Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA43F9AC8DCE11EEA41DB4654AD9E6FC.roa
File: BA43F9AC8DCE11EEA41DB4654AD9E6FC.roa (raw, json)
Hash identifier: DL25p3ZU5nOuAaOrQOW5OdvI25yPT4qynMU8QlPDNuw=
Subject key identifier: C9:57:FC:2F:02:6B:7D:36:49:4F:DC:C2:69:67:24:69:8F:9E:CC:48
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 55CE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA43F9AC8DCE11EEA41DB4654AD9E6FC.roa
Signing time: Tue 28 Nov 2023 09:15:52 +0000
ROA not before: Tue 28 Nov 2023 09:15:49 +0000
ROA not after: Tue 26 Dec 2023 09:15:49 +0000
asID: 62240
IP address blocks: 154.196.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21966 (0x55ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 28 09:15:49 2023 GMT
Not After : Dec 26 09:15:49 2023 GMT
Subject: CN=6565afc8-cc9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5f:a7:3c:36:7c:97:de:8e:e7:27:16:e2:37:
63:3e:02:ef:42:d1:87:a1:6a:fe:8a:0b:43:20:09:
ea:89:3b:a4:ee:59:66:ad:9f:c8:81:99:c3:7f:6c:
43:5c:53:2c:2a:25:49:95:86:f7:49:70:16:f2:90:
36:77:fd:49:97:f2:ce:c5:9d:74:8d:dc:76:ce:33:
7b:2d:d1:1c:3f:b2:de:9f:d5:bd:c4:b8:26:47:06:
df:69:66:1d:57:c5:f2:8e:56:6c:88:62:43:02:a2:
0d:2a:ac:6b:e1:9c:94:29:c9:21:61:60:58:8d:a0:
53:36:3c:d6:2e:a7:3f:e1:f7:92:94:95:3a:53:4b:
82:12:63:12:69:93:f6:c1:a7:75:7c:68:97:f4:c5:
35:ca:8f:62:b9:87:b8:a2:4d:61:e9:ae:33:d5:5c:
43:05:8d:9e:8f:4e:ad:c1:f5:2a:9d:e9:d3:d5:0b:
f4:36:66:35:a4:b7:5a:6a:d4:4f:62:ae:42:33:25:
7d:eb:b3:84:fa:a0:c5:b5:ea:2d:38:ee:be:0a:a1:
ff:b8:23:d3:9a:15:db:43:e3:1d:c2:16:88:ec:b9:
ce:7a:49:8a:31:5e:9c:52:eb:63:d5:8a:05:4f:42:
f7:11:59:35:f6:e7:27:30:38:29:03:ac:4f:0f:28:
08:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:57:FC:2F:02:6B:7D:36:49:4F:DC:C2:69:67:24:69:8F:9E:CC:48
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA43F9AC8DCE11EEA41DB4654AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.90.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:b1:18:07:37:92:7e:40:43:e9:1a:e7:6c:08:91:f8:02:47:
cd:48:89:52:5e:f4:16:3e:4f:7d:53:ba:bf:7a:d3:df:b6:51:
a3:2b:06:22:2a:6b:01:93:e7:49:bf:f6:d9:71:44:32:7e:68:
13:4f:a7:d3:8f:ba:78:77:f7:b0:12:30:bd:c8:11:79:08:b0:
df:8e:02:56:5a:4e:49:25:c3:bb:dd:2b:ac:6d:68:c0:55:80:
aa:aa:b7:3d:67:16:bd:05:0f:6c:5b:c0:05:56:3d:59:ff:36:
44:b0:55:9a:de:2a:f6:6c:66:49:48:59:e5:cf:08:d8:a7:c2:
26:65:69:01:e0:66:b4:7e:83:d8:ea:b9:86:e5:a1:fa:0c:fd:
b9:9f:9d:4d:40:25:96:c7:98:34:6d:7e:14:b3:df:20:98:55:
51:c3:a8:8a:c9:fb:8c:3f:5e:7d:d5:eb:18:48:0e:52:9e:48:
9a:17:c8:49:e2:9b:b7:58:29:81:cc:6e:85:92:80:79:11:1c:
57:c4:c1:36:48:0c:c6:0f:db:54:1e:93:d3:6e:11:d4:0f:f0:
5b:47:3d:9d:90:33:0b:3f:c1:f8:c4:8a:44:05:45:38:4f:54:
6a:21:68:6f:7b:5d:09:43:91:8d:d5:ef:7a:67:90:84:2b:5b:
0d:93:72:e9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVc4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjgwOTE1NDlaFw0yMzEyMjYwOTE1NDlaMBgxFjAU
BgNVBAMTDTY1NjVhZmM4LWNjOWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDRX6c8NnyX3o7nJxbiN2M+Au9C0Yehav6KC0MgCeqJO6TuWWatn8iBmcN/
bENcUywqJUmVhvdJcBbykDZ3/UmX8s7FnXSN3HbOM3st0Rw/st6f1b3EuCZHBt9p
Zh1XxfKOVmyIYkMCog0qrGvhnJQpySFhYFiNoFM2PNYupz/h95KUlTpTS4ISYxJp
k/bBp3V8aJf0xTXKj2K5h7iiTWHprjPVXEMFjZ6PTq3B9Sqd6dPVC/Q2ZjWkt1pq
1E9irkIzJX3rs4T6oMW16i047r4Kof+4I9OaFdtD4x3CFojsuc56SYoxXpxS62PV
igVPQvcRWTX25ycwOCkDrE8PKAjVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUyVf8
LwJrfTZJT9zCaWckaY+ezEgwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0JBNDNGOUFDOERDRTExRUVBNDFEQjQ2NTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxFowDQYJKoZIhvcNAQEL
BQADggEBAD+xGAc3kn5AQ+ka52wIkfgCR81IiVJe9BY+T31Tur9609+2UaMrBiIq
awGT50m/9tlxRDJ+aBNPp9OPunh397ASML3IEXkIsN+OAlZaTkklw7vdK6xtaMBV
gKqqtz1nFr0FD2xbwAVWPVn/NkSwVZreKvZsZklIWeXPCNinwiZlaQHgZrR+g9jq
uYblofoM/bmfnU1AJZbHmDRtfhSz3yCYVVHDqIrJ+4w/Xn3V6xhIDlKeSJoXyEni
m7dYKYHMboWSgHkRHFfEwTZIDMYP21Qek9NuEdQP8FtHPZ2QMws/wfjEikQFRThP
VGohaG97XQlDkY3V73pnkIQrWw2Tcuk=
-----END CERTIFICATE-----
Generated at Fri May 9 10:43:09 2025 by rpki-client