Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB0DC49CEF7D11EFAB35414B762E951A.roa
File: AB0DC49CEF7D11EFAB35414B762E951A.roa (raw, json)
Hash identifier: mHUriaQugFSYNMdd0zsZdGzEzLlVivmLz/GLyXYScBM=
Subject key identifier: C1:E3:5F:8D:CA:B1:DD:4C:45:B1:E9:74:6A:D0:80:70:CF:B7:02:40
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0158C6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB0DC49CEF7D11EFAB35414B762E951A.roa
Signing time: Thu 20 Feb 2025 11:27:29 +0000
ROA not before: Thu 20 Feb 2025 11:27:22 +0000
ROA not after: Thu 20 Mar 2025 11:27:22 +0000
asID: 54600
IP address blocks: 154.202.118.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88262 (0x158c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 20 11:27:22 2025 GMT
Not After : Mar 20 11:27:22 2025 GMT
Subject: CN=67b711a1-4ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2a:93:4c:b7:bf:04:1c:96:1a:00:2e:7d:f7:
a2:e8:ba:d4:96:71:50:48:81:db:d8:ab:e1:d9:0c:
ab:27:b3:ad:84:4a:94:9a:fb:91:e5:0a:8b:6f:8c:
a9:7f:c6:d8:c5:d6:9c:53:62:ae:bb:dd:f5:4f:54:
58:c8:7a:a6:d9:17:1f:7f:fe:60:d6:6c:81:d3:4b:
62:a8:7e:60:5d:81:19:94:08:30:7b:25:ee:39:e5:
2e:56:08:97:8a:65:06:8c:23:0e:ff:ad:32:c6:b9:
72:93:e8:dc:35:6f:14:bd:89:e6:fc:4b:e7:e8:61:
d9:95:33:bd:25:f0:dc:5b:09:22:c9:5a:52:bf:be:
06:7c:de:a4:13:85:67:30:21:b1:3f:d2:e4:88:f2:
27:91:ab:49:95:b4:69:45:61:dd:d7:c2:96:48:e6:
13:f3:13:5d:97:f6:ad:ce:57:8e:d2:70:bb:8f:72:
92:07:c8:fa:94:c0:98:7f:0b:48:15:38:e2:17:97:
86:14:a7:af:f9:e9:6c:7f:33:5c:ad:78:0a:bc:c6:
00:70:a8:7f:72:e9:36:bf:58:f2:4a:97:b9:4d:83:
37:c0:5e:77:7a:25:ad:6d:f0:19:e8:6f:c2:35:70:
c4:5b:2b:d7:45:44:54:75:e4:ed:49:89:5c:1c:4d:
fa:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E3:5F:8D:CA:B1:DD:4C:45:B1:E9:74:6A:D0:80:70:CF:B7:02:40
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB0DC49CEF7D11EFAB35414B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.118.0/23
Signature Algorithm: sha256WithRSAEncryption
76:01:00:57:c1:d5:bd:2a:81:02:3b:7e:cf:95:b8:5e:ff:2e:
0b:ab:5f:f2:ab:e7:5a:bc:2c:15:a5:0d:ab:7d:4c:61:74:c8:
1f:c3:58:5e:25:13:62:d0:40:9f:18:1c:c8:25:44:b9:c6:ab:
24:57:38:6b:4b:5b:9e:5f:53:81:07:74:76:61:9e:b1:d7:4b:
59:94:85:56:13:83:c8:21:46:e4:f2:9e:0d:dd:f4:d9:5a:63:
6b:2f:e5:05:65:26:8b:56:d1:4a:b7:8f:cc:f7:15:76:36:c3:
ff:61:2f:98:2f:9a:94:bd:46:ff:0a:af:42:71:b4:1b:d2:fd:
85:24:9d:14:4b:04:af:c0:5a:c2:b7:66:81:81:d6:91:45:36:
f3:39:c9:0a:ab:2a:e0:92:97:f5:bf:83:6a:d7:39:fb:bf:c2:
68:12:d4:4d:e6:04:a7:94:44:8a:5c:6b:17:54:02:99:ab:d5:
5a:30:29:5d:a5:f9:be:65:e1:dc:d5:46:67:db:66:aa:46:35:
77:f6:73:81:68:c5:c6:5e:64:58:8b:49:1b:7a:4b:85:e7:52:
b5:b9:9b:a5:2e:73:c6:50:42:88:c8:09:0b:70:e7:c9:fb:5e:
8d:32:d0:e1:c5:70:99:8c:37:b5:0d:61:c4:d7:53:c9:bd:02:
7f:57:a6:c6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVjGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIwMTEyNzIyWhcNMjUwMzIwMTEyNzIyWjAYMRYw
FAYDVQQDEw02N2I3MTFhMS00YWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAriqTTLe/BByWGgAuffei6LrUlnFQSIHb2Kvh2QyrJ7OthEqUmvuR5QqL
b4ypf8bYxdacU2Kuu931T1RYyHqm2Rcff/5g1myB00tiqH5gXYEZlAgweyXuOeUu
VgiXimUGjCMO/60yxrlyk+jcNW8UvYnm/Evn6GHZlTO9JfDcWwkiyVpSv74GfN6k
E4VnMCGxP9LkiPInkatJlbRpRWHd18KWSOYT8xNdl/atzleO0nC7j3KSB8j6lMCY
fwtIFTjiF5eGFKev+elsfzNcrXgKvMYAcKh/cuk2v1jySpe5TYM3wF53eiWtbfAZ
6G/CNXDEWyvXRURUdeTtSYlcHE36cwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMHj
X43Ksd1MRbHpdGrQgHDPtwJAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQjBEQzQ5Q0VGN0QxMUVGQUIzNTQxNEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsp2MA0GCSqGSIb3DQEB
CwUAA4IBAQB2AQBXwdW9KoECO37Plbhe/y4Lq1/yq+davCwVpQ2rfUxhdMgfw1he
JRNi0ECfGBzIJUS5xqskVzhrS1ueX1OBB3R2YZ6x10tZlIVWE4PIIUbk8p4N3fTZ
WmNrL+UFZSaLVtFKt4/M9xV2NsP/YS+YL5qUvUb/Cq9CcbQb0v2FJJ0USwSvwFrC
t2aBgdaRRTbzOckKqyrgkpf1v4Nq1zn7v8JoEtRN5gSnlESKXGsXVAKZq9VaMCld
pfm+ZeHc1UZn22aqRjV39nOBaMXGXmRYi0kbekuF51K1uZulLnPGUEKIyAkLcOfJ
+16NMtDhxXCZjDe1DWHE11PJvQJ/V6bG
-----END CERTIFICATE-----
Generated at Fri May 9 09:41:42 2025 by rpki-client