Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D65E33A246311F0A4101BE0DAE4EC9C.roa
File: 5D65E33A246311F0A4101BE0DAE4EC9C.roa (raw, json)
Hash identifier: /bKUpwhcGP0E7WW+RFE9224WDdm1DupG0s6v1oYvQcU=
Subject key identifier: 8E:CD:27:35:0F:2B:87:13:A2:56:EC:BC:4A:15:AB:5E:CE:47:1A:42
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C6D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D65E33A246311F0A4101BE0DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 19:02:44 +0000
ROA not before: Mon 28 Apr 2025 19:02:39 +0000
ROA not after: Wed 04 Jun 2025 19:02:39 +0000
asID: 48031
IP address blocks: 154.222.207.0/24 maxlen: 24
154.222.212.0/24 maxlen: 24
154.222.213.0/24 maxlen: 24
154.222.214.0/24 maxlen: 24
154.222.240.0/24 maxlen: 24
154.222.241.0/24 maxlen: 24
154.222.243.0/24 maxlen: 24
154.222.244.0/24 maxlen: 24
154.222.245.0/24 maxlen: 24
154.222.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97389 (0x17c6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 19:02:39 2025 GMT
Not After : Jun 4 19:02:39 2025 GMT
Subject: CN=680fd0d4-174c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c2:5d:31:7e:e5:73:cf:f7:f8:7c:cc:3e:84:
00:79:eb:48:56:22:76:47:ad:f8:15:11:ee:44:5b:
72:6a:ff:1d:07:29:13:2d:72:d4:8e:37:ef:fd:8f:
7f:35:8c:a6:ee:86:60:08:81:60:a4:dc:ff:2d:71:
36:68:79:10:05:e1:6f:55:14:03:a7:1e:3d:f6:a6:
ff:d2:67:bb:e2:39:a8:a1:5d:b1:f4:98:b0:c8:01:
61:c5:56:5f:e0:5d:db:fa:d3:b3:d2:c1:31:75:37:
09:3c:b4:78:f2:f1:42:dc:c6:2f:e0:cd:01:04:f5:
1f:3e:7a:f5:15:f9:9f:02:44:81:cf:02:3c:2e:75:
95:4b:c6:6a:1f:9f:ab:14:aa:1c:06:be:c8:8b:96:
6c:20:e0:15:46:b1:f2:83:6d:d9:ab:0e:60:2e:a4:
ed:59:a3:e7:99:08:59:d1:f8:1a:93:bc:95:bf:d6:
ba:a0:fa:4d:f3:70:c2:fb:5f:68:19:60:b1:5b:7e:
69:c8:c5:62:1e:9a:40:e1:b8:6b:45:5c:33:c5:68:
a3:1e:61:e1:ec:89:5a:e3:5f:ff:7b:13:53:10:ff:
18:90:e9:8c:ba:5b:63:96:72:21:9f:65:76:56:2e:
7f:4f:04:e7:12:e9:12:94:71:d7:4e:aa:f9:d7:bb:
8e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CD:27:35:0F:2B:87:13:A2:56:EC:BC:4A:15:AB:5E:CE:47:1A:42
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D65E33A246311F0A4101BE0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.207.0/24
154.222.212.0-154.222.214.255
154.222.240.0/23
154.222.243.0-154.222.246.255
Signature Algorithm: sha256WithRSAEncryption
20:d7:58:2b:1a:10:bb:90:7a:9a:5d:a6:4c:55:19:f6:db:7b:
4c:cf:d2:62:82:92:1c:9b:fa:cc:bd:1e:fc:13:61:b2:e9:60:
9f:ea:a7:ec:de:02:7c:5a:18:f1:6b:9a:55:42:9c:bf:9a:b8:
05:16:e2:bb:7d:83:ee:1d:c4:d0:5a:b7:60:2e:55:93:1b:a0:
90:c6:ec:db:c3:69:d5:55:64:11:3f:b2:85:66:64:cb:ab:26:
53:46:fd:46:be:0a:ad:2c:61:60:75:d5:31:ac:32:84:c9:4e:
e9:89:c3:6d:4f:56:f0:90:49:09:9b:00:b3:9e:08:e7:0c:d9:
33:6d:cf:1f:6f:ff:13:ff:c8:75:2e:ab:1b:e0:97:3b:d9:ae:
8d:33:06:89:a3:22:56:a0:cb:f3:a9:7d:95:8a:61:f5:2c:e0:
82:ce:26:13:82:8f:7f:53:14:64:59:77:c7:2b:0e:ce:03:e3:
d3:8e:b9:53:60:42:c2:26:ab:c5:d0:5f:55:53:d9:86:3b:01:
46:19:11:9a:1a:d7:91:2d:ba:b5:2b:a0:7f:94:e4:e5:22:2c:
8c:e8:7a:1a:cd:1f:e6:02:0d:59:b4:8d:51:f5:f4:0c:8d:e5:
b0:d1:f9:e1:24:4d:cb:ed:57:94:fb:7f:9e:2a:36:ee:b2:b2:
c1:8a:a0:f6
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIDAXxtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTkwMjM5WhcNMjUwNjA0MTkwMjM5WjAYMRYw
FAYDVQQDEw02ODBmZDBkNC0xNzRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0cJdMX7lc8/3+HzMPoQAeetIViJ2R634FRHuRFtyav8dBykTLXLUjjfv
/Y9/NYym7oZgCIFgpNz/LXE2aHkQBeFvVRQDpx499qb/0me74jmooV2x9JiwyAFh
xVZf4F3b+tOz0sExdTcJPLR48vFC3MYv4M0BBPUfPnr1FfmfAkSBzwI8LnWVS8Zq
H5+rFKocBr7Ii5ZsIOAVRrHyg23Zqw5gLqTtWaPnmQhZ0fgak7yVv9a6oPpN83DC
+19oGWCxW35pyMViHppA4bhrRVwzxWijHmHh7Ila41//exNTEP8YkOmMultjlnIh
n2V2Vi5/TwTnEukSlHHXTqr517uO3QIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFI7N
JzUPK4cTolbsvEoVq17ORxpCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RDY1RTMzQTI0NjMxMUYwQTQxMDFCRTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAmt7PMAwDBAKa3tQDBACa
3tYDBAGa3vAwDAMEAJre8wMEAJre9jANBgkqhkiG9w0BAQsFAAOCAQEAINdYKxoQ
u5B6ml2mTFUZ9tt7TM/SYoKSHJv6zL0e/BNhsulgn+qn7N4CfFoY8WuaVUKcv5q4
BRbiu32D7h3E0Fq3YC5VkxugkMbs28Np1VVkET+yhWZky6smU0b9Rr4KrSxhYHXV
MawyhMlO6YnDbU9W8JBJCZsAs54I5wzZM23PH2//E//IdS6rG+CXO9mujTMGiaMi
VqDL86l9lYph9Szggs4mE4KPf1MUZFl3xysOzgPj0465U2BCwiarxdBfVVPZhjsB
RhkRmhrXkS26tSugf5Tk5SIsjOh6Gs0f5gINWbSNUfX0DI3lsNH54SRNy+1XlPt/
nio27rKywYqg9g==
-----END CERTIFICATE-----
Generated at Fri Jun 6 14:10:46 2025 by rpki-client