Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C7A93FC8A8D11EE935401814AD9E6FC.roa
File: 4C7A93FC8A8D11EE935401814AD9E6FC.roa (raw, json)
Hash identifier: 4FqWgOKmnyNaltdkjK3NjpnML4iROLBSScmw2tgFYeo=
Subject key identifier: A6:55:21:24:0B:96:ED:2A:C8:BF:6C:BB:CD:25:92:D1:E5:03:3E:A3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 5360
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C7A93FC8A8D11EE935401814AD9E6FC.roa
Signing time: Fri 24 Nov 2023 05:49:57 +0000
ROA not before: Fri 24 Nov 2023 05:49:54 +0000
ROA not after: Tue 26 Dec 2023 05:49:54 +0000
asID: 62240
IP address blocks: 154.196.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21344 (0x5360)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 05:49:54 2023 GMT
Not After : Dec 26 05:49:54 2023 GMT
Subject: CN=65603985-0ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:92:38:68:f9:d5:0f:96:05:3c:bb:20:8f:56:
5a:40:c2:b7:71:c2:6d:34:98:f5:1b:a5:bc:8d:d6:
0c:b0:2b:54:f8:10:32:0b:f8:81:c1:a3:5b:52:13:
83:41:f9:a9:bb:6e:32:98:ce:eb:c4:70:76:bf:83:
13:8a:5f:b9:35:0b:0a:d8:7f:7b:eb:6b:5a:69:1f:
ab:e1:90:02:b2:7a:a1:4a:ff:04:08:c9:95:eb:2f:
ae:dd:70:00:95:ec:f1:14:1f:c2:ce:f4:74:c2:98:
ef:98:eb:ce:3c:d3:e0:97:a1:a3:24:59:d1:20:7d:
b5:85:e0:52:23:da:59:5b:43:3f:33:43:f2:d9:2f:
a8:5c:0a:b9:85:45:de:a2:1d:ce:25:4f:1f:5d:7b:
88:4e:59:23:04:96:27:99:01:08:06:d8:56:02:88:
e1:e0:1d:33:63:e1:d0:fb:48:3a:58:b6:04:97:48:
3a:28:de:53:fb:8f:ff:b4:5f:b4:36:d0:0d:04:07:
39:81:30:82:ce:0f:a4:9e:09:12:64:0c:0c:39:60:
b6:16:bb:6f:fd:70:b3:07:8a:07:8f:76:d0:e7:d3:
4d:ba:1f:92:e7:b9:ff:ad:5f:70:37:a1:33:28:01:
c1:a7:a8:bf:0c:6a:06:ac:10:7c:ac:43:93:b9:ae:
ed:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:55:21:24:0B:96:ED:2A:C8:BF:6C:BB:CD:25:92:D1:E5:03:3E:A3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C7A93FC8A8D11EE935401814AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.35.0/24
Signature Algorithm: sha256WithRSAEncryption
94:b3:f2:01:b8:82:d6:f0:69:22:22:64:3c:e4:51:ce:9c:d8:
27:e2:05:3d:b2:3b:70:cd:06:74:58:cd:6e:f7:10:30:aa:fe:
30:37:82:42:21:4c:ce:52:e2:f4:d6:b8:0c:8a:f1:c3:fb:c9:
af:81:f7:03:c8:a6:47:b2:65:4f:eb:4c:00:0a:be:a8:0b:8d:
b7:d5:d7:3e:3e:9b:0e:97:ab:aa:94:1f:0a:88:58:d3:21:1c:
68:8d:fe:6d:29:a9:5f:34:27:aa:75:3e:cc:bb:86:23:5a:6c:
21:b1:4d:9f:6d:a0:03:b3:d1:5c:11:e0:57:07:93:ca:9c:dc:
0a:8a:b7:54:a6:cd:d2:f0:c8:3e:fc:29:25:0a:17:23:e0:16:
ec:ee:40:75:12:46:8c:c9:61:1c:73:77:87:14:c1:88:8e:2d:
be:bf:17:98:76:10:ae:b5:d4:f5:20:15:4a:b9:51:b0:0d:08:
b6:99:9c:b1:ca:fd:04:81:96:90:72:4b:5e:c5:a3:75:3b:04:
73:f8:1c:8b:d9:ea:ca:a2:f2:7e:48:f0:8f:c2:4a:5d:69:1f:
14:ed:e0:d9:4d:75:40:90:d9:84:56:bb:96:28:27:5c:f9:c5:
ee:ee:6d:f4:ed:84:b7:8e:6c:cb:e3:15:88:d7:65:e0:2f:ee:
8b:c6:15:e6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICU2AwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNTQ5NTRaFw0yMzEyMjYwNTQ5NTRaMBgxFjAU
BgNVBAMTDTY1NjAzOTg1LTBiYTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAkjho+dUPlgU8uyCPVlpAwrdxwm00mPUbpbyN1gywK1T4EDIL+IHBo1tS
E4NB+am7bjKYzuvEcHa/gxOKX7k1CwrYf3vra1ppH6vhkAKyeqFK/wQIyZXrL67d
cACV7PEUH8LO9HTCmO+Y68480+CXoaMkWdEgfbWF4FIj2llbQz8zQ/LZL6hcCrmF
Rd6iHc4lTx9de4hOWSMElieZAQgG2FYCiOHgHTNj4dD7SDpYtgSXSDoo3lP7j/+0
X7Q20A0EBzmBMILOD6SeCRJkDAw5YLYWu2/9cLMHigePdtDn0026H5Lnuf+tX3A3
oTMoAcGnqL8MagasEHysQ5O5ru19AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUplUh
JAuW7SrIv2y7zSWS0eUDPqMwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzRDN0E5M0ZDOEE4RDExRUU5MzU0MDE4MTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxCMwDQYJKoZIhvcNAQEL
BQADggEBAJSz8gG4gtbwaSIiZDzkUc6c2CfiBT2yO3DNBnRYzW73EDCq/jA3gkIh
TM5S4vTWuAyK8cP7ya+B9wPIpkeyZU/rTAAKvqgLjbfV1z4+mw6Xq6qUHwqIWNMh
HGiN/m0pqV80J6p1Psy7hiNabCGxTZ9toAOz0VwR4FcHk8qc3AqKt1SmzdLwyD78
KSUKFyPgFuzuQHUSRozJYRxzd4cUwYiOLb6/F5h2EK611PUgFUq5UbANCLaZnLHK
/QSBlpByS17Fo3U7BHP4HIvZ6sqi8n5I8I/CSl1pHxTt4NlNdUCQ2YRWu5YoJ1z5
xe7ubfTthLeObMvjFYjXZeAv7ovGFeY=
-----END CERTIFICATE-----
Generated at Fri May 9 10:38:08 2025 by rpki-client