Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7F73FF968A7E11EE9385994F4AD9E6FC.roa
File: 7F73FF968A7E11EE9385994F4AD9E6FC.roa (raw, json)
Hash identifier: l9hv4iqDZLjKRnHhfQP7fCnUfVv6M9R+4pEw4XRo20o=
Subject key identifier: 78:D5:90:85:18:3D:3D:97:B5:61:A0:B8:58:CE:F2:E5:19:CD:F6:56
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 529A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7F73FF968A7E11EE9385994F4AD9E6FC.roa
Signing time: Fri 24 Nov 2023 04:04:00 +0000
ROA not before: Fri 24 Nov 2023 04:03:57 +0000
ROA not after: Tue 26 Dec 2023 04:03:57 +0000
asID: 62240
IP address blocks: 154.196.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21146 (0x529a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 04:03:57 2023 GMT
Not After : Dec 26 04:03:57 2023 GMT
Subject: CN=656020b0-36e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a3:aa:6b:58:5f:d2:ec:c9:60:f4:57:e3:03:
45:7f:42:be:79:02:06:32:c7:a2:27:6f:cc:16:57:
42:f5:f8:51:53:60:64:ea:97:0e:e2:66:27:d1:a3:
cd:f4:e2:5f:01:fb:34:68:b8:59:b0:08:ef:3d:39:
6e:2d:39:94:26:31:2f:9c:b5:b1:b4:e3:ba:8d:c4:
7c:46:e3:58:b6:d8:bc:d8:05:6d:5c:0c:15:d0:f0:
07:4d:82:73:6c:1b:e1:f8:66:69:30:91:f6:7d:5e:
28:9a:b2:89:6c:19:42:0b:ae:1f:38:ad:ba:30:6f:
3f:6d:79:f2:90:e7:3d:94:4c:db:02:d6:92:71:9a:
75:a5:f1:d5:68:ae:8b:e4:ce:1a:4d:af:0e:47:83:
36:9f:68:4e:39:bb:42:9c:0f:01:6b:1e:05:6f:97:
2b:f0:58:b4:de:ff:bb:81:42:f5:a9:68:66:ab:aa:
50:c4:3e:55:ab:00:1f:25:3b:79:28:4d:e0:95:b2:
24:49:4a:46:d9:2f:44:1b:02:d8:e9:ed:aa:ee:02:
84:d9:79:89:16:a5:c4:e4:e7:52:1f:df:d7:f3:91:
1d:15:a6:71:55:1d:c2:01:d2:28:b0:53:d2:0e:47:
44:9b:34:63:20:35:49:21:e6:20:89:2b:79:34:ba:
da:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:D5:90:85:18:3D:3D:97:B5:61:A0:B8:58:CE:F2:E5:19:CD:F6:56
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7F73FF968A7E11EE9385994F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.45.0/24
Signature Algorithm: sha256WithRSAEncryption
90:bc:28:25:43:15:1f:18:52:c2:9e:f3:e4:fa:7e:a5:d0:74:
ff:a1:fc:36:80:a5:68:01:55:c1:41:5c:ea:8c:5c:46:6b:75:
55:31:51:4a:11:ad:81:33:ed:1e:6e:b5:77:d1:66:ba:17:25:
bd:5b:fc:c4:07:bf:9b:b0:0e:a8:5d:31:8d:4d:df:f0:4a:d6:
41:5b:8d:94:6b:6d:95:30:db:f9:2d:99:77:37:20:8f:5d:ba:
00:84:da:2e:78:86:93:fc:59:12:fc:e4:05:89:5a:fb:8e:08:
b9:64:2c:50:1d:45:76:e9:dd:01:ce:1c:13:ad:6c:a3:88:c8:
c6:21:22:f4:f6:21:c3:aa:63:10:36:f6:52:c0:12:0a:34:39:
68:cf:18:13:f7:2b:0e:66:d2:f0:dd:67:a5:32:de:65:ab:3d:
c8:aa:a9:65:45:75:5b:ef:ab:1d:ee:49:9f:eb:a2:81:76:1e:
ee:75:7a:b6:27:de:f4:26:ff:31:0d:9e:e5:6c:d3:03:92:66:
7b:24:3c:71:64:ef:28:e4:2e:cc:a9:b1:4b:43:a5:60:31:36:
ab:9a:df:42:38:67:af:9e:3e:65:44:b0:fa:64:4f:90:90:e8:
13:32:de:7d:2b:30:57:f5:b6:3e:1c:5d:b0:e7:80:47:22:8a:
22:c1:7e:15
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICUpowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNDAzNTdaFw0yMzEyMjYwNDAzNTdaMBgxFjAU
BgNVBAMTDTY1NjAyMGIwLTM2ZTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCvo6prWF/S7Mlg9FfjA0V/Qr55AgYyx6Inb8wWV0L1+FFTYGTqlw7iZifR
o8304l8B+zRouFmwCO89OW4tOZQmMS+ctbG047qNxHxG41i22LzYBW1cDBXQ8AdN
gnNsG+H4ZmkwkfZ9XiiasolsGUILrh84rbowbz9tefKQ5z2UTNsC1pJxmnWl8dVo
rovkzhpNrw5HgzafaE45u0KcDwFrHgVvlyvwWLTe/7uBQvWpaGarqlDEPlWrAB8l
O3koTeCVsiRJSkbZL0QbAtjp7aruAoTZeYkWpcTk51If39fzkR0VpnFVHcIB0iiw
U9IOR0SbNGMgNUkh5iCJK3k0utqfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUeNWQ
hRg9PZe1YaC4WM7y5RnN9lYwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzdGNzNGRjk2OEE3RTExRUU5Mzg1OTk0RjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxC0wDQYJKoZIhvcNAQEL
BQADggEBAJC8KCVDFR8YUsKe8+T6fqXQdP+h/DaApWgBVcFBXOqMXEZrdVUxUUoR
rYEz7R5utXfRZroXJb1b/MQHv5uwDqhdMY1N3/BK1kFbjZRrbZUw2/ktmXc3II9d
ugCE2i54hpP8WRL85AWJWvuOCLlkLFAdRXbp3QHOHBOtbKOIyMYhIvT2IcOqYxA2
9lLAEgo0OWjPGBP3Kw5m0vDdZ6Uy3mWrPciqqWVFdVvvqx3uSZ/rooF2Hu51erYn
3vQm/zENnuVs0wOSZnskPHFk7yjkLsypsUtDpWAxNqua30I4Z6+ePmVEsPpkT5CQ
6BMy3n0rMFf1tj4cXbDngEciiiLBfhU=
-----END CERTIFICATE-----
Generated at Fri May 9 17:15:24 2025 by rpki-client