Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72662052EFAB11EF8E1FE570762E951A.roa
File: 72662052EFAB11EF8E1FE570762E951A.roa (raw, json)
Hash identifier: ZMO4n4ENO6HpghS6AE5ZHH/CXSE05I8BIyGZKUWg1Ec=
Subject key identifier: C3:E1:DE:65:61:86:56:89:56:EF:72:D7:5D:96:F8:54:69:11:78:0A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01594D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72662052EFAB11EF8E1FE570762E951A.roa
Signing time: Thu 20 Feb 2025 16:55:11 +0000
ROA not before: Thu 20 Feb 2025 16:55:07 +0000
ROA not after: Mon 31 Mar 2025 16:55:07 +0000
asID: 264605
IP address blocks: 154.88.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88397 (0x1594d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 20 16:55:07 2025 GMT
Not After : Mar 31 16:55:07 2025 GMT
Subject: CN=67b75e6f-6480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a8:fd:21:bb:68:80:d6:6a:94:02:24:93:da:
f9:ed:95:3e:04:f1:80:0d:3e:a2:7f:09:49:62:79:
b9:e8:7c:db:f1:a2:f1:7d:af:f8:d9:a0:a9:c4:57:
b7:40:3c:0d:96:81:3c:63:7e:96:dd:3d:20:aa:a2:
d5:65:28:d6:e6:c8:e9:48:b0:f9:81:c2:1c:67:b7:
01:85:d6:55:22:3e:8f:58:7b:be:8b:03:14:30:2f:
f4:3d:e7:4b:76:28:15:0f:f0:75:9a:71:4c:d6:8c:
d6:0d:ad:fd:13:82:ef:ca:2c:3b:c0:dd:e3:fa:6f:
c3:b0:b3:30:cf:02:d2:35:b2:f1:04:15:95:90:17:
1a:da:e8:f1:05:da:6f:04:27:8b:c9:64:ab:40:83:
41:39:71:40:15:5d:87:41:34:02:6e:5c:b5:0f:4f:
0a:be:d7:ad:8c:3b:96:72:3f:23:97:c0:46:fa:97:
f5:b8:17:f0:5b:e3:8c:a1:6f:fb:c6:94:1e:a7:e7:
9c:3f:71:ea:9a:59:2e:2c:51:55:bf:7e:c1:df:80:
5d:b8:5f:d6:6c:da:b2:c1:30:42:12:ec:2b:49:4b:
3c:da:77:67:0c:1b:71:7a:02:7b:b8:1e:70:8a:ff:
a0:79:2e:dc:76:ae:65:6d:06:70:15:38:9e:24:c2:
00:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:E1:DE:65:61:86:56:89:56:EF:72:D7:5D:96:F8:54:69:11:78:0A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72662052EFAB11EF8E1FE570762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.192.0/18
Signature Algorithm: sha256WithRSAEncryption
72:63:54:db:f8:85:15:20:54:26:fa:81:cf:0f:db:96:55:d8:
98:8b:4a:29:14:44:41:a0:49:7b:43:e0:9a:54:c2:af:47:3a:
e0:76:d4:f4:ae:31:8f:b6:e8:fe:58:bd:88:c4:44:37:59:59:
f0:58:d9:8e:0c:fe:d6:4d:dc:98:fa:e2:51:7d:fc:c9:fc:d2:
24:5c:9e:e7:f1:3a:5a:9c:17:82:df:1a:82:88:e9:76:e0:92:
0c:64:d2:f2:12:4b:a4:36:16:ff:83:9c:71:c2:45:06:fe:f7:
68:56:c9:64:17:da:ca:48:32:94:82:98:f5:57:c0:d9:90:94:
ff:47:2c:39:77:81:10:c5:09:80:01:cd:b1:2c:2f:23:db:f5:
6a:cf:f4:e4:4a:96:e4:81:55:04:75:22:7d:ce:d4:d0:2a:95:
1d:8d:55:d4:0a:b4:88:f2:f2:19:d1:bf:85:35:4b:40:14:a7:
7d:7d:61:fa:fb:6b:bd:9a:9a:2a:c8:19:8b:41:f1:30:0e:0c:
49:78:3d:fa:39:89:50:5d:73:4b:58:cd:a9:6a:2a:21:a8:1a:
ef:ab:48:ff:56:09:33:15:e4:73:af:74:f3:df:43:21:b1:a5:
18:d1:a8:e4:9d:7d:fc:d1:ef:28:23:1c:fd:ff:7f:c1:ed:09:
34:91:40:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVlNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIwMTY1NTA3WhcNMjUwMzMxMTY1NTA3WjAYMRYw
FAYDVQQDEw02N2I3NWU2Zi02NDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnKj9IbtogNZqlAIkk9r57ZU+BPGADT6ifwlJYnm56Hzb8aLxfa/42aCp
xFe3QDwNloE8Y36W3T0gqqLVZSjW5sjpSLD5gcIcZ7cBhdZVIj6PWHu+iwMUMC/0
PedLdigVD/B1mnFM1ozWDa39E4Lvyiw7wN3j+m/DsLMwzwLSNbLxBBWVkBca2ujx
BdpvBCeLyWSrQINBOXFAFV2HQTQCbly1D08KvtetjDuWcj8jl8BG+pf1uBfwW+OM
oW/7xpQep+ecP3HqmlkuLFFVv37B34BduF/WbNqywTBCEuwrSUs82ndnDBtxegJ7
uB5wiv+geS7cdq5lbQZwFTieJMIAaQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMPh
3mVhhlaJVu9y112W+FRpEXgKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MjY2MjA1MkVGQUIxMUVGOEUxRkU1NzA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmljAMA0GCSqGSIb3DQEB
CwUAA4IBAQByY1Tb+IUVIFQm+oHPD9uWVdiYi0opFERBoEl7Q+CaVMKvRzrgdtT0
rjGPtuj+WL2IxEQ3WVnwWNmODP7WTdyY+uJRffzJ/NIkXJ7n8TpanBeC3xqCiOl2
4JIMZNLyEkukNhb/g5xxwkUG/vdoVslkF9rKSDKUgpj1V8DZkJT/Ryw5d4EQxQmA
Ac2xLC8j2/Vqz/TkSpbkgVUEdSJ9ztTQKpUdjVXUCrSI8vIZ0b+FNUtAFKd9fWH6
+2u9mpoqyBmLQfEwDgxJeD36OYlQXXNLWM2paiohqBrvq0j/VgkzFeRzr3Tz30Mh
saUY0ajknX380e8oIxz9/3/B7Qk0kUCF
-----END CERTIFICATE-----
Generated at Fri May 9 07:21:28 2025 by rpki-client