Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/925E61848A9A11EEBF9E0B2E4AD9E6FC.roa
File: 925E61848A9A11EEBF9E0B2E4AD9E6FC.roa (raw, json)
Hash identifier: KJoliF7zeV1RzvQP7CE4bHB9/ZULyZoLmSdHzC8UJfc=
Subject key identifier: 04:72:74:3C:96:B5:BA:AB:49:04:C1:43:B4:4B:1A:46:14:80:84:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 5464
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/925E61848A9A11EEBF9E0B2E4AD9E6FC.roa
Signing time: Fri 24 Nov 2023 07:24:58 +0000
ROA not before: Fri 24 Nov 2023 07:24:55 +0000
ROA not after: Tue 26 Dec 2023 07:24:55 +0000
asID: 62240
IP address blocks: 154.195.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21604 (0x5464)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 07:24:55 2023 GMT
Not After : Dec 26 07:24:55 2023 GMT
Subject: CN=65604fca-4d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:52:74:22:12:dd:ad:ac:c4:68:56:99:be:82:
0c:03:9a:79:e4:37:6d:f1:26:a2:ae:45:0f:51:fc:
39:d6:a7:cf:99:c4:a1:3b:d2:45:cf:21:87:9a:58:
47:92:e0:5f:42:08:e4:3c:70:ae:33:70:fa:32:93:
6b:95:fc:ba:00:c3:de:f0:20:da:a3:75:f3:ea:6e:
0c:5b:75:73:3e:31:1b:2b:05:e6:25:61:da:9e:ab:
9a:80:2e:f7:79:b4:c4:bf:8a:44:53:0b:65:ab:c8:
95:50:2b:dd:e1:03:e7:4f:a8:4d:ac:39:45:09:b2:
0d:50:c3:ee:1e:7f:91:56:dd:87:e0:15:1c:62:94:
2b:cb:65:b2:b6:cc:a6:9d:91:63:a5:07:6b:2a:fa:
32:6b:8a:96:3a:34:fe:b0:f4:16:6f:6b:40:a8:7f:
1c:0a:92:57:da:a1:a0:09:fa:39:a5:71:29:b2:06:
2c:94:10:40:76:2d:ab:9a:0d:a8:b3:9a:d4:a9:75:
d2:f5:7f:a9:e3:11:a1:66:58:bc:a1:1b:0d:11:02:
f2:7e:df:f0:ce:93:5b:1b:59:71:e9:0e:04:ba:6f:
29:f5:eb:02:4c:27:87:8f:83:f2:b2:f0:06:35:e6:
70:1a:0d:b5:22:73:de:be:5b:88:3e:06:1f:57:44:
6e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:72:74:3C:96:B5:BA:AB:49:04:C1:43:B4:4B:1A:46:14:80:84:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/925E61848A9A11EEBF9E0B2E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.157.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:55:9a:ba:a6:d6:f5:0b:af:22:23:04:dd:74:b3:38:c7:fd:
a0:f3:85:bd:ff:ac:b3:ad:01:db:27:3d:26:95:6c:5d:78:a2:
aa:70:48:4e:0c:04:10:8e:2d:1f:ae:56:ae:92:c0:73:fc:22:
b0:3b:6f:db:1b:59:42:8a:be:57:f6:de:3a:8c:ab:05:d9:3c:
6e:ed:8e:17:3c:e1:b5:cb:19:db:57:41:ec:c6:5d:27:56:be:
84:99:d8:43:b3:1c:d5:20:d4:21:7e:73:cb:f4:77:6b:b3:3b:
99:cb:f5:ee:7f:b2:21:8a:8b:92:5c:35:1a:73:2f:8f:04:cf:
e2:b0:73:6d:67:a0:f2:51:fb:89:ae:26:ad:8c:ea:0a:bf:bc:
f9:fd:c1:91:9d:a2:4e:ee:a3:1f:c8:9c:12:fa:11:e7:fd:63:
98:2c:69:97:72:48:af:75:ea:b5:a3:63:4a:c7:0c:32:1a:84:
2e:85:4d:4c:21:b1:11:62:d3:9e:e6:d2:94:13:51:e1:25:33:
44:76:0b:67:24:05:23:1c:29:e9:b6:25:9d:5e:89:e8:79:d7:
ed:62:55:c5:21:17:47:87:79:2b:e5:4a:db:49:98:96:3b:e0:
5e:cb:90:6e:14:dd:06:a7:2d:cb:17:b3:db:2a:b3:12:7e:b1:
7d:1b:9c:1c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVGQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNzI0NTVaFw0yMzEyMjYwNzI0NTVaMBgxFjAU
BgNVBAMTDTY1NjA0ZmNhLTRkOGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJUnQiEt2trMRoVpm+ggwDmnnkN23xJqKuRQ9R/DnWp8+ZxKE70kXPIYea
WEeS4F9CCOQ8cK4zcPoyk2uV/LoAw97wINqjdfPqbgxbdXM+MRsrBeYlYdqeq5qA
Lvd5tMS/ikRTC2WryJVQK93hA+dPqE2sOUUJsg1Qw+4ef5FW3YfgFRxilCvLZbK2
zKadkWOlB2sq+jJripY6NP6w9BZva0CofxwKklfaoaAJ+jmlcSmyBiyUEEB2Laua
DaizmtSpddL1f6njEaFmWLyhGw0RAvJ+3/DOk1sbWXHpDgS6byn16wJMJ4ePg/Ky
8AY15nAaDbUic96+W4g+Bh9XRG5dAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUBHJ0
PJa1uqtJBMFDtEsaRhSAhJ8wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4LzkyNUU2MTg0OEE5QTExRUVCRjlFMEIyRTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaw50wDQYJKoZIhvcNAQEL
BQADggEBADtVmrqm1vULryIjBN10szjH/aDzhb3/rLOtAdsnPSaVbF14oqpwSE4M
BBCOLR+uVq6SwHP8IrA7b9sbWUKKvlf23jqMqwXZPG7tjhc84bXLGdtXQezGXSdW
voSZ2EOzHNUg1CF+c8v0d2uzO5nL9e5/siGKi5JcNRpzL48Ez+Kwc21noPJR+4mu
Jq2M6gq/vPn9wZGdok7uox/InBL6Eef9Y5gsaZdySK916rWjY0rHDDIahC6FTUwh
sRFi057m0pQTUeElM0R2C2ckBSMcKem2JZ1eieh51+1iVcUhF0eHeSvlSttJmJY7
4F7LkG4U3QanLcsXs9sqsxJ+sX0bnBw=
-----END CERTIFICATE-----
Generated at Fri May 9 12:16:10 2025 by rpki-client