Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/737C4E80F50F11EF86DF0966762E951A.roa
File: 737C4E80F50F11EF86DF0966762E951A.roa (raw, json)
Hash identifier: ZT/CO828+O/jW9momhqnvdUUFQSAlCrITPFBDDXF9WI=
Subject key identifier: 0B:45:C1:8C:86:AD:E9:B5:90:88:64:C9:D5:FE:3A:D3:67:C3:07:F2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01688D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/737C4E80F50F11EF86DF0966762E951A.roa
Signing time: Thu 27 Feb 2025 13:33:38 +0000
ROA not before: Thu 27 Feb 2025 13:33:35 +0000
ROA not after: Wed 26 Mar 2025 13:33:35 +0000
asID: 62240
IP address blocks: 154.196.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92301 (0x1688d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 13:33:35 2025 GMT
Not After : Mar 26 13:33:35 2025 GMT
Subject: CN=67c069b2-fb5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b5:f9:1b:58:af:a2:7f:42:c3:b4:e4:9b:29:
cb:3e:03:40:4d:93:60:66:09:af:94:e9:0b:10:9a:
33:81:87:8a:7c:29:e5:b4:26:30:db:e9:76:06:6f:
3c:4e:64:8e:7f:c2:8f:60:00:88:f1:f5:bf:26:78:
81:4a:3b:82:bf:0c:98:67:f9:f0:5c:61:ae:a1:d6:
ae:78:2f:4c:82:a8:94:fb:53:7a:bb:e0:af:d2:78:
ca:35:71:b6:05:0a:2c:bc:1f:cc:24:37:46:8b:54:
0c:ca:a1:be:47:f1:9d:33:d7:8b:01:a0:d1:ad:07:
fb:79:ce:ed:6f:dc:44:db:e9:e6:cc:de:b4:63:13:
a4:43:4f:e4:7b:57:8b:d2:ab:0d:1d:41:5d:41:95:
b4:80:aa:d9:79:fa:be:37:6c:03:d0:d0:44:42:ef:
7f:f7:c8:8c:f9:ba:ff:0f:2d:f0:db:41:e6:0a:43:
a0:5d:0f:c1:40:be:d4:ba:f6:60:17:27:c8:fa:e2:
06:c7:31:1e:31:3f:28:e8:a4:2e:9f:d7:4f:c0:f6:
86:32:d0:d0:d2:25:d5:b0:f9:a9:a2:89:aa:ba:4d:
19:e4:9c:2f:75:f0:9c:56:82:7b:6f:7b:fc:99:9d:
7a:7d:f4:3a:fb:7e:74:18:c9:c1:a0:dc:59:8e:f7:
39:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:45:C1:8C:86:AD:E9:B5:90:88:64:C9:D5:FE:3A:D3:67:C3:07:F2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/737C4E80F50F11EF86DF0966762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.21.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:ac:91:b5:18:2c:65:5e:35:b5:7e:37:49:3d:a4:de:01:b1:
0c:1f:87:f0:90:1b:b6:53:ac:19:98:e7:d5:c0:6e:50:5a:31:
af:a0:9a:f2:32:da:3a:92:b9:29:e4:c1:e4:e2:6f:ba:06:b6:
35:e7:d2:38:62:13:ed:b8:b9:32:7d:99:7c:b1:e6:87:e2:33:
04:e7:7d:5c:cd:7c:60:8b:87:7b:76:cf:7a:31:11:31:04:13:
48:25:25:32:07:8b:69:b0:82:24:a4:29:a6:82:4e:46:00:38:
87:64:bc:15:8e:51:53:19:f7:56:17:a9:84:0a:b5:e6:cf:55:
43:d6:15:fd:1c:23:59:dd:7a:64:91:e9:38:68:bb:40:95:f2:
9c:bd:1a:d5:31:8e:43:67:10:70:19:a7:d6:e2:31:51:17:aa:
e4:32:7f:43:78:ea:e8:86:b8:f7:8f:2e:76:43:cb:f9:49:12:
d4:24:27:35:82:3b:58:49:1d:2c:d9:42:64:f5:df:6e:54:e4:
d0:61:80:43:2e:d6:74:67:5e:c0:f7:c8:d0:fc:00:f3:6d:fa:
cc:29:34:09:85:8d:f4:a8:e0:c8:fd:c4:45:03:03:cc:28:a1:
c4:18:17:97:33:39:da:3c:43:50:1a:af:7d:cf:0c:50:f5:ea:
d9:49:fd:88
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWiNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTMzMzM1WhcNMjUwMzI2MTMzMzM1WjAYMRYw
FAYDVQQDEw02N2MwNjliMi1mYjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1rX5G1ivon9Cw7TkmynLPgNATZNgZgmvlOkLEJozgYeKfCnltCYw2+l2
Bm88TmSOf8KPYACI8fW/JniBSjuCvwyYZ/nwXGGuodaueC9MgqiU+1N6u+Cv0njK
NXG2BQosvB/MJDdGi1QMyqG+R/GdM9eLAaDRrQf7ec7tb9xE2+nmzN60YxOkQ0/k
e1eL0qsNHUFdQZW0gKrZefq+N2wD0NBEQu9/98iM+br/Dy3w20HmCkOgXQ/BQL7U
uvZgFyfI+uIGxzEeMT8o6KQun9dPwPaGMtDQ0iXVsPmpoomquk0Z5JwvdfCcVoJ7
b3v8mZ16ffQ6+350GMnBoNxZjvc5dQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAtF
wYyGrem1kIhkydX+OtNnwwfyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MzdDNEU4MEY1MEYxMUVGODZERjA5NjY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQVMA0GCSqGSIb3DQEB
CwUAA4IBAQCnrJG1GCxlXjW1fjdJPaTeAbEMH4fwkBu2U6wZmOfVwG5QWjGvoJry
Mto6krkp5MHk4m+6BrY159I4YhPtuLkyfZl8seaH4jME531czXxgi4d7ds96MREx
BBNIJSUyB4tpsIIkpCmmgk5GADiHZLwVjlFTGfdWF6mECrXmz1VD1hX9HCNZ3Xpk
kek4aLtAlfKcvRrVMY5DZxBwGafW4jFRF6rkMn9DeOrohrj3jy52Q8v5SRLUJCc1
gjtYSR0s2UJk9d9uVOTQYYBDLtZ0Z17A98jQ/ADzbfrMKTQJhY30qODI/cRFAwPM
KKHEGBeXMznaPENQGq99zwxQ9erZSf2I
-----END CERTIFICATE-----
Generated at Fri May 9 06:49:30 2025 by rpki-client