Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3A26A88F83211EFA4E4ED4C762E951A.roa
File: A3A26A88F83211EFA4E4ED4C762E951A.roa (raw, json)
Hash identifier: Qa3VGNCRkkfAiZGkNLWQRYDtUlI1qIbKOzFlXmF05v4=
Subject key identifier: 1D:A6:71:F8:6A:51:BD:9D:7C:C6:95:ED:84:E4:E0:6D:29:97:E8:59
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0170CF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3A26A88F83211EFA4E4ED4C762E951A.roa
Signing time: Mon 03 Mar 2025 13:23:05 +0000
ROA not before: Mon 03 Mar 2025 13:23:01 +0000
ROA not after: Thu 27 Mar 2025 13:23:01 +0000
asID: 44559
IP address blocks: 154.203.216.0/24 maxlen: 24
154.203.218.0/24 maxlen: 24
154.203.219.0/24 maxlen: 24
154.203.220.0/24 maxlen: 24
154.203.221.0/24 maxlen: 24
154.203.222.0/24 maxlen: 24
154.203.223.0/24 maxlen: 24
154.205.224.0/24 maxlen: 24
154.205.225.0/24 maxlen: 24
154.205.226.0/24 maxlen: 24
154.205.227.0/24 maxlen: 24
154.205.228.0/24 maxlen: 24
154.205.229.0/24 maxlen: 24
154.205.230.0/24 maxlen: 24
154.205.231.0/24 maxlen: 24
154.205.232.0/24 maxlen: 24
154.205.233.0/24 maxlen: 24
154.205.234.0/24 maxlen: 24
154.205.235.0/24 maxlen: 24
154.205.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94415 (0x170cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 3 13:23:01 2025 GMT
Not After : Mar 27 13:23:01 2025 GMT
Subject: CN=67c5ad39-c744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:40:ea:74:3b:de:bd:11:11:40:8c:27:b6:82:
5f:ec:56:a4:b3:c0:04:65:44:b6:74:10:ae:b0:d9:
2f:bb:88:f9:56:a8:d5:d9:65:73:e1:dd:92:a4:e2:
de:4d:cf:ff:9e:e5:c8:ea:a8:cb:9d:a3:96:25:ff:
43:05:f8:df:df:09:20:7f:07:a1:5f:01:fd:99:57:
c4:d3:78:82:28:7a:02:2c:75:0a:ac:da:38:67:b5:
29:a5:30:ce:25:49:c0:93:95:7f:d2:04:f6:3e:d9:
89:9b:0e:3a:30:9d:53:96:01:c5:73:b8:81:f7:fa:
fd:7a:f1:ae:1b:05:40:47:75:ba:59:49:6e:20:33:
bc:01:f6:f6:ae:4c:ae:22:b8:b3:16:87:d6:7d:28:
2d:7a:2f:bb:70:c8:ee:2a:6e:dc:03:a6:6f:5c:fe:
b2:e1:49:19:74:a5:ff:18:bc:8d:23:ff:03:aa:c7:
54:4b:af:58:ae:e8:4e:ad:02:31:c2:22:8b:62:6f:
d8:5b:ab:07:f2:7b:e0:27:a7:63:b1:aa:c2:43:44:
4f:9a:a0:b9:f4:a2:57:6b:97:12:69:9d:0c:83:e5:
65:0c:41:4f:7e:68:2b:f6:66:8f:5b:12:5f:ef:b6:
e5:bf:c2:5e:9e:59:89:d6:54:94:3b:6a:e5:58:d8:
1b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A6:71:F8:6A:51:BD:9D:7C:C6:95:ED:84:E4:E0:6D:29:97:E8:59
