Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A9D61928A9111EEA65BA0104AD9E6FC.roa
File: 8A9D61928A9111EEA65BA0104AD9E6FC.roa (raw, json)
Hash identifier: 2XpdJaZCoS1X7vNy8Qsaw58R65eY9V9AopVozc4k9Uc=
Subject key identifier: 4D:FF:8F:FE:D9:B3:5C:AF:44:B9:F4:ED:0D:34:E5:22:BE:98:43:A0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 53AC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A9D61928A9111EEA65BA0104AD9E6FC.roa
Signing time: Fri 24 Nov 2023 06:20:20 +0000
ROA not before: Fri 24 Nov 2023 06:20:16 +0000
ROA not after: Tue 26 Dec 2023 06:20:16 +0000
asID: 62240
IP address blocks: 154.194.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21420 (0x53ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 06:20:16 2023 GMT
Not After : Dec 26 06:20:16 2023 GMT
Subject: CN=656040a3-a54b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b8:89:ef:96:df:94:a2:93:05:15:0c:f2:4a:
cf:9d:11:07:d2:c6:be:9b:bd:7a:59:c7:a7:56:de:
67:46:b8:a8:a6:79:e5:56:d4:81:e5:96:93:e1:6f:
60:30:4c:bc:47:65:14:02:5d:46:a3:cc:b0:99:e0:
e2:31:dd:5c:e6:f5:75:c5:ae:00:24:11:1f:41:15:
94:9e:f3:b3:1e:f4:d5:9a:c6:b7:d4:ab:ef:13:91:
fa:7d:e9:0e:dc:7a:33:d7:ce:20:f8:b0:d1:31:62:
59:2a:a8:44:62:d4:56:7e:bd:4d:52:13:dd:c7:4b:
0f:c6:b2:ca:0c:91:d1:b5:86:4e:43:0e:61:1f:a0:
ad:d3:eb:8d:3d:b2:a3:95:77:07:47:99:f0:a7:44:
b6:9b:a0:af:af:96:7e:0c:81:9a:1f:72:3f:bd:dd:
bd:4c:cb:b3:a4:c5:1b:3c:a6:f8:4a:04:f7:ef:5a:
2c:f9:57:3c:ff:92:e9:2e:f3:5b:46:1e:b2:70:89:
e3:73:16:5d:78:a7:64:a0:1e:1d:5f:a3:9c:6c:ab:
12:f0:61:7b:c4:3c:cc:55:71:16:6a:28:bb:25:f9:
d8:09:bf:ee:77:9a:05:40:ef:b8:02:99:57:e7:80:
e4:76:e4:50:d4:ea:f0:e0:b8:60:97:87:31:cc:85:
40:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FF:8F:FE:D9:B3:5C:AF:44:B9:F4:ED:0D:34:E5:22:BE:98:43:A0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8A9D61928A9111EEA65BA0104AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.111.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a1:8b:bf:55:5f:fe:5d:f9:70:1c:88:a7:59:e4:aa:ea:36:
65:5c:ef:46:98:63:6c:16:2c:0a:cd:84:da:a5:01:74:b7:3a:
f0:09:e8:84:c8:26:e0:eb:2d:90:f1:b8:c6:a5:58:16:c2:f7:
1f:41:61:8c:34:6e:8b:35:49:7d:c8:a4:ab:ee:a2:a6:f0:7b:
b2:d5:1b:03:8c:91:d8:a0:15:f6:b4:47:69:96:9c:a4:a3:a3:
46:16:a0:93:e1:a1:0e:40:ec:1c:3c:bb:71:51:50:a4:ae:0e:
43:08:61:fb:2c:c9:ca:fd:2c:da:7c:6c:e2:0b:4d:d9:e9:12:
29:a8:bb:03:a4:a4:8c:2d:d6:6b:aa:29:58:f1:e0:32:93:86:
83:bb:60:e6:04:53:77:7e:8a:24:43:76:66:fb:fb:e3:36:af:
aa:23:5b:b8:0a:4b:5b:5a:f5:4b:98:88:d0:b0:c6:43:1f:b4:
ab:ae:e9:cf:c8:21:65:6c:ec:e8:ee:41:22:62:73:66:b6:35:
09:52:65:03:63:fa:24:7e:12:84:68:d8:86:da:dc:8c:fc:2c:
55:18:86:c5:7d:86:88:19:3c:6b:33:40:d1:ee:59:49:ef:f2:
cf:92:25:a2:33:cd:16:60:8a:3d:9b:b7:81:f5:03:13:79:f3:
a5:d1:dc:39
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICU6wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNjIwMTZaFw0yMzEyMjYwNjIwMTZaMBgxFjAU
BgNVBAMTDTY1NjA0MGEzLWE1NGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzuInvlt+UopMFFQzySs+dEQfSxr6bvXpZx6dW3mdGuKimeeVW1IHllpPh
b2AwTLxHZRQCXUajzLCZ4OIx3Vzm9XXFrgAkER9BFZSe87Me9NWaxrfUq+8Tkfp9
6Q7cejPXziD4sNExYlkqqERi1FZ+vU1SE93HSw/GssoMkdG1hk5DDmEfoK3T6409
sqOVdwdHmfCnRLaboK+vln4MgZofcj+93b1My7OkxRs8pvhKBPfvWiz5Vzz/kuku
81tGHrJwieNzFl14p2SgHh1fo5xsqxLwYXvEPMxVcRZqKLsl+dgJv+53mgVA77gC
mVfngOR25FDU6vDguGCXhzHMhUBdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUTf+P
/tmzXK9EufTtDTTlIr6YQ6AwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzhBOUQ2MTkyOEE5MTExRUVBNjVCQTAxMDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACawm8wDQYJKoZIhvcNAQEL
BQADggEBADyhi79VX/5d+XAciKdZ5KrqNmVc70aYY2wWLArNhNqlAXS3OvAJ6ITI
JuDrLZDxuMalWBbC9x9BYYw0bos1SX3IpKvuoqbwe7LVGwOMkdigFfa0R2mWnKSj
o0YWoJPhoQ5A7Bw8u3FRUKSuDkMIYfssycr9LNp8bOILTdnpEimouwOkpIwt1muq
KVjx4DKThoO7YOYEU3d+iiRDdmb7++M2r6ojW7gKS1ta9UuYiNCwxkMftKuu6c/I
IWVs7OjuQSJic2a2NQlSZQNj+iR+EoRo2Iba3Iz8LFUYhsV9hogZPGszQNHuWUnv
8s+SJaIzzRZgij2bt4H1AxN586XR3Dk=
-----END CERTIFICATE-----
Generated at Fri May 9 12:19:06 2025 by rpki-client