Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7D05F942F62211EF997FBDBC762E951A.roa
File: 7D05F942F62211EF997FBDBC762E951A.roa (raw, json)
Hash identifier: 1JJOgu8vXjpjV30WwV3mH7ghPO1fiS8vPuL0sfhAqys=
Subject key identifier: C1:ED:86:78:33:F7:D3:C8:35:A7:ED:96:21:6A:EA:67:B7:D9:AA:E8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016C89
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7D05F942F62211EF997FBDBC762E951A.roa
Signing time: Fri 28 Feb 2025 22:22:26 +0000
ROA not before: Fri 28 Feb 2025 22:22:22 +0000
ROA not after: Mon 31 Mar 2025 22:22:22 +0000
asID: 5065
IP address blocks: 154.86.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93321 (0x16c89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 22:22:22 2025 GMT
Not After : Mar 31 22:22:22 2025 GMT
Subject: CN=67c23722-b9ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:83:4d:3b:cc:7b:ee:56:25:68:e1:76:44:c7:
e0:0b:c7:d5:78:ee:94:e6:a0:6c:da:91:d4:20:c2:
4e:62:91:c1:4e:7f:e8:61:1b:38:54:b2:12:c6:de:
85:5f:f1:95:ef:e9:78:e0:3f:d8:50:a4:41:de:0a:
21:c7:6a:28:e5:1a:95:52:fc:6d:7c:3f:2f:e1:1a:
53:77:8c:60:9c:34:37:81:14:91:65:71:b6:f1:3b:
d8:54:f6:cd:ad:34:df:a6:42:7c:f7:44:d6:cb:c5:
6b:db:71:20:ed:7e:56:a5:77:c4:ab:6d:18:a1:8f:
db:72:be:6b:6b:da:dc:19:9d:5d:98:59:02:bd:0a:
c1:e5:b0:46:04:47:99:ad:b5:8f:58:6c:c4:40:72:
5b:6f:52:5f:5d:50:1f:cb:34:f1:e0:4d:ae:6f:d8:
5f:10:c7:ac:30:85:6b:c3:50:4f:2a:e2:17:35:ba:
f5:d2:2a:fa:3a:69:2c:91:07:8e:53:f6:af:a3:fa:
ec:10:94:63:98:74:b0:a1:1c:b4:88:fa:75:cd:99:
b3:1c:0e:a8:5a:d8:c7:ba:79:60:11:b4:5d:21:d4:
5e:80:76:c7:e6:67:18:1c:0d:dd:fc:00:c1:8b:06:
b7:45:d4:1d:4c:14:ff:2c:f9:38:42:1c:b8:c3:01:
fd:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:ED:86:78:33:F7:D3:C8:35:A7:ED:96:21:6A:EA:67:B7:D9:AA:E8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7D05F942F62211EF997FBDBC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.10.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:9d:32:cc:6b:8f:95:f9:ee:33:0d:7e:63:f7:4b:c8:90:ae:
f3:75:be:6d:a0:bd:0c:81:dd:38:3d:3d:e2:73:fe:c1:bc:53:
40:54:d5:be:bd:9f:c1:a1:5d:ff:01:17:51:72:cb:c8:40:70:
3c:48:40:72:d7:c5:92:a9:f3:ee:f0:83:33:4a:20:84:51:7d:
2d:4e:1b:3d:d3:b6:0c:54:e3:69:15:3b:5c:a4:d1:2d:18:e3:
c3:26:0a:9e:b1:3a:34:84:1d:c3:69:c6:b2:b7:92:bd:b0:ed:
b3:d5:7a:52:7c:f5:9e:3b:73:af:f0:f0:1c:d7:22:4d:20:e0:
f4:bc:46:59:89:8c:2d:09:c8:3c:01:2f:2e:00:f2:b3:24:33:
c5:f3:fc:83:2c:ea:38:d8:74:e1:db:9c:71:4c:85:07:81:0d:
e0:8c:61:f4:22:e4:f7:38:e3:7d:26:17:81:e3:13:3e:a8:d3:
a1:6f:13:90:86:0a:ca:58:92:b1:a3:cc:fe:b9:ea:f0:cd:29:
f6:4f:5a:ea:6c:33:91:8f:36:ec:c7:67:3e:08:5d:ab:34:49:
b2:07:44:d5:3e:93:5b:8a:14:d9:5c:10:fc:0d:b7:43:9e:da:
bd:6f:66:ac:d8:45:54:60:ff:f7:76:95:34:f6:64:6f:4a:83:
f9:23:93:d2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWyJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjIyMjIyWhcNMjUwMzMxMjIyMjIyWjAYMRYw
FAYDVQQDEw02N2MyMzcyMi1iOWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA14NNO8x77lYlaOF2RMfgC8fVeO6U5qBs2pHUIMJOYpHBTn/oYRs4VLIS
xt6FX/GV7+l44D/YUKRB3gohx2oo5RqVUvxtfD8v4RpTd4xgnDQ3gRSRZXG28TvY
VPbNrTTfpkJ890TWy8Vr23Eg7X5WpXfEq20YoY/bcr5ra9rcGZ1dmFkCvQrB5bBG
BEeZrbWPWGzEQHJbb1JfXVAfyzTx4E2ub9hfEMesMIVrw1BPKuIXNbr10ir6Omks
kQeOU/avo/rsEJRjmHSwoRy0iPp1zZmzHA6oWtjHunlgEbRdIdRegHbH5mcYHA3d
/ADBiwa3RdQdTBT/LPk4Qhy4wwH9xQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMHt
hngz99PINaftliFq6me32aroMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83RDA1Rjk0MkY2MjIxMUVGOTk3RkJEQkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlYKMA0GCSqGSIb3DQEB
CwUAA4IBAQBtnTLMa4+V+e4zDX5j90vIkK7zdb5toL0Mgd04PT3ic/7BvFNAVNW+
vZ/BoV3/ARdRcsvIQHA8SEBy18WSqfPu8IMzSiCEUX0tThs907YMVONpFTtcpNEt
GOPDJgqesTo0hB3Dacayt5K9sO2z1XpSfPWeO3Ov8PAc1yJNIOD0vEZZiYwtCcg8
AS8uAPKzJDPF8/yDLOo42HTh25xxTIUHgQ3gjGH0IuT3OON9JheB4xM+qNOhbxOQ
hgrKWJKxo8z+uerwzSn2T1rqbDORjzbsx2c+CF2rNEmyB0TVPpNbihTZXBD8DbdD
ntq9b2as2EVUYP/3dpU09mRvSoP5I5PS
-----END CERTIFICATE-----
Generated at Fri May 9 07:11:08 2025 by rpki-client