Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9DC597B8F1DC11EF8DC95393762E951A.roa
File: 9DC597B8F1DC11EF8DC95393762E951A.roa (raw, json)
Hash identifier: zU+AHIN1gaBi94V5gMAiqZcUTvGsFos8XoK2scVhGY4=
Subject key identifier: 7C:D7:B2:AF:2D:D9:DC:29:0D:3E:77:FB:A0:D8:D7:42:53:7F:38:64
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015B63
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9DC597B8F1DC11EF8DC95393762E951A.roa
Signing time: Sun 23 Feb 2025 11:52:11 +0000
ROA not before: Sun 23 Feb 2025 11:52:06 +0000
ROA not after: Wed 26 Mar 2025 11:52:06 +0000
asID: 395886
IP address blocks: 154.201.92.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88931 (0x15b63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 23 11:52:06 2025 GMT
Not After : Mar 26 11:52:06 2025 GMT
Subject: CN=67bb0beb-89f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b0:40:e1:66:c1:7b:97:c2:8b:79:12:0e:72:
7e:4e:9a:63:00:94:13:2d:cf:30:83:42:4d:d5:9d:
d1:1c:ca:d8:06:dc:87:de:6b:31:8a:a0:29:c8:3d:
ee:d4:94:c7:a3:05:84:64:e4:63:97:dc:a5:3a:a6:
ca:43:57:5a:b6:e7:ac:dd:4d:bb:ba:db:ba:dc:3e:
2e:76:b8:cb:d1:6a:38:8f:a8:23:17:38:01:f5:a8:
d7:56:ec:e5:54:4a:bf:16:ae:ed:c9:1f:f3:72:26:
20:37:2d:b0:d6:8f:70:97:3b:22:e0:14:ee:6b:ae:
f3:94:d2:e0:f4:05:0f:1d:09:eb:c6:6b:80:d6:2e:
be:e3:83:04:4b:4b:cb:aa:ea:e0:2d:65:23:41:6d:
be:59:df:98:ab:54:8f:c9:7f:42:d9:e7:8e:53:30:
fe:59:37:9f:91:9e:0f:28:d1:02:88:5a:72:ac:48:
37:a7:2b:43:83:02:db:c1:f1:8c:d4:c5:2f:fa:92:
f7:c0:9b:41:a3:8c:3a:fc:ca:75:e0:22:00:23:43:
19:d6:50:ac:f2:5b:23:ef:ad:b0:20:1f:e1:4f:03:
c2:54:30:e8:ac:34:ed:07:14:8c:a5:e1:c7:43:76:
ee:a3:f9:25:ce:22:e6:76:12:21:40:e2:41:ee:14:
32:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D7:B2:AF:2D:D9:DC:29:0D:3E:77:FB:A0:D8:D7:42:53:7F:38:64
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9DC597B8F1DC11EF8DC95393762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.92.0/23
Signature Algorithm: sha256WithRSAEncryption
50:27:72:28:74:63:9c:b6:60:4d:bb:b4:00:dd:7e:89:97:1c:
bc:ae:3b:cf:84:9b:ff:8c:c1:73:c2:95:c4:62:e3:2b:8d:d5:
7e:3f:b0:83:11:71:7a:ba:49:df:ee:cb:c8:e9:b8:5c:75:7f:
68:4b:0a:ed:1f:ab:7f:fa:e5:43:44:3a:63:fa:08:3b:3f:8d:
84:dc:d7:6a:d9:d9:de:06:84:8c:b3:a0:70:39:fc:9d:dc:38:
8e:ea:58:94:b1:bf:70:0b:8f:56:f9:2b:2c:63:af:c0:13:7f:
13:22:6c:02:50:21:74:09:85:f7:3f:58:94:c0:6d:53:1c:9c:
64:70:63:e9:d4:08:66:18:64:79:4a:0f:22:f7:f7:e0:a6:b2:
16:70:e8:bf:d4:6c:ee:9d:d3:a2:81:75:0a:74:33:39:d5:bb:
63:75:c9:5c:70:4c:57:a6:19:3a:3e:65:99:66:f4:78:c1:ce:
2e:c7:82:a9:8f:6b:ff:55:11:8c:15:2b:ba:72:74:ca:a8:10:
98:12:e9:39:74:dc:b2:de:e3:3b:4a:63:33:e0:0e:be:00:0f:
13:b0:33:a2:90:c0:72:76:75:f9:06:9d:49:37:1e:3d:b0:49:
b6:3d:ce:6b:0c:f8:70:db:cc:19:d4:35:5b:88:cf:75:04:da:
b5:9d:ab:9e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVtjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIzMTE1MjA2WhcNMjUwMzI2MTE1MjA2WjAYMRYw
FAYDVQQDEw02N2JiMGJlYi04OWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwrBA4WbBe5fCi3kSDnJ+TppjAJQTLc8wg0JN1Z3RHMrYBtyH3msxiqAp
yD3u1JTHowWEZORjl9ylOqbKQ1datues3U27utu63D4udrjL0Wo4j6gjFzgB9ajX
VuzlVEq/Fq7tyR/zciYgNy2w1o9wlzsi4BTua67zlNLg9AUPHQnrxmuA1i6+44ME
S0vLqurgLWUjQW2+Wd+Yq1SPyX9C2eeOUzD+WTefkZ4PKNECiFpyrEg3pytDgwLb
wfGM1MUv+pL3wJtBo4w6/Mp14CIAI0MZ1lCs8lsj762wIB/hTwPCVDDorDTtBxSM
peHHQ3buo/klziLmdhIhQOJB7hQydQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHzX
sq8t2dwpDT53+6DY10JTfzhkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85REM1OTdCOEYxREMxMUVGOERDOTUzOTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmslcMA0GCSqGSIb3DQEB
CwUAA4IBAQBQJ3IodGOctmBNu7QA3X6Jlxy8rjvPhJv/jMFzwpXEYuMrjdV+P7CD
EXF6uknf7svI6bhcdX9oSwrtH6t/+uVDRDpj+gg7P42E3Ndq2dneBoSMs6BwOfyd
3DiO6liUsb9wC49W+SssY6/AE38TImwCUCF0CYX3P1iUwG1THJxkcGPp1AhmGGR5
Sg8i9/fgprIWcOi/1GzundOigXUKdDM51btjdclccExXphk6PmWZZvR4wc4ux4Kp
j2v/VRGMFSu6cnTKqBCYEuk5dNyy3uM7SmMz4A6+AA8TsDOikMBydnX5Bp1JNx49
sEm2Pc5rDPhw28wZ1DVbiM91BNq1naue
-----END CERTIFICATE-----
Generated at Fri May 9 11:52:31 2025 by rpki-client