Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD37572C8CDD11EE89840D654AD9E6FC.roa
File: BD37572C8CDD11EE89840D654AD9E6FC.roa (raw, json)
Hash identifier: RCOR/DL9BmC1fQ6nfkkOA5kbK24mLV6j2Jntzsou0cw=
Subject key identifier: 67:89:6B:0A:EA:D3:B6:84:57:52:11:34:E5:87:FF:AD:E4:58:13:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 54FC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD37572C8CDD11EE89840D654AD9E6FC.roa
Signing time: Mon 27 Nov 2023 04:30:49 +0000
ROA not before: Mon 27 Nov 2023 04:30:45 +0000
ROA not after: Tue 26 Dec 2023 04:30:45 +0000
asID: 62240
IP address blocks: 154.194.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21756 (0x54fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 27 04:30:45 2023 GMT
Not After : Dec 26 04:30:45 2023 GMT
Subject: CN=65641b78-7486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:8a:ed:0a:ab:c2:8f:d5:8d:48:a0:38:8e:29:
1a:65:9b:f6:26:44:44:3d:b3:75:45:15:a0:00:b9:
c9:9c:29:4d:f1:64:48:05:3b:f1:21:98:14:65:26:
a6:1c:18:e2:83:a0:53:7a:65:c0:0d:7d:7e:13:53:
1b:c7:19:13:eb:9b:3f:05:a8:0c:f9:8b:2f:71:7b:
70:53:ab:2a:70:47:e9:14:fc:9f:1e:08:a4:ac:14:
05:e8:36:1f:27:0e:6a:b2:5a:5f:7d:55:39:25:3d:
5a:86:e9:85:51:e1:a1:8d:30:25:82:51:f1:38:48:
af:13:2f:26:ef:b5:74:11:20:8f:7a:ca:b5:7b:98:
54:fc:12:4f:f3:76:88:e1:9d:76:3b:b5:f7:17:73:
76:3b:c3:bc:25:9a:12:95:cd:43:20:1a:b8:54:90:
52:84:2d:0d:d9:de:a0:8d:e4:5a:02:24:70:56:dc:
5c:78:6e:72:a8:0a:a1:40:0f:00:4f:c6:43:1f:73:
74:be:07:4a:c3:54:46:5d:3c:f8:5c:4d:9c:d9:b3:
df:94:18:2d:dd:c0:57:36:48:df:88:ca:a8:80:09:
40:ab:64:14:cf:38:c0:32:bb:18:1d:d2:fd:d6:bb:
30:96:b3:12:6c:60:e5:03:73:a5:18:96:d7:a9:87:
2d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:89:6B:0A:EA:D3:B6:84:57:52:11:34:E5:87:FF:AD:E4:58:13:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD37572C8CDD11EE89840D654AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.127.0/24
Signature Algorithm: sha256WithRSAEncryption
67:5e:a7:30:ac:95:92:31:ae:f6:18:e3:d8:56:ac:03:0e:58:
a6:cb:09:f4:2a:5d:71:80:14:85:56:34:06:2c:ca:72:c4:b9:
8e:0d:03:95:2f:6c:40:c6:8b:ad:09:5b:28:18:0d:03:4c:24:
65:b0:71:d2:0b:a0:f9:e4:45:b3:6d:4e:94:6e:1d:22:08:9c:
35:82:1f:97:a9:d3:8d:75:64:55:f8:30:7f:61:74:12:61:18:
08:6b:27:8f:2c:e5:e7:4d:75:6b:a1:6d:81:53:f3:5d:02:44:
de:6c:ea:c3:5c:64:27:34:ef:b5:3e:97:c7:73:56:ad:79:d2:
a4:3e:55:4a:6f:85:df:ca:6c:66:76:0b:a3:8b:c5:87:6c:b7:
bd:b9:6f:69:54:e2:00:c6:66:d3:30:4e:6a:e7:1e:26:6e:cc:
96:f4:92:ec:ce:3a:94:93:2f:14:a3:29:cf:81:eb:32:1b:e2:
eb:7a:c2:72:1d:c4:dc:79:29:81:47:32:a4:11:6a:43:2c:9b:
b6:a9:e7:8f:b5:a9:4c:f3:17:bb:9e:6c:ea:6e:9d:e9:47:97:
f0:02:60:87:3d:dd:7d:4c:04:dd:6c:74:71:51:a5:38:09:55:
5f:c7:1c:44:a6:88:45:4f:1f:a1:12:75:85:e0:02:8e:7d:db:
0f:86:4c:c3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVPwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjcwNDMwNDVaFw0yMzEyMjYwNDMwNDVaMBgxFjAU
BgNVBAMTDTY1NjQxYjc4LTc0ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDYiu0Kq8KP1Y1IoDiOKRplm/YmREQ9s3VFFaAAucmcKU3xZEgFO/EhmBRl
JqYcGOKDoFN6ZcANfX4TUxvHGRPrmz8FqAz5iy9xe3BTqypwR+kU/J8eCKSsFAXo
Nh8nDmqyWl99VTklPVqG6YVR4aGNMCWCUfE4SK8TLybvtXQRII96yrV7mFT8Ek/z
dojhnXY7tfcXc3Y7w7wlmhKVzUMgGrhUkFKELQ3Z3qCN5FoCJHBW3Fx4bnKoCqFA
DwBPxkMfc3S+B0rDVEZdPPhcTZzZs9+UGC3dwFc2SN+IyqiACUCrZBTPOMAyuxgd
0v3WuzCWsxJsYOUDc6UYltephy1NAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZ4lr
CurTtoRXUhE05Yf/reRYEw4wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0JEMzc1NzJDOENERDExRUU4OTg0MEQ2NTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACawn8wDQYJKoZIhvcNAQEL
BQADggEBAGdepzCslZIxrvYY49hWrAMOWKbLCfQqXXGAFIVWNAYsynLEuY4NA5Uv
bEDGi60JWygYDQNMJGWwcdILoPnkRbNtTpRuHSIInDWCH5ep0411ZFX4MH9hdBJh
GAhrJ48s5edNdWuhbYFT810CRN5s6sNcZCc077U+l8dzVq150qQ+VUpvhd/KbGZ2
C6OLxYdst725b2lU4gDGZtMwTmrnHiZuzJb0kuzOOpSTLxSjKc+B6zIb4ut6wnId
xNx5KYFHMqQRakMsm7ap54+1qUzzF7uebOpunelHl/ACYIc93X1MBN1sdHFRpTgJ
VV/HHESmiEVPH6ESdYXgAo592w+GTMM=
-----END CERTIFICATE-----
Generated at Fri May 9 11:03:10 2025 by rpki-client