Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/83F24C2EF69011EFB2B2C7B5762E951A.roa
File: 83F24C2EF69011EFB2B2C7B5762E951A.roa (raw, json)
Hash identifier: XxSnZxzCMewx2I6KZxL7FUAIpEwC9tbNaYqK6LCt8Bc=
Subject key identifier: 1A:39:3E:64:AB:77:02:0D:05:98:94:8D:EC:4A:04:AD:15:DA:9C:97
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016E05
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/83F24C2EF69011EFB2B2C7B5762E951A.roa
Signing time: Sat 01 Mar 2025 11:30:02 +0000
ROA not before: Sat 01 Mar 2025 11:29:58 +0000
ROA not after: Mon 31 Mar 2025 11:29:58 +0000
asID: 202656
IP address blocks: 154.222.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93701 (0x16e05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 11:29:58 2025 GMT
Not After : Mar 31 11:29:58 2025 GMT
Subject: CN=67c2efba-098f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:43:2c:a9:0b:8d:4c:37:4b:82:a5:34:4c:4f:
6e:6f:d2:36:de:b4:56:86:2d:26:6b:b0:cd:86:59:
e7:5a:ba:e0:b6:af:92:1b:17:fc:63:4a:77:09:b9:
02:58:fc:38:4c:aa:a5:d1:e9:07:6d:b1:45:0d:9c:
b6:c9:1f:51:e5:53:3e:db:d8:fa:b4:db:c5:5c:cc:
62:d2:45:c8:8d:ac:55:65:80:f3:eb:d2:31:e8:30:
06:b0:6f:c2:e7:9e:7e:e1:28:71:b2:09:67:cc:81:
b8:b6:ee:69:ed:b8:69:20:3a:a5:ad:f5:be:35:2c:
07:61:64:ce:c2:a5:9a:76:34:92:aa:88:5b:20:d5:
48:8a:9d:13:0d:0f:50:f6:67:ad:77:bc:53:ab:e5:
55:af:a0:66:ec:b5:d7:d5:36:84:be:2a:ac:1b:da:
7e:ef:a7:43:4f:87:39:e4:81:00:6c:37:9a:d5:3e:
65:ee:13:73:01:8b:05:60:2b:09:41:71:f0:ab:e6:
ad:b6:27:7f:08:c3:c0:06:8f:d6:20:2d:77:77:92:
6a:c6:c5:9c:0d:4f:89:99:d5:5d:09:0b:bb:e4:99:
80:49:82:4d:9f:d3:23:1d:54:a3:1b:79:c8:e2:a4:
8b:3b:d1:63:8e:1c:2d:79:3a:16:68:73:98:a0:10:
15:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:39:3E:64:AB:77:02:0D:05:98:94:8D:EC:4A:04:AD:15:DA:9C:97
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/83F24C2EF69011EFB2B2C7B5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.14.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:59:54:6f:ff:4b:c2:a4:47:76:35:f0:d6:99:ba:59:32:45:
a0:d5:6e:f0:2a:95:81:7a:88:df:27:14:63:0e:f8:b0:c8:99:
dd:1a:78:e7:07:7c:16:cd:fb:55:51:e7:44:c9:72:a5:61:b1:
7b:0c:c1:67:39:24:cd:6f:15:78:66:c6:47:aa:39:de:ed:0a:
9d:c9:8a:7d:b1:e9:23:4d:cc:ba:21:2e:29:b7:f6:45:90:b4:
0a:60:8e:5b:dd:b1:85:04:f5:e2:4c:26:ee:b4:0d:56:6f:ac:
09:79:62:6f:3b:b8:4e:21:89:b9:64:43:4b:9c:75:ba:08:ed:
5e:ca:0e:58:7b:f6:56:5c:95:63:3d:3f:af:c6:83:6d:7b:99:
af:56:ff:55:85:bb:f1:97:00:9b:81:60:15:fc:b9:49:a8:0d:
65:fe:d7:b4:82:aa:e5:d6:c2:dc:e2:e4:75:f1:10:8b:d3:79:
91:ad:e4:6b:39:cb:11:0d:f7:85:c0:1e:f5:b7:78:03:9c:41:
41:7d:b2:03:7d:b9:b9:1f:31:cc:2b:26:7a:68:f0:8b:79:46:
bf:22:7c:d0:25:36:90:11:d9:f5:3c:7d:6a:b4:87:8f:64:18:
be:73:61:f0:c8:e4:d1:0e:75:ea:6c:99:98:90:c5:16:0c:97:
05:6c:f8:d1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW4FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTEyOTU4WhcNMjUwMzMxMTEyOTU4WjAYMRYw
FAYDVQQDEw02N2MyZWZiYS0wOThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvUMsqQuNTDdLgqU0TE9ub9I23rRWhi0ma7DNhlnnWrrgtq+SGxf8Y0p3
CbkCWPw4TKql0ekHbbFFDZy2yR9R5VM+29j6tNvFXMxi0kXIjaxVZYDz69Ix6DAG
sG/C555+4ShxsglnzIG4tu5p7bhpIDqlrfW+NSwHYWTOwqWadjSSqohbINVIip0T
DQ9Q9metd7xTq+VVr6Bm7LXX1TaEviqsG9p+76dDT4c55IEAbDea1T5l7hNzAYsF
YCsJQXHwq+attid/CMPABo/WIC13d5JqxsWcDU+JmdVdCQu75JmASYJNn9MjHVSj
G3nI4qSLO9FjjhwteToWaHOYoBAVnwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBo5
PmSrdwINBZiUjexKBK0V2pyXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84M0YyNEMyRUY2OTAxMUVGQjJCMkM3QjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt4OMA0GCSqGSIb3DQEB
CwUAA4IBAQCPWVRv/0vCpEd2NfDWmbpZMkWg1W7wKpWBeojfJxRjDviwyJndGnjn
B3wWzftVUedEyXKlYbF7DMFnOSTNbxV4ZsZHqjne7QqdyYp9sekjTcy6IS4pt/ZF
kLQKYI5b3bGFBPXiTCbutA1Wb6wJeWJvO7hOIYm5ZENLnHW6CO1eyg5Ye/ZWXJVj
PT+vxoNte5mvVv9VhbvxlwCbgWAV/LlJqA1l/te0gqrl1sLc4uR18RCL03mRreRr
OcsRDfeFwB71t3gDnEFBfbIDfbm5HzHMKyZ6aPCLeUa/InzQJTaQEdn1PH1qtIeP
ZBi+c2HwyOTRDnXqbJmYkMUWDJcFbPjR
-----END CERTIFICATE-----
Generated at Fri May 9 11:45:21 2025 by rpki-client