Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A9DB1BCF68A11EF8A057D8F762E951A.roa
File: 9A9DB1BCF68A11EF8A057D8F762E951A.roa (raw, json)
Hash identifier: 9eR/Ty5Iof347fz/zAdUjTOrIGq2NLswLWKeuEPOqRs=
Subject key identifier: D8:2D:85:DB:71:2B:6F:27:A3:91:F4:13:04:AD:1E:92:A6:04:E7:63
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016DE0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A9DB1BCF68A11EF8A057D8F762E951A.roa
Signing time: Sat 01 Mar 2025 10:47:43 +0000
ROA not before: Sat 01 Mar 2025 10:47:39 +0000
ROA not after: Mon 31 Mar 2025 10:47:39 +0000
asID: 202656
IP address blocks: 154.222.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93664 (0x16de0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 10:47:39 2025 GMT
Not After : Mar 31 10:47:39 2025 GMT
Subject: CN=67c2e5cf-b112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:73:08:18:ba:2a:58:d8:73:8c:52:7e:d0:d1:
74:bc:89:a1:5e:38:80:58:ad:27:06:e1:13:3c:45:
50:60:78:f9:f4:0e:77:43:ea:09:60:83:03:02:4c:
5f:b1:ea:de:66:cd:d5:bc:e8:27:11:1e:7c:fb:b5:
e4:49:4d:b9:c4:9e:2f:21:b9:2d:5b:e7:4f:39:d8:
32:61:35:e2:32:67:b3:19:53:3a:e8:7e:33:b5:bc:
62:4a:d4:fe:ac:7e:3f:b1:dd:9e:44:37:25:d1:0f:
44:b4:74:ef:4e:f7:57:9f:fa:8f:52:94:f3:71:23:
66:81:9c:86:c7:52:7f:63:ae:2d:de:37:8f:8e:a6:
b8:bf:f9:f0:be:35:1b:76:a3:0d:77:6a:37:25:d9:
bc:5c:e1:cc:13:06:2d:e7:0f:a3:56:24:af:26:78:
72:bc:42:45:70:f7:73:99:e4:2c:92:9f:63:af:98:
92:b5:21:59:9b:b2:5f:13:63:9f:fc:3b:04:c9:14:
b5:dd:f5:1e:58:ea:66:c4:b2:8b:52:41:f9:70:0f:
58:f0:7a:b7:d1:3b:79:4f:5f:80:ef:89:92:dd:f3:
65:92:46:77:c7:2d:c2:ec:c5:78:30:48:f0:13:6a:
55:35:7b:72:f9:eb:d9:3b:f3:07:c6:66:f6:4b:f1:
cc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:2D:85:DB:71:2B:6F:27:A3:91:F4:13:04:AD:1E:92:A6:04:E7:63
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A9DB1BCF68A11EF8A057D8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.42.0/24
Signature Algorithm: sha256WithRSAEncryption
31:5a:7f:50:4e:69:25:aa:0c:73:8d:db:95:dc:a6:0b:02:3c:
c3:1f:ea:92:ac:d5:65:d5:a5:bb:8e:ab:d8:6c:87:4b:56:35:
5b:69:88:71:0a:ca:02:98:22:5a:74:e8:65:8d:c1:8e:eb:45:
30:20:e2:ad:f3:09:b6:4a:06:19:66:31:5e:f8:33:83:3e:43:
31:f9:9f:e8:0d:b1:30:54:9e:49:5a:a0:f6:8e:30:c4:55:3c:
b9:3d:41:53:d1:d4:b6:22:ec:38:ed:f2:c3:14:ec:c7:f7:3a:
39:60:11:2d:d3:2c:27:19:5c:75:a4:be:60:da:d0:87:f5:f9:
a4:98:e2:4b:66:1d:40:33:74:f8:17:51:9c:b7:b9:44:b9:33:
3c:c8:48:c7:68:cc:43:47:93:56:1d:69:57:73:1e:32:60:36:
4c:4f:3b:f8:6f:55:93:32:8e:3e:26:0c:2f:90:41:0a:78:d9:
d4:0c:58:bc:90:65:5c:0e:e6:9f:57:fc:ed:e9:ae:f9:cd:2a:
97:1c:cd:63:52:4a:1d:68:2a:b9:4c:46:1d:7f:bb:fb:2e:cd:
6d:8b:9e:1a:4b:cb:69:8e:45:e0:b8:40:cd:d2:1b:17:6b:49:
53:16:4b:11:1c:40:a0:eb:b0:de:37:0b:78:94:c6:85:6b:43:
ef:96:68:bc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW3gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTA0NzM5WhcNMjUwMzMxMTA0NzM5WjAYMRYw
FAYDVQQDEw02N2MyZTVjZi1iMTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtHMIGLoqWNhzjFJ+0NF0vImhXjiAWK0nBuETPEVQYHj59A53Q+oJYIMD
AkxfsereZs3VvOgnER58+7XkSU25xJ4vIbktW+dPOdgyYTXiMmezGVM66H4ztbxi
StT+rH4/sd2eRDcl0Q9EtHTvTvdXn/qPUpTzcSNmgZyGx1J/Y64t3jePjqa4v/nw
vjUbdqMNd2o3Jdm8XOHMEwYt5w+jViSvJnhyvEJFcPdzmeQskp9jr5iStSFZm7Jf
E2Of/DsEyRS13fUeWOpmxLKLUkH5cA9Y8Hq30Tt5T1+A74mS3fNlkkZ3xy3C7MV4
MEjwE2pVNXty+evZO/MHxmb2S/HMCQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNgt
hdtxK28no5H0EwStHpKmBOdjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QTlEQjFCQ0Y2OEExMUVGOEEwNTdEOEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt4qMA0GCSqGSIb3DQEB
CwUAA4IBAQAxWn9QTmklqgxzjduV3KYLAjzDH+qSrNVl1aW7jqvYbIdLVjVbaYhx
CsoCmCJadOhljcGO60UwIOKt8wm2SgYZZjFe+DODPkMx+Z/oDbEwVJ5JWqD2jjDE
VTy5PUFT0dS2Iuw47fLDFOzH9zo5YBEt0ywnGVx1pL5g2tCH9fmkmOJLZh1AM3T4
F1Gct7lEuTM8yEjHaMxDR5NWHWlXcx4yYDZMTzv4b1WTMo4+JgwvkEEKeNnUDFi8
kGVcDuafV/zt6a75zSqXHM1jUkodaCq5TEYdf7v7Ls1ti54aS8tpjkXguEDN0hsX
a0lTFksRHECg67DeNwt4lMaFa0Pvlmi8
-----END CERTIFICATE-----
Generated at Fri May 9 06:46:22 2025 by rpki-client