Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CFD90B4F2C911EFBCDD6643762E951A.roa
File: 8CFD90B4F2C911EFBCDD6643762E951A.roa (raw, json)
Hash identifier: rR44LYIVisFXvYyYwYBhkQPyHVRnMGPDZw1hKIUk9cY=
Subject key identifier: 29:F2:9C:D4:82:BF:2C:84:3C:8C:FE:92:4E:1E:16:A4:6A:6E:95:C5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015C54
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CFD90B4F2C911EFBCDD6643762E951A.roa
Signing time: Mon 24 Feb 2025 16:08:14 +0000
ROA not before: Mon 24 Feb 2025 16:08:10 +0000
ROA not after: Thu 27 Mar 2025 16:08:10 +0000
asID: 395793
IP address blocks: 154.194.212.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89172 (0x15c54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 24 16:08:10 2025 GMT
Not After : Mar 27 16:08:10 2025 GMT
Subject: CN=67bc996e-fb23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3d:ca:20:b0:ef:a3:18:9b:57:67:fc:57:d7:
2c:47:a1:f3:33:27:2f:14:fa:ff:8d:38:27:af:68:
c3:03:dc:fa:e0:a5:3c:ae:31:2e:b7:68:d8:35:57:
3b:94:fa:df:8c:25:af:96:e8:54:1f:17:db:13:0e:
66:30:7c:3a:1e:b4:23:e9:2c:ea:f9:8c:d6:64:b4:
53:59:8f:6d:52:49:0a:8c:69:f6:68:8a:11:bd:dc:
66:1e:db:32:3e:8b:c8:ce:b0:81:52:07:a0:54:b0:
5c:00:26:d3:3a:9f:09:a8:df:43:ba:3d:c0:06:a6:
b6:0b:9d:6f:a3:01:e6:c8:3d:8c:fb:67:c0:41:32:
b8:28:44:b2:ef:bc:c6:b9:5a:9b:95:b2:55:e4:68:
8f:b1:cf:13:53:38:72:1b:77:9e:fa:64:2f:22:b6:
17:c2:e0:5f:2f:5d:4f:39:68:26:47:bc:19:67:dd:
8a:bc:53:07:02:fc:09:0c:16:ea:bb:7d:15:8f:cc:
e9:b8:b3:38:2d:18:62:13:c7:7d:d6:a6:c5:52:af:
98:91:b3:89:7d:f7:88:c6:7c:dc:a4:c2:9c:ce:d0:
af:28:ba:ae:5e:79:d8:cf:83:2c:31:e1:1d:0f:0f:
5c:29:da:7b:2a:22:e6:e4:09:b6:c7:2b:8a:7b:90:
47:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F2:9C:D4:82:BF:2C:84:3C:8C:FE:92:4E:1E:16:A4:6A:6E:95:C5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CFD90B4F2C911EFBCDD6643762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.212.0/23
Signature Algorithm: sha256WithRSAEncryption
c5:b0:aa:22:e3:05:4b:8e:85:13:d8:e9:a9:ca:3e:ae:53:a9:
db:57:89:ba:ba:63:14:0e:bb:cf:8e:b4:b7:8e:11:f2:34:b9:
85:df:d8:41:f8:f5:d6:a5:07:59:f2:69:f1:45:32:56:78:d4:
1a:84:d2:aa:75:60:0d:96:7e:61:19:da:82:e0:57:4a:c3:85:
76:7d:43:a3:c6:d8:d3:6f:2e:ed:3f:88:29:96:53:73:33:13:
f0:86:08:e3:e0:be:c0:9d:29:65:e2:36:7d:4b:9d:9b:45:aa:
73:ed:9d:10:4a:a4:a7:9c:5c:80:2a:f1:78:fa:c6:81:8c:8b:
00:4d:91:e2:3e:3d:3a:8a:e1:92:11:db:1c:ea:87:a6:54:c9:
00:7d:2f:ab:9e:1d:fd:bd:2f:8d:c4:ce:54:ff:f4:58:fc:70:
37:13:71:4d:41:c2:c2:c2:61:ef:2d:86:89:53:bd:34:9b:af:
d4:e6:bb:76:bc:f4:e1:8e:5e:05:0f:6f:0f:9d:2d:d1:53:b5:
5f:80:a9:75:70:7b:52:dc:10:31:c7:96:88:a6:ee:e4:fd:93:
8a:05:ac:31:33:fb:de:f8:ce:22:39:5f:c0:88:fd:68:73:78:
f5:30:0a:9e:02:29:0e:55:41:10:6a:a6:76:ef:d9:32:e8:f6:
26:a7:d7:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVxUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTYwODEwWhcNMjUwMzI3MTYwODEwWjAYMRYw
FAYDVQQDEw02N2JjOTk2ZS1mYjIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4D3KILDvoxibV2f8V9csR6HzMycvFPr/jTgnr2jDA9z64KU8rjEut2jY
NVc7lPrfjCWvluhUHxfbEw5mMHw6HrQj6Szq+YzWZLRTWY9tUkkKjGn2aIoRvdxm
HtsyPovIzrCBUgegVLBcACbTOp8JqN9Duj3ABqa2C51vowHmyD2M+2fAQTK4KESy
77zGuVqblbJV5GiPsc8TUzhyG3ee+mQvIrYXwuBfL11POWgmR7wZZ92KvFMHAvwJ
DBbqu30Vj8zpuLM4LRhiE8d91qbFUq+YkbOJffeIxnzcpMKcztCvKLquXnnYz4Ms
MeEdDw9cKdp7KiLm5Am2xyuKe5BHiQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCny
nNSCvyyEPIz+kk4eFqRqbpXFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84Q0ZEOTBCNEYyQzkxMUVGQkNERDY2NDM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsLUMA0GCSqGSIb3DQEB
CwUAA4IBAQDFsKoi4wVLjoUT2Ompyj6uU6nbV4m6umMUDrvPjrS3jhHyNLmF39hB
+PXWpQdZ8mnxRTJWeNQahNKqdWANln5hGdqC4FdKw4V2fUOjxtjTby7tP4gpllNz
MxPwhgjj4L7AnSll4jZ9S52bRapz7Z0QSqSnnFyAKvF4+saBjIsATZHiPj06iuGS
Edsc6oemVMkAfS+rnh39vS+NxM5U//RY/HA3E3FNQcLCwmHvLYaJU700m6/U5rt2
vPThjl4FD28PnS3RU7VfgKl1cHtS3BAxx5aIpu7k/ZOKBawxM/ve+M4iOV/AiP1o
c3j1MAqeAikOVUEQaqZ279ky6PYmp9cu
-----END CERTIFICATE-----
Generated at Fri May 9 12:19:52 2025 by rpki-client