Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/847A4DAE8A8511EEBE7798674AD9E6FC.roa
File: 847A4DAE8A8511EEBE7798674AD9E6FC.roa (raw, json)
Hash identifier: uXY11/bOTmp/v+PrhqI78JLbdGp8LtJSXBS3iwz3wI0=
Subject key identifier: 86:90:B9:7C:18:D3:2A:2F:B2:7D:8A:D1:CB:12:F6:DF:1E:8F:01:E3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 52FC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/847A4DAE8A8511EEBE7798674AD9E6FC.roa
Signing time: Fri 24 Nov 2023 04:54:15 +0000
ROA not before: Fri 24 Nov 2023 04:54:12 +0000
ROA not after: Tue 26 Dec 2023 04:54:12 +0000
asID: 62240
IP address blocks: 154.196.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21244 (0x52fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 04:54:12 2023 GMT
Not After : Dec 26 04:54:12 2023 GMT
Subject: CN=65602c77-e5a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d2:62:f3:df:52:6b:1f:bc:24:fe:0d:ae:cb:
b6:d9:f3:36:ed:38:ee:f5:78:33:8b:4a:c9:ce:fc:
74:6c:b6:57:27:1b:d3:c9:39:34:fd:45:26:1e:1e:
36:61:94:8c:e5:61:94:a7:11:ac:af:57:30:63:d3:
8a:c6:c7:9e:82:0f:25:bf:00:c9:6b:3e:d7:51:89:
11:3d:9b:c1:6d:94:d5:2b:a5:a0:42:42:44:68:4c:
37:3f:2d:1d:8d:4e:a6:d1:6b:5b:7e:73:6f:fa:0d:
21:21:c0:c0:6f:e4:84:58:15:7b:4e:de:4d:18:2f:
56:aa:7c:7b:0c:67:4e:59:5e:01:39:ad:48:f3:b1:
de:34:ec:0f:20:ff:9a:3a:98:fe:e3:39:15:ed:fa:
52:7e:94:2c:82:ed:0b:88:65:11:35:b2:0f:65:87:
cd:86:2f:02:d1:8c:15:39:b9:98:13:b6:07:55:68:
35:19:a9:c9:2a:3e:24:2c:5b:94:d3:0c:9e:cc:fe:
d1:d6:40:ed:35:71:71:45:22:05:20:c3:9c:fb:52:
6a:4c:ea:f2:d2:94:4d:dd:ea:f7:62:16:98:00:fe:
2a:0b:c1:d6:d9:da:85:a8:57:69:18:20:0c:35:33:
35:d8:3d:7c:a1:56:bf:7b:43:25:e3:59:94:4b:ed:
ed:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:90:B9:7C:18:D3:2A:2F:B2:7D:8A:D1:CB:12:F6:DF:1E:8F:01:E3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/847A4DAE8A8511EEBE7798674AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.57.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:1e:73:d5:3c:a2:73:c0:db:35:b1:14:50:17:cb:ee:de:77:
90:76:8d:f7:3d:b8:c0:00:01:a0:d0:29:78:30:5b:a3:87:36:
c6:60:36:36:a8:97:ad:d9:c4:38:0f:2c:bf:cf:7e:06:69:28:
05:6c:13:4b:ef:3e:74:20:f7:0b:67:62:57:71:12:fd:50:28:
f5:90:75:de:42:a6:af:46:87:bc:7c:95:26:c1:b0:cb:49:1f:
62:fc:6d:3a:ed:61:a0:4a:6b:df:24:ac:b3:30:bb:a4:cb:b5:
ce:9d:d2:5d:3c:e5:c7:b1:08:40:7a:ba:ed:fd:d3:b1:97:71:
43:01:de:f3:39:ed:5e:0a:03:47:79:55:fa:e7:9e:0e:ae:fa:
59:fe:5d:ae:0d:11:e2:a6:b2:42:44:39:83:b2:95:c4:40:2c:
6f:8a:e1:ce:fc:1d:77:4a:01:89:79:dc:32:e1:5f:77:57:8c:
62:34:ca:15:2d:3b:fe:69:da:2e:c4:50:e4:d7:33:3e:dc:35:
3f:c6:07:35:a7:5c:a4:68:5a:57:87:58:56:9d:ce:6f:59:38:
0b:51:e7:c7:82:cf:49:2c:f9:72:e3:0e:53:c4:fd:3c:22:dd:
1d:a5:26:49:bc:da:e5:ce:a5:ca:18:b6:8f:b7:72:bc:4b:78:
f6:34:96:76
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICUvwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNDU0MTJaFw0yMzEyMjYwNDU0MTJaMBgxFjAU
BgNVBAMTDTY1NjAyYzc3LWU1YTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC30mLz31JrH7wk/g2uy7bZ8zbtOO71eDOLSsnO/HRstlcnG9PJOTT9RSYe
HjZhlIzlYZSnEayvVzBj04rGx56CDyW/AMlrPtdRiRE9m8FtlNUrpaBCQkRoTDc/
LR2NTqbRa1t+c2/6DSEhwMBv5IRYFXtO3k0YL1aqfHsMZ05ZXgE5rUjzsd407A8g
/5o6mP7jORXt+lJ+lCyC7QuIZRE1sg9lh82GLwLRjBU5uZgTtgdVaDUZqckqPiQs
W5TTDJ7M/tHWQO01cXFFIgUgw5z7UmpM6vLSlE3d6vdiFpgA/ioLwdbZ2oWoV2kY
IAw1MzXYPXyhVr97QyXjWZRL7e1dAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhpC5
fBjTKi+yfYrRyxL23x6PAeMwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4Lzg0N0E0REFFOEE4NTExRUVCRTc3OTg2NzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxDkwDQYJKoZIhvcNAQEL
BQADggEBABwec9U8onPA2zWxFFAXy+7ed5B2jfc9uMAAAaDQKXgwW6OHNsZgNjao
l63ZxDgPLL/PfgZpKAVsE0vvPnQg9wtnYldxEv1QKPWQdd5Cpq9Gh7x8lSbBsMtJ
H2L8bTrtYaBKa98krLMwu6TLtc6d0l085cexCEB6uu3907GXcUMB3vM57V4KA0d5
Vfrnng6u+ln+Xa4NEeKmskJEOYOylcRALG+K4c78HXdKAYl53DLhX3dXjGI0yhUt
O/5p2i7EUOTXMz7cNT/GBzWnXKRoWleHWFadzm9ZOAtR58eCz0ks+XLjDlPE/Twi
3R2lJkm82uXOpcoYto+3crxLePY0lnY=
-----END CERTIFICATE-----
Generated at Fri May 9 11:38:53 2025 by rpki-client