Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E4AA7848A9711EE90718B234AD9E6FC.roa
File: 5E4AA7848A9711EE90718B234AD9E6FC.roa (raw, json)
Hash identifier: mT5DNyLZOaL0TLxtv3mzihL+DVEe5IVThUycGXyzuzw=
Subject key identifier: 81:74:D9:34:C4:B6:B0:C1:5D:D8:81:3C:51:83:7D:86:4B:CC:6B:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 541C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E4AA7848A9711EE90718B234AD9E6FC.roa
Signing time: Fri 24 Nov 2023 07:02:02 +0000
ROA not before: Fri 24 Nov 2023 07:01:59 +0000
ROA not after: Tue 26 Dec 2023 07:01:59 +0000
asID: 62240
IP address blocks: 154.195.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21532 (0x541c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 07:01:59 2023 GMT
Not After : Dec 26 07:01:59 2023 GMT
Subject: CN=65604a6a-065d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:54:98:21:c6:5a:1b:1e:a0:fd:f8:01:d1:6c:
e7:40:a1:5d:f1:ba:2f:8e:9b:02:d0:6e:d9:08:36:
a5:06:c3:46:43:0f:2e:7d:cc:59:bf:49:ae:23:f5:
ef:6f:ce:84:31:25:98:f4:27:e0:af:2c:b4:3a:39:
57:fb:70:38:5f:a1:b5:29:36:1e:cd:79:b3:e5:17:
4e:3a:34:59:80:15:8a:d5:73:91:b2:eb:45:d6:02:
26:fd:14:59:3f:55:de:92:10:74:ef:e6:e8:05:da:
c0:bc:95:54:b3:09:3d:9d:70:1e:0e:ac:8f:f2:25:
92:2e:6e:2d:bb:5c:1e:ae:1a:c0:62:33:d9:2e:02:
7a:96:2d:f7:16:88:53:0c:ad:2c:17:fa:68:0f:14:
58:82:95:ab:71:9e:e0:d5:8d:fe:cf:3e:95:74:85:
4a:77:ac:58:dc:a7:99:61:d0:34:9f:1e:5c:51:88:
5a:5e:59:53:8d:e1:8c:a8:6d:80:4f:3a:97:b0:54:
9f:ef:86:65:3b:97:a6:37:d6:a4:54:d0:5d:9f:00:
1c:09:66:b7:d8:24:e4:aa:36:71:95:9a:00:86:01:
9f:8f:1b:c5:42:2d:d5:97:c7:b0:90:ab:cc:eb:af:
1f:ac:51:78:07:a2:5e:3b:e4:17:b1:31:f9:3c:a4:
df:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:74:D9:34:C4:B6:B0:C1:5D:D8:81:3C:51:83:7D:86:4B:CC:6B:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E4AA7848A9711EE90718B234AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.20.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:18:c2:ea:3d:8a:35:2b:bd:94:c4:08:d3:d9:0b:cd:00:ad:
37:de:8a:87:36:aa:01:9c:aa:f7:39:a2:dc:76:2f:ac:38:d4:
98:68:29:22:a1:65:c5:c7:7c:8e:4d:13:c2:f6:89:5b:c4:c3:
be:6a:10:01:c3:f8:b7:ee:f7:fd:ca:7b:b1:05:31:b0:ec:bc:
ab:5e:91:67:0c:70:d9:6a:82:03:4c:41:83:64:8b:aa:62:fe:
49:4e:9b:37:87:4d:55:9a:93:c5:53:4f:af:66:da:84:ce:f1:
83:79:3d:13:74:36:8d:67:dd:c8:2a:b2:64:30:d1:91:34:e8:
0d:89:5a:0e:1a:ac:db:78:59:45:06:06:6d:05:1f:c4:0b:ca:
99:a9:72:2c:ea:a2:f8:a8:3c:43:aa:7d:c4:d6:de:45:74:dd:
63:af:15:9c:05:06:d6:94:a4:58:72:15:c8:b3:65:40:4d:de:
d6:38:fd:44:22:cd:c0:5b:90:ff:f5:91:94:0c:58:4b:6d:96:
74:39:cd:6f:01:12:34:aa:f4:89:77:f3:9b:45:91:ef:dd:b7:
bc:dc:5f:72:f4:68:52:0a:64:5f:49:53:cf:c6:24:18:d7:22:
e7:be:07:8c:0e:1f:12:0d:2f:37:f9:ba:8c:91:d9:73:b3:81:
b3:36:3a:b6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVBwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNzAxNTlaFw0yMzEyMjYwNzAxNTlaMBgxFjAU
BgNVBAMTDTY1NjA0YTZhLTA2NWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUVJghxlobHqD9+AHRbOdAoV3xui+OmwLQbtkINqUGw0ZDDy59zFm/Sa4j
9e9vzoQxJZj0J+CvLLQ6OVf7cDhfobUpNh7NebPlF046NFmAFYrVc5Gy60XWAib9
FFk/Vd6SEHTv5ugF2sC8lVSzCT2dcB4OrI/yJZIubi27XB6uGsBiM9kuAnqWLfcW
iFMMrSwX+mgPFFiClatxnuDVjf7PPpV0hUp3rFjcp5lh0DSfHlxRiFpeWVON4Yyo
bYBPOpewVJ/vhmU7l6Y31qRU0F2fABwJZrfYJOSqNnGVmgCGAZ+PG8VCLdWXx7CQ
q8zrrx+sUXgHol475BexMfk8pN8VAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUgXTZ
NMS2sMFd2IE8UYN9hkvMa/gwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzVFNEFBNzg0OEE5NzExRUU5MDcxOEIyMzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACawxQwDQYJKoZIhvcNAQEL
BQADggEBAJ0Ywuo9ijUrvZTECNPZC80ArTfeioc2qgGcqvc5otx2L6w41JhoKSKh
ZcXHfI5NE8L2iVvEw75qEAHD+Lfu9/3Ke7EFMbDsvKtekWcMcNlqggNMQYNki6pi
/klOmzeHTVWak8VTT69m2oTO8YN5PRN0No1n3cgqsmQw0ZE06A2JWg4arNt4WUUG
Bm0FH8QLypmpcizqovioPEOqfcTW3kV03WOvFZwFBtaUpFhyFcizZUBN3tY4/UQi
zcBbkP/1kZQMWEttlnQ5zW8BEjSq9Il385tFke/dt7zcX3L0aFIKZF9JU8/GJBjX
Iue+B4wOHxINLzf5uoyR2XOzgbM2OrY=
-----END CERTIFICATE-----
Generated at Fri May 9 10:33:58 2025 by rpki-client