Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/56669E88F68911EFA2187D86762E951A.roa
File: 56669E88F68911EFA2187D86762E951A.roa (raw, json)
Hash identifier: iDOTy+aHDeoA12u/YJP58vztgUWVMmq8oft57RV8uSg=
Subject key identifier: AB:89:EA:C4:4C:6B:7D:36:8D:54:1F:A9:2B:0B:F6:9F:19:51:59:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016DD8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/56669E88F68911EFA2187D86762E951A.roa
Signing time: Sat 01 Mar 2025 10:38:39 +0000
ROA not before: Sat 01 Mar 2025 10:38:36 +0000
ROA not after: Mon 31 Mar 2025 10:38:36 +0000
asID: 202656
IP address blocks: 154.222.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93656 (0x16dd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 10:38:36 2025 GMT
Not After : Mar 31 10:38:36 2025 GMT
Subject: CN=67c2e3af-5dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e3:c9:5d:35:46:42:81:86:ff:d6:84:3d:83:
12:37:e8:b3:f7:70:41:39:68:0a:ea:9b:29:a9:23:
58:c0:f4:b1:24:78:08:e3:cc:6d:37:a0:9b:0c:b1:
53:98:8b:78:62:6f:88:32:2a:f5:71:3f:cb:2c:84:
08:99:7f:39:0b:8d:93:b2:d8:d8:b7:4e:db:6c:63:
77:8f:1a:43:70:6c:6e:10:be:e3:a2:1e:2e:42:45:
dd:1d:76:7f:a3:79:ac:1f:99:8e:8b:b0:11:f4:5b:
bc:e6:6d:58:51:f3:a0:5c:7b:6a:ed:0a:5e:3a:10:
34:d6:57:fa:cb:dd:90:72:ff:8b:50:91:db:2c:e7:
9e:93:46:0d:6e:a1:dd:53:be:f1:db:86:c0:3e:59:
b0:50:f1:9c:f7:46:9b:54:0c:10:90:e7:ba:3b:6f:
2c:88:08:c2:6f:62:3f:6b:d6:99:17:01:45:eb:6b:
c3:af:6b:07:31:64:b3:dc:0d:8a:f2:65:c0:24:5b:
6c:75:41:c3:0a:6d:af:6c:ab:b1:56:44:4a:95:15:
6d:6c:b6:2b:f2:e6:2d:9c:e0:72:a4:8c:00:52:18:
f1:8c:ef:fd:b7:d2:35:a8:f7:10:41:21:b7:d1:f5:
3d:9e:10:45:b5:96:69:45:f4:ed:dc:c6:a8:0d:0b:
40:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:89:EA:C4:4C:6B:7D:36:8D:54:1F:A9:2B:0B:F6:9F:19:51:59:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/56669E88F68911EFA2187D86762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.40.0/24
Signature Algorithm: sha256WithRSAEncryption
95:0b:2f:2d:2b:62:49:ac:89:62:58:a0:48:00:56:d4:15:f9:
9a:0b:73:44:97:3e:e8:a8:73:c2:4a:38:25:e9:94:dd:ec:cc:
de:6a:0e:2d:fd:70:d6:a2:bc:e0:92:d7:61:56:a1:b9:d2:1c:
d2:45:c9:f7:6b:27:d8:20:6c:a0:50:47:6f:19:f4:1e:2e:92:
8f:86:41:b7:82:82:52:07:08:f3:56:ee:97:70:c3:9e:60:96:
bb:63:1a:59:ad:1f:a6:84:41:87:dc:ef:b5:8c:fb:79:5d:45:
7c:c8:63:05:81:74:cd:81:d1:db:ec:bc:34:83:6e:c9:c8:ba:
cb:57:bf:d7:79:c9:81:3c:1c:6e:5d:ee:eb:38:dd:9d:39:96:
dd:d8:07:34:90:e1:11:23:3a:31:99:39:d9:44:a1:3e:49:73:
52:9d:d5:45:fa:db:6f:e4:af:20:9c:c7:e0:f6:c1:17:93:7a:
34:4e:03:e2:88:d6:c6:7c:1d:66:88:c5:1f:21:f4:e4:a3:4a:
c8:48:e6:7c:6e:42:aa:e1:d5:d9:c6:e9:94:bd:3c:87:fb:4c:
a6:7b:c0:55:d1:9b:06:bd:ee:8c:42:38:56:a5:4f:02:f9:66:
53:29:ab:f0:dd:07:74:94:d8:61:d9:0e:1a:76:95:fa:a0:4e:
39:7a:dd:6d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW3YMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTAzODM2WhcNMjUwMzMxMTAzODM2WjAYMRYw
FAYDVQQDEw02N2MyZTNhZi01ZGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr+PJXTVGQoGG/9aEPYMSN+iz93BBOWgK6pspqSNYwPSxJHgI48xtN6Cb
DLFTmIt4Ym+IMir1cT/LLIQImX85C42TstjYt07bbGN3jxpDcGxuEL7joh4uQkXd
HXZ/o3msH5mOi7AR9Fu85m1YUfOgXHtq7QpeOhA01lf6y92Qcv+LUJHbLOeek0YN
bqHdU77x24bAPlmwUPGc90abVAwQkOe6O28siAjCb2I/a9aZFwFF62vDr2sHMWSz
3A2K8mXAJFtsdUHDCm2vbKuxVkRKlRVtbLYr8uYtnOBypIwAUhjxjO/9t9I1qPcQ
QSG30fU9nhBFtZZpRfTt3MaoDQtAawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKuJ
6sRMa302jVQfqSsL9p8ZUVn6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NjY2OUU4OEY2ODkxMUVGQTIxODdEODY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt4oMA0GCSqGSIb3DQEB
CwUAA4IBAQCVCy8tK2JJrIliWKBIAFbUFfmaC3NElz7oqHPCSjgl6ZTd7Mzeag4t
/XDWorzgktdhVqG50hzSRcn3ayfYIGygUEdvGfQeLpKPhkG3goJSBwjzVu6XcMOe
YJa7YxpZrR+mhEGH3O+1jPt5XUV8yGMFgXTNgdHb7Lw0g27JyLrLV7/XecmBPBxu
Xe7rON2dOZbd2Ac0kOERIzoxmTnZRKE+SXNSndVF+ttv5K8gnMfg9sEXk3o0TgPi
iNbGfB1miMUfIfTko0rISOZ8bkKq4dXZxumUvTyH+0yme8BV0ZsGve6MQjhWpU8C
+WZTKavw3Qd0lNhh2Q4adpX6oE45et1t
-----END CERTIFICATE-----
Generated at Fri May 9 06:59:04 2025 by rpki-client