Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/513C2E948CE211EE8C8EF7734AD9E6FC.roa
File: 513C2E948CE211EE8C8EF7734AD9E6FC.roa (raw, json)
Hash identifier: kRv+e0Hg12WJrKy5vdooAh52Chqvze/HZiKrVBLJ6Bo=
Subject key identifier: C4:FD:1D:57:10:56:91:78:8E:BD:67:6D:1A:AE:80:E5:5A:C9:B7:AF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 5552
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/513C2E948CE211EE8C8EF7734AD9E6FC.roa
Signing time: Mon 27 Nov 2023 05:03:35 +0000
ROA not before: Mon 27 Nov 2023 05:03:32 +0000
ROA not after: Tue 26 Dec 2023 05:03:32 +0000
asID: 62240
IP address blocks: 154.196.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21842 (0x5552)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 27 05:03:32 2023 GMT
Not After : Dec 26 05:03:32 2023 GMT
Subject: CN=65642327-b3f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fa:94:a4:16:bb:20:42:d3:16:5a:f0:fb:4c:
43:f4:c0:fc:b4:ee:b5:34:48:61:2c:5f:7a:2f:57:
6f:aa:bb:34:44:e6:94:89:c4:b2:8f:e8:ad:4a:23:
dc:4a:71:6e:2c:22:e9:ec:2c:41:3b:cd:30:f1:e9:
19:2b:7e:0e:f4:4e:82:fa:cb:e1:c6:54:28:a9:cb:
7f:99:f5:f2:e8:a1:4a:49:a9:ef:3a:c1:d5:9b:90:
e5:b2:83:a2:9e:b2:fa:ec:8a:27:ec:db:2c:34:b5:
ed:d5:d6:a4:0b:c4:9e:2a:80:f2:a3:2d:1d:64:73:
cd:c4:a1:70:ea:e5:98:95:8f:5c:33:57:b0:1b:84:
57:51:1e:c2:00:bf:ae:86:87:d9:1a:a2:43:a8:06:
2d:7b:1e:73:89:2e:1d:f1:4e:08:c2:51:d5:2f:69:
fe:92:91:00:c6:4b:e1:2e:9c:cf:77:01:30:83:72:
8a:3f:79:79:ef:4c:e2:aa:28:70:d0:1a:8d:e6:c4:
41:80:07:13:09:02:a5:40:e5:d9:f2:dc:b1:5b:d1:
5e:52:0b:e9:ff:b5:13:6e:5c:f8:35:57:92:ea:d5:
92:25:f3:ae:c8:b7:e8:01:99:83:bf:a2:e8:1d:a4:
b8:ee:3f:b6:0c:ca:ff:b6:33:35:fd:af:67:a9:3c:
75:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FD:1D:57:10:56:91:78:8E:BD:67:6D:1A:AE:80:E5:5A:C9:B7:AF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/513C2E948CE211EE8C8EF7734AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.69.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:14:29:26:1d:e5:25:26:45:0f:1d:58:3c:6d:e7:ce:f5:8a:
36:30:e6:43:49:dc:7d:a8:93:5a:f8:e0:3c:a9:9e:a3:22:48:
f9:72:b4:8b:1b:81:75:6b:6a:7b:01:bb:b9:a4:d4:02:b7:26:
01:e4:70:86:5d:db:54:a3:14:f4:72:6c:44:8c:59:dd:93:a8:
df:76:a4:b1:3e:53:57:3d:89:47:f1:1a:b1:fc:b7:5b:f6:7c:
02:d2:49:51:6c:b3:d4:5c:ea:4a:5c:a5:44:0e:72:ca:b5:77:
ca:4f:6a:83:09:c4:d1:68:e9:48:26:f6:05:46:fe:97:05:9b:
d6:95:22:f1:25:e0:68:97:ff:c9:b0:70:a7:63:88:6d:5e:14:
7d:04:6e:65:8e:56:4a:42:c0:e3:c2:6a:31:c2:b7:af:df:4b:
c9:c1:cf:2b:39:39:bd:1f:87:14:e5:4b:3b:c0:33:2b:53:bf:
0e:fd:39:e8:01:4a:89:2f:aa:2c:a2:5e:e7:5e:12:ea:24:99:
48:e0:92:5e:16:9c:23:0f:f0:12:ba:4f:0d:31:78:94:be:2c:
7d:4b:a9:e5:dc:e0:66:d5:d2:14:55:a1:0d:d2:d2:2f:83:ba:
c0:72:ef:0f:06:1f:c6:c0:45:50:41:2f:aa:24:88:d6:06:43:
11:9a:6d:5e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVVIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjcwNTAzMzJaFw0yMzEyMjYwNTAzMzJaMBgxFjAU
BgNVBAMTDTY1NjQyMzI3LWIzZjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDD+pSkFrsgQtMWWvD7TEP0wPy07rU0SGEsX3ovV2+quzRE5pSJxLKP6K1K
I9xKcW4sIunsLEE7zTDx6Rkrfg70ToL6y+HGVCipy3+Z9fLooUpJqe86wdWbkOWy
g6Kesvrsiifs2yw0te3V1qQLxJ4qgPKjLR1kc83EoXDq5ZiVj1wzV7AbhFdRHsIA
v66Gh9kaokOoBi17HnOJLh3xTgjCUdUvaf6SkQDGS+EunM93ATCDcoo/eXnvTOKq
KHDQGo3mxEGABxMJAqVA5dny3LFb0V5SC+n/tRNuXPg1V5Lq1ZIl867It+gBmYO/
ougdpLjuP7YMyv+2MzX9r2epPHXrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUxP0d
VxBWkXiOvWdtGq6A5VrJt68wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzUxM0MyRTk0OENFMjExRUU4QzhFRjc3MzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxEUwDQYJKoZIhvcNAQEL
BQADggEBAMwUKSYd5SUmRQ8dWDxt5871ijYw5kNJ3H2ok1r44DypnqMiSPlytIsb
gXVransBu7mk1AK3JgHkcIZd21SjFPRybESMWd2TqN92pLE+U1c9iUfxGrH8t1v2
fALSSVFss9Rc6kpcpUQOcsq1d8pPaoMJxNFo6Ugm9gVG/pcFm9aVIvEl4GiX/8mw
cKdjiG1eFH0EbmWOVkpCwOPCajHCt6/fS8nBzys5Ob0fhxTlSzvAMytTvw79OegB
SokvqiyiXudeEuokmUjgkl4WnCMP8BK6Tw0xeJS+LH1LqeXc4GbV0hRVoQ3S0i+D
usBy7w8GH8bARVBBL6okiNYGQxGabV4=
-----END CERTIFICATE-----
Generated at Fri May 9 10:52:55 2025 by rpki-client