:
f8:2f:6f:46:e4:19:fb:c2:a3:3d:05:e6:38:7a:b7:
de:24:53:60:75:c3:04:f6:6b:8f:5f:3a:52:84:fb:
95:cb:45:e7:57:ba:69:a7:62:85:bd:1a:ee:e9:97:
07:93:97:31:90:69:a9:08:d1:d5:c0:eb:4f:d5:45:
ca:2a:94:d5:a4:23:17:f0:e0:8f:b0:65:f5:8f:62:
e0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:2B:DF:79:3E:34:74:99:61:90:2B:34:05:56:C7:F9:A2:59:D0:6D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4AC0D5C6F35011EF90D6F85D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.146.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:e1:23:91:bb:82:84:e1:de:39:23:04:8a:54:f0:ac:27:90:
46:f8:a1:45:c8:37:c2:b5:96:ed:e0:75:95:22:99:2d:25:67:
47:27:72:f0:30:80:56:3b:e1:b0:69:12:0c:bf:fe:dc:37:b5:
ec:9f:ea:1f:ba:1a:76:67:bc:c5:a1:64:0d:1e:51:56:ed:37:
6d:1c:aa:bd:71:b9:6b:6f:56:e8:d7:00:90:85:06:44:5f:16:
f5:10:1c:57:b6:60:48:85:df:1e:0f:0f:cf:a2:ef:48:3a:c0:
3e:68:55:53:61:66:c8:c6:b4:52:e0:1a:df:34:22:c0:95:ca:
61:52:a4:4a:d3:20:45:3c:3d:fa:f6:5a:da:49:b1:07:89:97:
22:6d:5f:14:e6:16:79:b5:52:d5:94:9d:2d:78:4f:e1:b4:26:
42:05:86:34:d5:6d:b7:b8:e4:a4:77:48:05:5e:e5:24:bc:61:
06:50:ce:3e:f9:6d:cf:d5:f8:86:01:70:c8:9c:8f:85:33:ae:
d8:6f:37:91:51:fe:8a:32:d2:87:a0:af:93:a8:98:99:e9:c7:
43:f8:3e:3b:d9:eb:35:c5:db:70:fb:c5:a7:28:96:d2:51:0a:
f0:73:72:35:b1:57:c7:f8:1d:bf:4f:f1:d2:94:ba:de:10:85:
0a:64:f2:12
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV2KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MDgxMjQxWhcNMjUwMzI3MDgxMjQxWjAYMRYw
FAYDVQQDEw02N2JkN2I3ZC0wY2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAswQtQFO2bO6p4r1z/mEg674+vhhUUkzF0OKzlHjr2tCWtuk0iY0F4jW0
bR0lW0j2bUlYH1kK43EjqjeFI19fpqc7Kdh5mN/qPsA9eh0DTXXFVst7fsJ3uuYM
FEEze/u2QPnESdgSoTo6lAbq12GBjyn8YI9eVi/5BabkQbR/BgaSrFrvuTKgY4Yt
t0/v7kQKY5iMc8bn1iQc3cfY2ygqmxclPB/RERgZOIs4fDBWCluEb6z4L29G5Bn7
wqM9BeY4erfeJFNgdcME9muPXzpShPuVy0XnV7ppp2KFvRru6ZcHk5cxkGmpCNHV
wOtP1UXKKpTVpCMX8OCPsGX1j2LggQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEYr
33k+NHSZYZArNAVWx/miWdBtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QUMwRDVDNkYzNTAxMUVGOTBENkY4NUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsiSMA0GCSqGSIb3DQEB
CwUAA4IBAQDC4SORu4KE4d45IwSKVPCsJ5BG+KFFyDfCtZbt4HWVIpktJWdHJ3Lw
MIBWO+GwaRIMv/7cN7Xsn+ofuhp2Z7zFoWQNHlFW7TdtHKq9cblrb1bo1wCQhQZE
Xxb1EBxXtmBIhd8eDw/Pou9IOsA+aFVTYWbIxrRS4BrfNCLAlcphUqRK0yBFPD36
9lraSbEHiZcibV8U5hZ5tVLVlJ0teE/htCZCBYY01W23uOSkd0gFXuUkvGEGUM4+
+W3P1fiGAXDInI+FM67YbzeRUf6KMtKHoK+TqJiZ6cdD+D472es1xdtw+8WnKJbS
UQrwc3I1sVfH+B2/T/HSlLreEIUKZPIS
-----END CERTIFICATE-----
Generated at Fri May 9 07:07:53 2025 by rpki-client