Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/888938F6F51E11EFA30FEC4C762E951A.roa
File: 888938F6F51E11EFA30FEC4C762E951A.roa (raw, json)
Hash identifier: zWnth29pIF1l9DeMsbayv9yYnoadoeIuG9uYde3pTWE=
Subject key identifier: 68:99:2C:8E:E6:5E:F8:51:EE:2D:67:7D:EC:75:5F:42:D6:DE:7B:A2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0168FD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/888938F6F51E11EFA30FEC4C762E951A.roa
Signing time: Thu 27 Feb 2025 15:21:36 +0000
ROA not before: Thu 27 Feb 2025 15:21:32 +0000
ROA not after: Wed 26 Mar 2025 15:21:32 +0000
asID: 62240
IP address blocks: 154.196.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92413 (0x168fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 15:21:32 2025 GMT
Not After : Mar 26 15:21:32 2025 GMT
Subject: CN=67c08300-8784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4d:78:e1:76:17:b7:31:c1:14:c4:87:25:21:
cd:6a:b7:89:8c:82:9c:81:10:a2:25:3d:62:dc:67:
da:13:12:a6:8d:a6:0d:4f:4c:a4:c7:7a:37:05:42:
7c:57:b6:0c:f4:36:48:8e:14:3b:16:97:6d:68:c5:
5b:dd:8b:ae:a7:bd:50:5e:7d:2a:47:13:11:55:1d:
18:f6:9e:fb:de:15:65:b5:23:c4:b4:fd:ec:78:d8:
21:5a:0d:fc:7c:c7:c9:65:55:84:79:e6:3a:53:0e:
1c:51:29:60:b7:9b:0f:76:0b:19:c8:de:1b:fa:a3:
c4:93:6f:5d:e0:a1:7d:60:5f:f3:ec:c5:e0:04:fb:
14:8f:59:9e:95:5e:59:56:f9:91:57:fb:fc:84:7d:
71:67:47:8c:f2:80:30:5f:fe:89:2c:97:eb:95:73:
16:93:b2:52:ff:53:1a:f0:7f:30:5f:e3:34:61:1e:
3d:ef:6c:4b:68:34:ed:0a:7b:ee:14:86:9f:9b:8d:
b7:3f:f8:3b:c5:46:ec:9a:c5:70:69:1f:f7:e0:42:
b7:51:df:86:5a:64:a9:84:63:3f:aa:b1:dd:d6:19:
83:df:17:66:a9:a7:37:fd:d8:17:ec:b8:4c:20:80:
a0:b8:6c:0a:80:37:3c:0f:3e:41:20:49:ca:b2:d7:
3e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:99:2C:8E:E6:5E:F8:51:EE:2D:67:7D:EC:75:5F:42:D6:DE:7B:A2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/888938F6F51E11EFA30FEC4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.65.0/24
Signature Algorithm: sha256WithRSAEncryption
38:7e:60:22:ee:9b:5b:0e:59:2f:87:d3:73:ad:3c:b4:4b:42:
f2:07:68:b5:33:37:ee:41:6d:01:00:6c:22:9a:87:17:32:1c:
34:f9:10:43:82:80:4e:ac:4b:54:24:af:87:00:13:a0:b9:0d:
1a:58:66:78:be:9d:d1:7b:b1:db:eb:71:8b:5a:86:db:7e:07:
1e:a8:2f:f3:67:23:3a:b6:8d:c5:0b:2b:31:6b:e6:65:34:75:
f2:dc:c2:3b:de:4f:ce:62:f2:26:2f:77:18:f6:4b:56:a1:61:
52:05:dd:ca:65:be:4e:f1:03:1d:c4:3c:fe:9c:4d:40:d3:41:
da:6b:81:31:87:0f:21:d1:dd:61:ee:4a:ab:e2:56:ef:3d:e3:
97:d1:8a:94:59:f5:ca:73:29:ec:c5:65:5c:51:8b:63:44:44:
7d:43:4c:0d:a8:ec:aa:57:35:50:d2:b2:9f:73:ba:7b:ba:72:
38:88:5b:36:8f:62:0e:27:34:62:9a:43:3a:62:c7:8a:6d:54:
3d:32:90:6e:a7:e2:0d:40:53:d0:d8:9c:52:47:f4:42:69:a7:
01:4b:50:87:61:44:38:f2:af:ef:8e:fe:0d:0b:5e:91:7f:13:
d7:cc:54:cf:0c:e8:63:07:b2:d0:45:b7:28:04:69:a1:55:b2:
6a:4e:63:44
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWj9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MTUyMTMyWhcNMjUwMzI2MTUyMTMyWjAYMRYw
FAYDVQQDEw02N2MwODMwMC04Nzg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmk144XYXtzHBFMSHJSHNareJjIKcgRCiJT1i3GfaExKmjaYNT0ykx3o3
BUJ8V7YM9DZIjhQ7FpdtaMVb3Yuup71QXn0qRxMRVR0Y9p773hVltSPEtP3seNgh
Wg38fMfJZVWEeeY6Uw4cUSlgt5sPdgsZyN4b+qPEk29d4KF9YF/z7MXgBPsUj1me
lV5ZVvmRV/v8hH1xZ0eM8oAwX/6JLJfrlXMWk7JS/1Ma8H8wX+M0YR4972xLaDTt
CnvuFIafm423P/g7xUbsmsVwaR/34EK3Ud+GWmSphGM/qrHd1hmD3xdmqac3/dgX
7LhMIICguGwKgDc8Dz5BIEnKstc++QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGiZ
LI7mXvhR7i1nfex1X0LW3nuiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84ODg5MzhGNkY1MUUxMUVGQTMwRkVDNEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsRBMA0GCSqGSIb3DQEB
CwUAA4IBAQA4fmAi7ptbDlkvh9NzrTy0S0LyB2i1MzfuQW0BAGwimocXMhw0+RBD
goBOrEtUJK+HABOguQ0aWGZ4vp3Re7Hb63GLWobbfgceqC/zZyM6to3FCysxa+Zl
NHXy3MI73k/OYvImL3cY9ktWoWFSBd3KZb5O8QMdxDz+nE1A00Haa4Exhw8h0d1h
7kqr4lbvPeOX0YqUWfXKcynsxWVcUYtjRER9Q0wNqOyqVzVQ0rKfc7p7unI4iFs2
j2IOJzRimkM6YseKbVQ9MpBup+INQFPQ2JxSR/RCaacBS1CHYUQ48q/vjv4NC16R
fxPXzFTPDOhjB7LQRbcoBGmhVbJqTmNE
-----END CERTIFICATE-----
Generated at Fri May 9 06:05:37 2025 by rpki-client