Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/52AD3924FA7A11EFBF50CEBA762E951A.roa
File: 52AD3924FA7A11EFBF50CEBA762E951A.roa (raw, json)
Hash identifier: wLunBtrLNQlUdNJlZbrwsrFIOZUnpWOKE/1T7cUWrko=
Subject key identifier: 66:8D:EC:BF:52:FD:13:DA:44:13:E8:0B:76:70:35:35:0A:22:DC:76
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0172AD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/52AD3924FA7A11EFBF50CEBA762E951A.roa
Signing time: Thu 06 Mar 2025 11:01:15 +0000
ROA not before: Thu 06 Mar 2025 11:01:10 +0000
ROA not after: Tue 25 Mar 2025 11:01:10 +0000
asID: 39600
IP address blocks: 154.202.16.0/21 maxlen: 24
154.202.72.0/21 maxlen: 24
154.203.72.0/21 maxlen: 24
154.205.160.0/21 maxlen: 24
154.206.120.0/21 maxlen: 24
154.207.128.0/21 maxlen: 24
154.207.232.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94893 (0x172ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 6 11:01:10 2025 GMT
Not After : Mar 25 11:01:10 2025 GMT
Subject: CN=67c9807b-e026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:6f:8c:2a:bc:58:f8:b7:ed:85:a2:f6:9e:20:
e4:f9:3e:a7:74:d9:40:5a:b4:f7:6b:f9:00:20:fe:
cf:f7:f7:39:79:c4:f8:0d:6c:05:68:66:63:f3:a8:
e8:63:14:04:7a:e2:b1:f9:34:c1:05:c9:c4:89:7c:
81:15:36:3b:ba:7d:30:d7:cb:2e:18:72:ef:10:12:
45:8b:c9:32:be:fd:45:1c:af:3c:7f:b0:fb:53:77:
13:52:51:6a:5b:c5:67:20:f5:14:b1:37:8f:ce:fe:
ae:82:ab:da:42:99:ad:f2:68:c5:4f:76:4a:9a:3d:
e1:6c:1e:9f:ca:ea:11:51:cc:fa:31:d9:67:1f:9f:
52:0f:93:de:8f:1b:f0:f0:50:a4:a0:15:81:ac:10:
4d:29:dc:62:0d:5c:27:41:27:d3:50:10:e5:96:72:
9f:8f:82:a3:01:71:40:24:95:62:ea:b0:bd:81:76:
b7:e9:b5:53:42:3c:7d:bc:b1:a7:23:2b:18:91:9e:
f7:9c:1c:07:57:49:80:f8:84:5d:e5:63:c7:5a:f4:
5e:eb:6b:99:40:26:e7:f4:c7:db:4e:a3:02:cd:67:
58:f3:36:d4:af:b2:23:9b:e8:b2:2d:02:0b:7b:5b:
ad:a0:75:9b:9f:9f:fe:48:b6:da:80:d9:79:aa:7e:
0a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8D:EC:BF:52:FD:13:DA:44:13:E8:0B:76:70:35:35:0A:22:DC:76
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/52AD3924FA7A11EFBF50CEBA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.16.0/21
154.202.72.0/21
154.203.72.0/21
154.205.160.0/21
154.206.120.0/21
154.207.128.0/21
154.207.232.0/21
Signature Algorithm: sha256WithRSAEncryption
59:0e:6e:b8:76:2b:13:29:1c:47:2b:48:71:c7:ab:8b:48:82:
eb:c0:fc:04:92:00:7a:a7:8d:01:9a:9d:6d:f9:4b:78:69:37:
5c:62:79:f4:65:25:90:c4:39:6c:1a:d8:52:f4:aa:79:ce:5f:
e3:52:01:91:5b:d6:c7:ad:4f:97:fa:2c:07:2c:fa:46:f6:e6:
ff:2a:a1:f5:2f:b1:2c:00:31:f1:4e:43:1a:71:0d:51:05:15:
cf:bf:8d:bd:0a:d7:3d:ba:9d:a6:8c:4e:b0:63:dd:b1:f9:8e:
5c:bc:2b:b6:fc:0e:71:e1:84:9d:1c:a1:76:a2:99:16:ad:bf:
cb:c5:72:5d:37:72:1d:9b:9d:14:d9:06:8c:83:7e:38:34:2c:
4b:55:5f:c0:9d:0f:b2:57:70:7a:fc:68:10:11:74:c1:ab:4e:
fa:d9:42:98:bc:83:bc:af:16:73:5c:2e:fa:6e:0f:38:13:2b:
13:89:f3:a9:71:c3:d8:ba:72:b9:12:86:f0:1a:f0:d1:99:58:
07:d6:f2:15:a6:c2:f5:c0:6c:04:f6:be:26:24:12:dd:d1:66:
a1:2b:a6:ec:17:a1:0b:04:81:47:4f:f4:36:f2:12:55:a6:22:
d6:6e:de:1a:30:78:42:81:ee:f5:b9:8d:30:27:43:38:ac:0a:
a1:c2:16:d4
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgIDAXKtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA2MTEwMTEwWhcNMjUwMzI1MTEwMTEwWjAYMRYw
FAYDVQQDEw02N2M5ODA3Yi1lMDI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8G+MKrxY+LfthaL2niDk+T6ndNlAWrT3a/kAIP7P9/c5ecT4DWwFaGZj
86joYxQEeuKx+TTBBcnEiXyBFTY7un0w18suGHLvEBJFi8kyvv1FHK88f7D7U3cT
UlFqW8VnIPUUsTePzv6ugqvaQpmt8mjFT3ZKmj3hbB6fyuoRUcz6MdlnH59SD5Pe
jxvw8FCkoBWBrBBNKdxiDVwnQSfTUBDllnKfj4KjAXFAJJVi6rC9gXa36bVTQjx9
vLGnIysYkZ73nBwHV0mA+IRd5WPHWvRe62uZQCbn9MfbTqMCzWdY8zbUr7Ijm+iy
LQILe1utoHWbn5/+SLbagNl5qn4KPwIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFGaN
7L9S/RPaRBPoC3ZwNTUKItx2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MkFEMzkyNEZBN0ExMUVGQkY1MENFQkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDmsoQAwQDmspIAwQDmstI
AwQDms2gAwQDms54AwQDms+AAwQDms/oMA0GCSqGSIb3DQEBCwUAA4IBAQBZDm64
disTKRxHK0hxx6uLSILrwPwEkgB6p40Bmp1t+Ut4aTdcYnn0ZSWQxDlsGthS9Kp5
zl/jUgGRW9bHrU+X+iwHLPpG9ub/KqH1L7EsADHxTkMacQ1RBRXPv429Ctc9up2m
jE6wY92x+Y5cvCu2/A5x4YSdHKF2opkWrb/LxXJdN3Idm50U2QaMg344NCxLVV/A
nQ+yV3B6/GgQEXTBq0762UKYvIO8rxZzXC76bg84EysTifOpccPYunK5EobwGvDR
mVgH1vIVpsL1wGwE9r4mJBLd0WahK6bsF6ELBIFHT/Q28hJVpiLWbt4aMHhCge71
uY0wJ0M4rAqhwhbU
-----END CERTIFICATE-----
Generated at Sat May 10 04:08:06 2025 by rpki-client