Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B17B821A8A9311EEB1DBA4174AD9E6FC.roa
File: B17B821A8A9311EEB1DBA4174AD9E6FC.roa (raw, json)
Hash identifier: omFBv9tGwYRC3xSw5kOauTPqu/qTvXjIvLE5Awft3Lc=
Subject key identifier: A4:FD:98:D1:EF:B3:B2:7F:1A:51:BE:05:1C:43:49:84:AE:61:E2:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 53CF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B17B821A8A9311EEB1DBA4174AD9E6FC.roa
Signing time: Fri 24 Nov 2023 06:35:44 +0000
ROA not before: Fri 24 Nov 2023 06:35:40 +0000
ROA not after: Tue 26 Dec 2023 06:35:40 +0000
asID: 62240
IP address blocks: 154.194.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21455 (0x53cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 06:35:40 2023 GMT
Not After : Dec 26 06:35:40 2023 GMT
Subject: CN=65604440-b99c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d5:0f:9a:39:96:25:0e:f4:14:af:c6:6f:41:
2a:54:0a:f6:7a:de:bd:7d:16:1e:ce:6e:a2:4f:a6:
af:4a:0d:01:d2:e5:43:eb:86:68:34:12:c8:e0:b4:
87:b8:41:e3:15:e7:c9:cc:ef:f2:5d:ed:31:f8:76:
6b:d1:3a:da:8b:c6:6b:27:42:c7:a2:ac:6d:3c:90:
98:58:07:65:fb:4a:b4:d2:68:23:6a:a5:89:28:85:
0b:4c:1f:f5:b7:04:ab:05:a7:d0:bc:fb:25:10:b2:
f6:1e:8b:e4:6e:58:c5:bc:20:fb:2e:bd:49:eb:e8:
26:6b:0b:12:ce:2d:db:5b:da:45:30:ef:d7:ce:d4:
f2:aa:d1:94:f2:fc:02:97:e4:08:b3:43:e7:51:67:
f4:ab:92:6a:9c:05:90:15:c6:ec:90:cd:0e:31:e7:
6a:c1:a2:f8:44:e9:97:44:a9:b4:19:7c:c7:de:c4:
8a:b2:6f:66:63:ba:b8:cb:7c:2d:b1:f7:e0:5a:e7:
d4:53:25:39:de:7e:7e:b1:50:2e:00:08:30:70:79:
b1:b0:8c:0a:15:c4:92:93:d1:ad:66:e6:59:ab:25:
e7:53:f9:76:31:d4:78:5a:b9:bc:74:e7:8b:18:d2:
5c:41:9a:18:8b:06:5a:cf:60:22:32:c0:0a:e4:14:
e4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:FD:98:D1:EF:B3:B2:7F:1A:51:BE:05:1C:43:49:84:AE:61:E2:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B17B821A8A9311EEB1DBA4174AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.109.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:12:3d:c5:a5:59:a7:e2:1a:85:97:d0:f8:94:d8:da:b5:7d:
77:70:7a:46:8d:4c:f3:d6:f4:bf:35:8a:8c:cb:be:f5:5c:94:
6a:2b:27:8d:c7:6e:bd:02:07:03:09:da:90:b3:98:d6:23:de:
23:54:8b:84:16:d1:1e:c2:0e:bb:10:78:2f:d8:6c:ed:9f:b6:
b4:cc:f6:70:05:92:d5:fe:ac:c0:54:8f:91:5a:75:89:27:b6:
8a:ae:3e:67:09:ef:81:74:05:e3:c2:a3:00:bf:f3:39:7d:9d:
34:6f:c1:77:15:79:2a:94:bd:9e:47:a4:21:03:cf:7b:0b:f9:
93:33:29:f1:d5:70:73:8e:c0:0e:95:13:7c:bf:63:ec:2e:c1:
23:6a:65:bb:32:f5:56:cd:19:6a:4f:8c:ef:28:92:76:45:14:
fb:20:90:2b:67:47:04:69:d8:80:a7:45:4a:b4:cb:34:1b:1a:
9c:f4:f3:9e:8a:f4:d9:50:22:a8:33:d0:57:69:62:bc:49:41:
af:05:29:02:d8:e5:74:21:b9:24:8c:74:0f:2e:23:cc:99:f7:
14:90:0e:90:09:89:b9:59:cc:69:76:9f:ae:b9:4d:7a:17:5d:
06:b3:d0:19:50:ea:7a:a8:9b:97:df:8f:8c:cc:87:7d:e3:0f:
63:f2:89:d2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICU88wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNjM1NDBaFw0yMzEyMjYwNjM1NDBaMBgxFjAU
BgNVBAMTDTY1NjA0NDQwLWI5OWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC11Q+aOZYlDvQUr8ZvQSpUCvZ63r19Fh7ObqJPpq9KDQHS5UPrhmg0Esjg
tIe4QeMV58nM7/Jd7TH4dmvROtqLxmsnQseirG08kJhYB2X7SrTSaCNqpYkohQtM
H/W3BKsFp9C8+yUQsvYei+RuWMW8IPsuvUnr6CZrCxLOLdtb2kUw79fO1PKq0ZTy
/AKX5AizQ+dRZ/SrkmqcBZAVxuyQzQ4x52rBovhE6ZdEqbQZfMfexIqyb2ZjurjL
fC2x9+Ba59RTJTnefn6xUC4ACDBwebGwjAoVxJKT0a1m5lmrJedT+XYx1Hhaubx0
54sY0lxBmhiLBlrPYCIywArkFORdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpP2Y
0e+zsn8aUb4FHENJhK5h4qswHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0IxN0I4MjFBOEE5MzExRUVCMURCQTQxNzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACawm0wDQYJKoZIhvcNAQEL
BQADggEBAD4SPcWlWafiGoWX0PiU2Nq1fXdwekaNTPPW9L81iozLvvVclGorJ43H
br0CBwMJ2pCzmNYj3iNUi4QW0R7CDrsQeC/YbO2ftrTM9nAFktX+rMBUj5FadYkn
toquPmcJ74F0BePCowC/8zl9nTRvwXcVeSqUvZ5HpCEDz3sL+ZMzKfHVcHOOwA6V
E3y/Y+wuwSNqZbsy9VbNGWpPjO8oknZFFPsgkCtnRwRp2ICnRUq0yzQbGpz0856K
9NlQIqgz0FdpYrxJQa8FKQLY5XQhuSSMdA8uI8yZ9xSQDpAJiblZzGl2n665TXoX
XQaz0BlQ6nqom5ffj4zMh33jD2PyidI=
-----END CERTIFICATE-----
Generated at Fri May 9 10:48:14 2025 by rpki-client