Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A48AA8CEFD9211EF9C9F619F762E951A.roa
File: A48AA8CEFD9211EF9C9F619F762E951A.roa (raw, json)
Hash identifier: 2zpNd23HKRIWioEbQiDsRkyLcFDf1JvuqUGejqm5kzg=
Subject key identifier: 77:CD:61:42:73:0C:50:A6:A5:8B:A5:39:E1:F4:7A:90:D3:D0:AB:2D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01733B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A48AA8CEFD9211EF9C9F619F762E951A.roa
Signing time: Mon 10 Mar 2025 09:32:54 +0000
ROA not before: Mon 10 Mar 2025 09:32:50 +0000
ROA not after: Sat 29 Mar 2025 09:32:50 +0000
asID: 5065
IP address blocks: 154.206.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95035 (0x1733b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 10 09:32:50 2025 GMT
Not After : Mar 29 09:32:50 2025 GMT
Subject: CN=67ceb1c6-48f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:39:ae:19:72:d3:a6:96:14:37:90:23:88:22:
f2:a3:67:89:84:f0:4d:42:5c:e1:6d:62:93:e4:06:
9e:d6:af:62:a3:d7:d1:ea:30:e7:fe:92:e9:e5:b2:
16:f5:57:9c:89:e5:3f:43:0e:dd:24:1d:eb:c0:d0:
3d:e4:e3:e1:29:23:ec:9c:bd:87:0f:35:2e:36:0f:
bb:2e:0b:6b:9c:88:c3:8b:07:f9:c1:3f:fb:ea:3f:
ce:2d:66:d9:88:01:e3:81:db:1d:df:9e:38:e5:ff:
73:05:7f:d6:e0:92:60:7a:2c:eb:57:76:e2:7d:7f:
cf:8d:b5:a2:e9:6b:7f:99:6f:ba:9b:c1:7f:9d:36:
02:bd:58:58:02:61:fe:74:74:e6:5c:da:63:4e:77:
4c:6d:9b:cf:4a:31:90:86:6e:87:2e:1a:27:08:ce:
fd:c0:86:1b:b8:94:0f:5f:9a:3f:61:17:d4:96:d1:
1a:51:19:bb:b6:0a:2c:70:e3:42:9e:05:97:44:9a:
75:46:e0:1d:6e:17:f0:b1:34:f9:ed:31:2b:44:e0:
7d:d4:d8:da:e0:37:76:d1:d9:b4:af:ae:b6:a1:59:
1f:d2:57:b4:3e:15:29:72:fa:29:a3:69:53:52:10:
ce:e2:cb:33:fb:11:5b:fc:b5:7d:72:da:db:28:50:
65:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:CD:61:42:73:0C:50:A6:A5:8B:A5:39:E1:F4:7A:90:D3:D0:AB:2D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A48AA8CEFD9211EF9C9F619F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.37.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:d1:62:f9:92:3b:e1:7c:b7:20:3f:08:18:41:2f:b8:ea:c8:
1e:3d:ed:95:51:0e:37:1d:fe:22:1b:cf:92:91:64:c9:d9:22:
ac:62:d5:12:ab:26:0d:8e:61:c1:d0:62:39:97:fc:67:f1:3b:
69:d8:fa:01:7c:4a:af:1a:3c:00:61:63:9c:65:de:4a:15:8a:
26:a8:6e:c1:48:3a:cf:7b:af:a7:58:48:9b:26:0e:2e:34:90:
c5:d5:41:55:20:52:7d:38:15:54:6f:03:41:ed:23:19:9c:89:
cf:83:05:36:87:39:70:5f:6c:5d:4f:d5:f0:b6:51:b4:89:14:
42:41:cb:ac:d9:2a:87:af:8c:0c:54:79:5b:c9:12:ad:97:af:
b5:8f:4d:1b:c9:1a:71:29:fc:ca:ae:53:4a:2b:3d:d9:10:cf:
d5:f6:1c:19:85:d3:02:83:33:71:20:84:39:9f:2e:df:f6:6e:
7d:35:bf:5d:4d:db:79:cc:12:27:db:cf:93:6b:e7:60:1d:d2:
84:d6:17:58:31:ba:f1:e2:1d:1f:66:7f:0b:46:b5:dc:b2:65:
43:c3:94:d6:dd:64:10:37:a5:35:4f:ca:8a:3f:8d:be:a2:91:
0f:c9:2f:b5:c0:e6:d5:14:eb:d1:f1:47:92:bc:09:8a:e2:e4:
96:0c:26:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXM7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEwMDkzMjUwWhcNMjUwMzI5MDkzMjUwWjAYMRYw
FAYDVQQDEw02N2NlYjFjNi00OGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArjmuGXLTppYUN5AjiCLyo2eJhPBNQlzhbWKT5Aae1q9io9fR6jDn/pLp
5bIW9VecieU/Qw7dJB3rwNA95OPhKSPsnL2HDzUuNg+7LgtrnIjDiwf5wT/76j/O
LWbZiAHjgdsd35445f9zBX/W4JJgeizrV3bifX/PjbWi6Wt/mW+6m8F/nTYCvVhY
AmH+dHTmXNpjTndMbZvPSjGQhm6HLhonCM79wIYbuJQPX5o/YRfUltEaURm7tgos
cONCngWXRJp1RuAdbhfwsTT57TErROB91Nja4Dd20dm0r662oVkf0le0PhUpcvop
o2lTUhDO4ssz+xFb/LV9ctrbKFBlEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHfN
YUJzDFCmpYulOeH0epDT0KstMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNDhBQThDRUZEOTIxMUVGOUM5RjYxOUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4lMA0GCSqGSIb3DQEB
CwUAA4IBAQCo0WL5kjvhfLcgPwgYQS+46sgePe2VUQ43Hf4iG8+SkWTJ2SKsYtUS
qyYNjmHB0GI5l/xn8Ttp2PoBfEqvGjwAYWOcZd5KFYomqG7BSDrPe6+nWEibJg4u
NJDF1UFVIFJ9OBVUbwNB7SMZnInPgwU2hzlwX2xdT9XwtlG0iRRCQcus2SqHr4wM
VHlbyRKtl6+1j00byRpxKfzKrlNKKz3ZEM/V9hwZhdMCgzNxIIQ5ny7f9m59Nb9d
Tdt5zBIn28+Ta+dgHdKE1hdYMbrx4h0fZn8LRrXcsmVDw5TW3WQQN6U1T8qKP42+
opEPyS+1wObVFOvR8UeSvAmK4uSWDCZz
-----END CERTIFICATE-----
Generated at Fri May 9 05:44:18 2025 by rpki-client