Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5B7BD06F68711EF9565D37C762E951A.roa
File: B5B7BD06F68711EF9565D37C762E951A.roa (raw, json)
Hash identifier: hrE6XMGbFIH+q6WuPB7za8evYPPtgTI1l5zQBqmRyXk=
Subject key identifier: 3A:75:E8:AF:1C:FF:B9:B5:C7:DB:A4:F4:30:97:0F:79:13:ED:3F:EC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016DD0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5B7BD06F68711EF9565D37C762E951A.roa
Signing time: Sat 01 Mar 2025 10:27:00 +0000
ROA not before: Sat 01 Mar 2025 10:26:57 +0000
ROA not after: Mon 31 Mar 2025 10:26:57 +0000
asID: 202656
IP address blocks: 154.222.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93648 (0x16dd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 10:26:57 2025 GMT
Not After : Mar 31 10:26:57 2025 GMT
Subject: CN=67c2e0f4-e029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ee:3b:97:17:e6:da:3a:ce:39:71:0f:6e:e1:
3a:64:21:16:95:71:0f:fb:91:d4:5d:fb:b9:ed:6c:
ab:64:be:a3:28:b8:67:28:bc:19:51:7a:89:56:0b:
3a:ee:10:41:f1:7c:da:d2:7a:91:7c:64:43:0c:89:
28:99:ed:3b:b5:0c:12:af:be:c0:cd:c8:62:83:f8:
d8:5d:4f:c0:88:55:6b:d2:e7:52:83:5e:46:d4:61:
33:82:1e:19:5c:97:62:47:16:e4:4e:56:36:0b:be:
91:5b:ea:69:b7:d4:bc:f0:15:d3:a5:15:e5:b3:90:
4e:1c:5c:bd:9b:0f:a5:b1:5f:86:f8:26:52:f1:20:
1c:46:10:ad:30:ae:7d:d5:94:1d:ed:88:19:25:82:
94:5e:6a:f1:43:74:ff:f5:bd:87:8f:f1:ee:97:76:
63:a2:1c:53:37:cf:a4:16:25:8e:b6:9b:68:a5:89:
09:f9:c1:39:91:16:cb:76:91:e2:e2:e2:2c:81:1f:
59:f2:3a:52:cd:3d:e5:df:1e:35:2f:7c:c1:f2:7d:
c7:48:54:36:03:34:df:3f:96:dd:29:7f:f7:21:bc:
b0:d1:c8:70:ce:68:82:d5:f5:50:b8:1c:2b:9a:bb:
ed:81:ca:70:e1:32:2b:f4:59:bc:53:6e:e2:71:7d:
1c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:75:E8:AF:1C:FF:B9:B5:C7:DB:A4:F4:30:97:0F:79:13:ED:3F:EC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5B7BD06F68711EF9565D37C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.198.0/24
Signature Algorithm: sha256WithRSAEncryption
31:a5:6f:87:44:6b:84:96:c0:20:7e:9e:57:c1:b0:78:35:6b:
48:08:7f:af:22:ab:d6:23:8d:f6:e1:fc:a0:07:9f:7d:d4:ab:
37:21:50:27:c8:e4:11:9d:59:f0:63:de:7c:60:94:09:38:1c:
bb:65:78:70:56:01:c2:0c:b6:a3:2b:88:60:a7:a9:b5:e5:da:
23:5f:31:92:30:80:9b:7d:a3:d1:bc:ff:88:dc:98:f4:3c:7e:
3e:f1:24:a2:fa:ed:be:2a:45:2d:24:17:1c:7b:98:b1:b6:02:
a6:2d:12:54:14:c9:41:c5:36:12:a3:d9:c4:90:a5:46:69:f0:
a2:e4:19:a4:cf:79:4f:87:8c:a9:0d:35:e6:ed:c2:40:f3:72:
02:5e:16:07:90:55:3b:5d:3f:23:93:25:90:73:1f:ac:92:66:
89:ab:10:62:1b:fc:9f:6e:b5:08:d0:08:b0:84:8d:f2:4f:dd:
69:23:ab:2e:7b:d2:88:95:3c:ca:c3:fd:a2:1d:21:97:b4:91:
ed:37:d6:7d:71:3e:5b:8c:f2:82:93:5e:c7:f0:32:d5:c8:22:
c6:77:47:29:40:7d:d8:11:ec:4f:73:5a:2a:ab:f8:ee:b2:b9:
51:1c:12:b5:28:f1:ae:41:01:44:68:7f:15:47:99:5a:e9:40:
ec:66:70:80
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW3QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTAyNjU3WhcNMjUwMzMxMTAyNjU3WjAYMRYw
FAYDVQQDEw02N2MyZTBmNC1lMDI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5u47lxfm2jrOOXEPbuE6ZCEWlXEP+5HUXfu57WyrZL6jKLhnKLwZUXqJ
Vgs67hBB8Xza0nqRfGRDDIkome07tQwSr77Azchig/jYXU/AiFVr0udSg15G1GEz
gh4ZXJdiRxbkTlY2C76RW+ppt9S88BXTpRXls5BOHFy9mw+lsV+G+CZS8SAcRhCt
MK591ZQd7YgZJYKUXmrxQ3T/9b2Hj/Hul3ZjohxTN8+kFiWOtptopYkJ+cE5kRbL
dpHi4uIsgR9Z8jpSzT3l3x41L3zB8n3HSFQ2AzTfP5bdKX/3Ibyw0chwzmiC1fVQ
uBwrmrvtgcpw4TIr9Fm8U27icX0cJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDp1
6K8c/7m1x9uk9DCXD3kT7T/sMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNUI3QkQwNkY2ODcxMUVGOTU2NUQzN0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt7GMA0GCSqGSIb3DQEB
CwUAA4IBAQAxpW+HRGuElsAgfp5XwbB4NWtICH+vIqvWI4324fygB5991Ks3IVAn
yOQRnVnwY958YJQJOBy7ZXhwVgHCDLajK4hgp6m15dojXzGSMICbfaPRvP+I3Jj0
PH4+8SSi+u2+KkUtJBcce5ixtgKmLRJUFMlBxTYSo9nEkKVGafCi5Bmkz3lPh4yp
DTXm7cJA83ICXhYHkFU7XT8jkyWQcx+skmaJqxBiG/yfbrUI0AiwhI3yT91pI6su
e9KIlTzKw/2iHSGXtJHtN9Z9cT5bjPKCk17H8DLVyCLGd0cpQH3YEexPc1oqq/ju
srlRHBK1KPGuQQFEaH8VR5la6UDsZnCA
-----END CERTIFICATE-----
Generated at Fri May 9 11:19:58 2025 by rpki-client