Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9576AB10FF2911EFB0A7298F762E951A.roa
File: 9576AB10FF2911EFB0A7298F762E951A.roa (raw, json)
Hash identifier: RW8InQptyqT0UCUihvE2UlfHMb6G/GS4T2bUw6Uj3/g=
Subject key identifier: F3:F8:FA:F6:A4:95:20:47:FE:AC:73:7C:3E:B8:DA:F2:EA:17:A8:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0173DB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9576AB10FF2911EFB0A7298F762E951A.roa
Signing time: Wed 12 Mar 2025 10:05:54 +0000
ROA not before: Wed 12 Mar 2025 10:05:50 +0000
ROA not after: Mon 31 Mar 2025 10:05:50 +0000
asID: 7018
IP address blocks: 154.195.8.0/21 maxlen: 24
154.195.32.0/23 maxlen: 24
154.201.0.0/24 maxlen: 24
154.201.2.0/23 maxlen: 24
154.202.12.0/22 maxlen: 24
154.205.48.0/20 maxlen: 24
154.208.0.0/24 maxlen: 24
154.212.8.0/21 maxlen: 24
154.214.16.0/21 maxlen: 24
154.214.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95195 (0x173db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 12 10:05:50 2025 GMT
Not After : Mar 31 10:05:50 2025 GMT
Subject: CN=67d15c82-2159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b8:e5:10:5c:4f:f8:af:e9:cd:06:eb:fc:8e:
2b:a2:7c:8c:09:3a:13:03:f2:d7:ab:ff:15:42:f9:
34:06:51:d7:c4:84:68:71:fb:d0:5f:23:e8:b0:34:
05:41:da:e8:df:c3:27:f1:bb:ed:b6:33:9c:5d:50:
e9:bb:7a:48:42:11:a8:61:b2:cf:63:4b:29:3d:7f:
49:a3:0d:66:46:67:45:a7:59:8f:6c:e3:a5:b2:36:
f3:99:22:26:7c:9a:fc:3d:0c:90:99:92:b2:f0:08:
6e:5b:ad:a6:36:ca:56:e6:e1:31:78:a9:3b:24:d2:
d6:c8:0a:a1:00:e0:94:71:21:0d:b3:77:9a:ec:9a:
bb:37:59:d9:62:b2:01:89:58:7b:d9:2c:89:61:ea:
3b:f1:d1:2e:a5:ae:c8:a8:1a:fa:3b:f3:d9:3e:6e:
26:9b:d0:73:c5:9f:5f:b1:0b:6c:d1:84:3e:60:8f:
27:41:bb:29:ca:e3:5c:16:74:6a:e1:78:36:ca:c7:
4b:b3:04:e8:96:54:38:89:e0:5e:34:b1:f1:f6:31:
cc:6c:88:c1:fc:53:21:7b:fc:e9:47:45:93:48:32:
5e:1a:0c:ef:0d:7f:e6:8d:97:7f:11:20:c8:9a:98:
ac:52:f6:9a:c0:93:27:12:5d:64:c0:b9:c2:cd:fe:
4d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F8:FA:F6:A4:95:20:47:FE:AC:73:7C:3E:B8:DA:F2:EA:17:A8:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9576AB10FF2911EFB0A7298F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.8.0/21
154.195.32.0/23
154.201.0.0/24
154.201.2.0/23
154.202.12.0/22
154.205.48.0/20
154.208.0.0/24
154.212.8.0/21
154.214.16.0-154.214.27.255
Signature Algorithm: sha256WithRSAEncryption
6a:2d:f4:30:68:7d:00:4e:69:ca:08:dc:bf:e5:7a:ef:7f:53:
fd:88:bc:d1:53:b0:58:06:a5:fd:cb:87:be:2c:2f:3f:8a:82:
91:1a:df:86:75:63:c4:cf:9f:4c:ec:34:76:70:5e:a4:73:2a:
63:0a:a1:c0:cd:29:96:1e:ce:d2:ec:22:c2:2e:0c:2c:d1:e7:
5d:a8:40:c9:f3:19:a5:a2:01:db:49:9e:65:1e:6a:d6:69:4a:
1e:4f:10:b4:0d:73:86:4c:c9:85:62:3e:6c:40:b8:e0:db:bc:
53:2e:8c:de:b8:ee:a0:a2:8c:e4:62:88:b9:f1:a9:93:3b:9c:
a8:6a:df:8e:f1:e2:85:0e:97:a6:ca:b1:aa:d4:5c:63:a0:ca:
30:9d:d0:2b:85:fc:a8:cb:96:80:c9:57:6c:5a:52:1e:47:61:
a1:82:2d:ff:bd:05:f9:e4:94:50:16:9f:a2:46:d8:92:6d:d3:
33:b1:3b:1b:56:e4:14:9e:ff:04:8a:bd:0e:83:5c:5a:a5:e0:
4d:4e:e0:87:e8:98:50:d3:b6:3d:4b:d2:e8:1f:2e:64:85:63:
c5:55:6f:68:b3:fc:ee:a1:ff:1d:4b:6b:20:00:12:17:be:59:
36:08:b2:0d:0d:15:ba:dd:79:fd:30:58:44:0b:7a:b8:59:78:
68:2f:e5:4c
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIDAXPbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMTAwNTUwWhcNMjUwMzMxMTAwNTUwWjAYMRYw
FAYDVQQDEw02N2QxNWM4Mi0yMTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAurjlEFxP+K/pzQbr/I4ronyMCToTA/LXq/8VQvk0BlHXxIRocfvQXyPo
sDQFQdro38Mn8bvttjOcXVDpu3pIQhGoYbLPY0spPX9Jow1mRmdFp1mPbOOlsjbz
mSImfJr8PQyQmZKy8AhuW62mNspW5uExeKk7JNLWyAqhAOCUcSENs3ea7Jq7N1nZ
YrIBiVh72SyJYeo78dEupa7IqBr6O/PZPm4mm9BzxZ9fsQts0YQ+YI8nQbspyuNc
FnRq4Xg2ysdLswTollQ4ieBeNLHx9jHMbIjB/FMhe/zpR0WTSDJeGgzvDX/mjZd/
ESDImpisUvaawJMnEl1kwLnCzf5NdwIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFPP4
+vaklSBH/qxzfD642vLqF6jZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NTc2QUIxMEZGMjkxMUVGQjBBNzI5OEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQDmsMIAwQBmsMgAwQAmskA
AwQBmskCAwQCmsoMAwQEms0wAwQAmtAAAwQDmtQIMAwDBASa1hADBAKa1hgwDQYJ
KoZIhvcNAQELBQADggEBAGot9DBofQBOacoI3L/leu9/U/2IvNFTsFgGpf3Lh74s
Lz+KgpEa34Z1Y8TPn0zsNHZwXqRzKmMKocDNKZYeztLsIsIuDCzR512oQMnzGaWi
AdtJnmUeatZpSh5PELQNc4ZMyYViPmxAuODbvFMujN647qCijORiiLnxqZM7nKhq
347x4oUOl6bKsarUXGOgyjCd0CuF/KjLloDJV2xaUh5HYaGCLf+9BfnklFAWn6JG
2JJt0zOxOxtW5BSe/wSKvQ6DXFql4E1O4IfomFDTtj1L0ugfLmSFY8VVb2iz/O6h
/x1LayAAEhe+WTYIsg0NFbrdef0wWEQLerhZeGgv5Uw=
-----END CERTIFICATE-----
Generated at Fri May 9 07:11:08 2025 by rpki-client