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3A26A88F83211EFA4E4ED4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.216.0/24
154.203.218.0-154.203.223.255
154.205.224.0-154.205.236.255
Signature Algorithm: sha256WithRSAEncryption
c0:6d:95:90:fe:c9:9e:6c:f5:4d:c3:41:12:e0:65:df:4f:a3:
d0:01:47:04:ae:3d:b6:e0:14:6b:b3:2d:d5:74:ff:ee:41:4d:
23:c6:d2:af:94:b0:14:93:4d:c3:0b:56:09:ce:23:b0:64:62:
55:a6:5f:ee:2d:24:0a:45:52:29:71:fc:d6:61:b4:09:db:c3:
d5:24:0d:e6:3d:db:ca:3a:24:40:b4:8a:d0:63:59:01:e6:56:
c8:3c:ba:27:56:2b:be:48:c2:7e:5d:1e:50:dd:14:4d:c4:4a:
62:95:97:ea:14:33:0f:1b:f6:d8:9d:66:82:e4:93:ec:a8:89:
e3:11:ce:f9:a5:b3:8e:b8:f8:da:45:14:c3:48:af:98:94:6c:
4c:94:23:22:4a:c6:43:fd:5b:21:7a:17:8a:ff:84:65:f5:02:
5f:ca:3e:97:63:a4:7c:f0:db:e2:5c:f8:d2:fb:b2:4f:a4:f3:
2e:8a:0f:a2:aa:47:84:c3:e2:93:92:68:1f:76:08:27:a0:83:
f1:09:da:92:2c:b5:c5:23:c7:76:6a:ee:39:25:32:78:b5:39:
09:b6:db:1a:50:c6:df:4e:48:81:f2:cf:c3:25:9b:46:1a:3f:
78:06:af:9f:ee:81:0b:e4:c4:c9:39:5a:8d:50:67:74:81:5c:
bb:e1:27:03
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAXDPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMTMyMzAxWhcNMjUwMzI3MTMyMzAxWjAYMRYw
FAYDVQQDEw02N2M1YWQzOS1jNzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArEDqdDvevRERQIwntoJf7Faks8AEZUS2dBCusNkvu4j5VqjV2WVz4d2S
pOLeTc//nuXI6qjLnaOWJf9DBfjf3wkgfwehXwH9mVfE03iCKHoCLHUKrNo4Z7Up
pTDOJUnAk5V/0gT2PtmJmw46MJ1TlgHFc7iB9/r9evGuGwVAR3W6WUluIDO8Afb2
rkyuIrizFofWfSgtei+7cMjuKm7cA6ZvXP6y4UkZdKX/GLyNI/8DqsdUS69YruhO
rQIxwiKLYm/YW6sH8nvgJ6djsarCQ0RPmqC59KJXa5cSaZ0Mg+VlDEFPfmgr9maP
WxJf77blv8JenlmJ1lSUO2rlWNgbFwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFB2m
cfhqUb2dfMaV7YTk4G0pl+hZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BM0EyNkE4OEY4MzIxMUVGQTRFNEVENEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAmsvYMAwDBAGay9oDBAWa
y8AwDAMEBZrN4AMEAJrN7DANBgkqhkiG9w0BAQsFAAOCAQEAwG2VkP7Jnmz1TcNB
EuBl30+j0AFHBK49tuAUa7Mt1XT/7kFNI8bSr5SwFJNNwwtWCc4jsGRiVaZf7i0k
CkVSKXH81mG0CdvD1SQN5j3byjokQLSK0GNZAeZWyDy6J1YrvkjCfl0eUN0UTcRK
YpWX6hQzDxv22J1mguST7KiJ4xHO+aWzjrj42kUUw0ivmJRsTJQjIkrGQ/1bIXoX
iv+EZfUCX8o+l2OkfPDb4lz40vuyT6TzLooPoqpHhMPik5JoH3YIJ6CD8Qnakiy1
xSPHdmruOSUyeLU5CbbbGlDG305IgfLPwyWbRho/eAavn+6BC+TEyTlajVBndIFc
u+EnAw==
-----END CERTIFICATE-----
Generated at Fri May 9 12:12:54 2025 by rpki-client