Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7EB2F45CEF7E11EF8092C64F762E951A.roa
File: 7EB2F45CEF7E11EF8092C64F762E951A.roa (raw, json)
Hash identifier: qALrJqtV3uWdCxFI8CKYlaxd4e+Sq6lZwIyC2Js38yM=
Subject key identifier: 01:57:DD:14:5D:6C:B3:AA:0B:7E:CE:9E:1A:04:67:88:E2:44:F6:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0158CE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7EB2F45CEF7E11EF8092C64F762E951A.roa
Signing time: Thu 20 Feb 2025 11:33:24 +0000
ROA not before: Thu 20 Feb 2025 11:33:20 +0000
ROA not after: Thu 20 Mar 2025 11:33:20 +0000
asID: 54600
IP address blocks: 154.217.234.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88270 (0x158ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 20 11:33:20 2025 GMT
Not After : Mar 20 11:33:20 2025 GMT
Subject: CN=67b71304-577d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d0:19:fc:94:1a:74:73:6f:f0:68:18:0f:a1:
b6:9b:2c:6f:39:a0:40:e9:ec:d2:cf:52:88:c0:57:
7d:77:40:fb:4d:ba:72:6c:7e:c5:72:df:36:4f:70:
88:b1:2e:67:8b:6a:c1:ba:05:28:4a:34:7d:8d:53:
06:a0:e6:84:62:8f:80:31:cb:8b:98:cd:f2:25:16:
cb:7e:dd:ef:73:4c:32:32:f9:6a:52:63:af:47:d3:
31:ee:4b:64:42:a2:66:ca:58:71:be:2e:b8:b2:74:
67:eb:8a:fd:a9:13:9b:ab:20:b2:4c:d2:07:e1:e5:
68:e3:c7:4e:7d:20:f9:a8:df:d8:9a:51:fc:c1:f9:
e6:3e:8f:a0:af:83:7c:a7:c8:4a:0c:88:a8:2e:fc:
8e:94:b9:1a:8c:0c:b3:07:45:be:c8:5d:72:5b:76:
85:b4:13:56:58:72:6d:d0:f2:b7:12:7c:27:29:5c:
1c:dd:60:39:15:87:32:25:a2:d1:1d:ec:74:ad:a5:
aa:a4:19:cf:f3:48:d6:24:4c:af:aa:1b:46:81:dd:
ed:15:79:3d:fb:80:66:0e:1a:c9:68:b1:34:a9:b1:
a7:ec:30:d9:6f:f3:6b:e4:0c:57:65:e9:b7:f3:cd:
3b:fb:f1:5e:f7:c9:d5:24:7a:bc:10:28:88:96:6d:
a3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:57:DD:14:5D:6C:B3:AA:0B:7E:CE:9E:1A:04:67:88:E2:44:F6:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7EB2F45CEF7E11EF8092C64F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.234.0/23
Signature Algorithm: sha256WithRSAEncryption
80:9c:28:28:68:92:38:fd:e0:bb:4a:a6:a6:50:1b:53:1b:22:
34:72:2c:69:a0:85:08:a4:fc:1a:32:35:aa:75:45:7f:04:ea:
65:2c:b8:e0:f1:75:20:76:08:56:43:4a:9e:5a:0c:24:e1:05:
5c:05:dc:b4:97:5b:35:3e:23:b8:77:10:b1:6e:fc:cc:a7:89:
65:fd:95:7b:62:24:7b:d9:a5:f6:cd:69:f3:10:e2:d2:5f:ad:
ee:0f:f5:05:9c:9c:80:72:14:47:9d:32:bd:3c:a1:5d:fe:ab:
bd:e1:dc:6f:b2:9a:dc:5b:ef:ca:69:a5:c3:8a:24:df:87:90:
0a:7b:15:84:75:7c:b2:b7:9e:c2:3c:e6:72:57:10:71:6a:65:
a9:55:ac:9e:07:04:39:ba:7a:f5:1e:e1:c2:e4:67:9e:98:c0:
cd:79:b5:53:69:be:a2:2c:17:8b:c9:8d:f4:50:09:46:b9:a9:
07:ac:f2:9c:08:f1:e9:cc:60:9a:8a:d1:58:4f:23:88:3b:1a:
ad:dd:af:aa:d7:71:02:ec:75:a2:51:a5:0e:c6:9d:f5:42:0b:
19:c3:d7:80:13:f7:83:8b:1b:7a:2f:aa:23:ef:d4:2b:a1:b3:
10:71:be:a4:ff:d1:b5:25:a1:39:95:4c:1d:52:7e:22:5f:59:
b6:69:39:a9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVjOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIwMTEzMzIwWhcNMjUwMzIwMTEzMzIwWjAYMRYw
FAYDVQQDEw02N2I3MTMwNC01NzdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwdAZ/JQadHNv8GgYD6G2myxvOaBA6ezSz1KIwFd9d0D7TbpybH7Fct82
T3CIsS5ni2rBugUoSjR9jVMGoOaEYo+AMcuLmM3yJRbLft3vc0wyMvlqUmOvR9Mx
7ktkQqJmylhxvi64snRn64r9qRObqyCyTNIH4eVo48dOfSD5qN/YmlH8wfnmPo+g
r4N8p8hKDIioLvyOlLkajAyzB0W+yF1yW3aFtBNWWHJt0PK3EnwnKVwc3WA5FYcy
JaLRHex0raWqpBnP80jWJEyvqhtGgd3tFXk9+4BmDhrJaLE0qbGn7DDZb/Nr5AxX
Zem38807+/Fe98nVJHq8ECiIlm2jPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAFX
3RRdbLOqC37OnhoEZ4jiRPa6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83RUIyRjQ1Q0VGN0UxMUVGODA5MkM2NEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtnqMA0GCSqGSIb3DQEB
CwUAA4IBAQCAnCgoaJI4/eC7SqamUBtTGyI0cixpoIUIpPwaMjWqdUV/BOplLLjg
8XUgdghWQ0qeWgwk4QVcBdy0l1s1PiO4dxCxbvzMp4ll/ZV7YiR72aX2zWnzEOLS
X63uD/UFnJyAchRHnTK9PKFd/qu94dxvsprcW+/KaaXDiiTfh5AKexWEdXyyt57C
POZyVxBxamWpVayeBwQ5unr1HuHC5GeemMDNebVTab6iLBeLyY30UAlGuakHrPKc
CPHpzGCaitFYTyOIOxqt3a+q13EC7HWiUaUOxp31QgsZw9eAE/eDixt6L6oj79Qr
obMQcb6k/9G1JaE5lUwdUn4iX1m2aTmp
-----END CERTIFICATE-----
Generated at Fri May 9 09:06:19 2025 by rpki-client