Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2E6667E901E11EEA0F92059D25BE465.roa
File: C2E6667E901E11EEA0F92059D25BE465.roa (raw, json)
Hash identifier: YzZYTL8/81qmfN33Npyr+0LH7dcdhFoIMG4e4FPph/M=
Subject key identifier: D4:B7:4B:3D:DC:9F:B8:11:A2:FD:A7:49:DF:01:5B:FB:AF:15:02:E8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 5701
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2E6667E901E11EEA0F92059D25BE465.roa
Signing time: Fri 01 Dec 2023 07:53:49 +0000
ROA not before: Fri 01 Dec 2023 07:53:46 +0000
ROA not after: Sun 04 Feb 2024 07:53:46 +0000
asID: 62240
IP address blocks: 154.194.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22273 (0x5701)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 1 07:53:46 2023 GMT
Not After : Feb 4 07:53:46 2024 GMT
Subject: CN=6569910d-c6b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9d:63:33:00:b7:20:c0:56:97:ae:83:09:4d:
49:c5:fa:ec:8d:17:9d:40:d8:02:ea:97:7b:bd:3d:
23:ca:6d:16:59:c2:74:23:66:e5:d2:67:b9:40:79:
31:17:f1:26:69:f9:49:69:fb:bb:7d:44:28:62:af:
b6:9c:ef:42:1c:a8:7c:18:0d:5c:30:07:69:bf:24:
0c:42:67:a8:71:52:8c:18:bb:a8:ba:0d:78:dc:96:
1f:39:70:f8:f6:45:fa:1f:55:ea:60:14:ab:df:a9:
4c:89:da:3c:74:c7:df:c3:9b:40:b8:3d:34:35:44:
83:c5:66:41:ff:69:04:96:22:28:86:b0:9e:80:59:
24:5b:db:cf:14:de:74:54:7c:9d:68:d3:5b:39:91:
0d:0e:00:00:eb:61:39:bd:2e:dc:f1:31:aa:1b:9c:
13:0c:57:46:f8:66:13:32:f3:6f:2d:5c:ec:5f:9c:
9b:fb:53:9e:38:f5:7b:8e:83:b6:76:df:a8:50:d8:
b2:b9:87:ba:6c:04:79:13:12:56:4c:8a:0a:bf:bf:
e2:db:3b:b1:7c:3a:c3:96:a8:e7:39:ed:03:5d:ff:
20:cf:eb:96:7e:71:68:47:53:ea:dd:bb:5d:c6:8c:
f7:1d:c6:50:bd:6d:2f:3b:5c:4c:ff:cf:49:5f:00:
04:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B7:4B:3D:DC:9F:B8:11:A2:FD:A7:49:DF:01:5B:FB:AF:15:02:E8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2E6667E901E11EEA0F92059D25BE465.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.45.0/24
Signature Algorithm: sha256WithRSAEncryption
30:31:57:ae:ce:c5:c9:49:91:59:be:68:b2:e8:ae:b5:61:8d:
e8:3a:21:6e:d5:bc:93:2a:db:97:09:9d:0f:9a:77:b2:94:3f:
ee:1b:79:03:55:c9:af:be:7d:ce:2d:90:94:3d:96:22:d4:b2:
48:64:9c:22:cb:9d:4f:65:73:25:96:56:1f:4b:4b:f8:78:15:
8d:fd:5c:10:cd:45:2b:d6:6c:74:03:f0:84:90:90:97:8d:a1:
d8:36:7d:87:c7:85:0e:9d:57:85:0b:62:c0:11:b7:8c:8e:f9:
90:69:c1:ef:8c:58:95:59:4a:93:b7:b9:a8:5f:d7:6c:e3:a3:
45:f9:53:31:60:2d:f5:49:7b:0b:25:05:b5:2f:24:f2:52:3d:
96:76:5e:a4:c5:d2:d8:40:4a:3b:40:73:c0:a4:52:b1:a3:d2:
35:54:a0:98:5a:ed:35:a7:ad:cc:a5:05:8a:54:cb:82:42:30:
d0:80:a0:d8:b0:f8:ac:d6:cd:e1:51:fc:bd:e0:8a:ad:79:cf:
78:83:f4:d5:e9:2d:0c:a3:f2:a3:45:90:d2:88:9b:82:ce:ed:
25:f1:f2:fc:f3:58:ab:f9:0c:e3:df:26:59:75:6a:65:4e:1e:
dc:f4:9c:b3:af:26:11:4a:92:75:99:9f:ea:70:20:72:cc:b8:
a9:d0:0c:e4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVwEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzEyMDEwNzUzNDZaFw0yNDAyMDQwNzUzNDZaMBgxFjAU
BgNVBAMTDTY1Njk5MTBkLWM2YjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9nWMzALcgwFaXroMJTUnF+uyNF51A2ALql3u9PSPKbRZZwnQjZuXSZ7lA
eTEX8SZp+Ulp+7t9RChir7ac70IcqHwYDVwwB2m/JAxCZ6hxUowYu6i6DXjclh85
cPj2RfofVepgFKvfqUyJ2jx0x9/Dm0C4PTQ1RIPFZkH/aQSWIiiGsJ6AWSRb288U
3nRUfJ1o01s5kQ0OAADrYTm9LtzxMaobnBMMV0b4ZhMy828tXOxfnJv7U5449XuO
g7Z236hQ2LK5h7psBHkTElZMigq/v+LbO7F8OsOWqOc57QNd/yDP65Z+cWhHU+rd
u13GjPcdxlC9bS87XEz/z0lfAAQlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU1LdL
PdyfuBGi/adJ3wFb+68VAugwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0MyRTY2NjdFOTAxRTExRUVBMEY5MjA1OUQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACawi0wDQYJKoZIhvcNAQEL
BQADggEBADAxV67OxclJkVm+aLLorrVhjeg6IW7VvJMq25cJnQ+ad7KUP+4beQNV
ya++fc4tkJQ9liLUskhknCLLnU9lcyWWVh9LS/h4FY39XBDNRSvWbHQD8ISQkJeN
odg2fYfHhQ6dV4ULYsARt4yO+ZBpwe+MWJVZSpO3uahf12zjo0X5UzFgLfVJewsl
BbUvJPJSPZZ2XqTF0thASjtAc8CkUrGj0jVUoJha7TWnrcylBYpUy4JCMNCAoNiw
+KzWzeFR/L3giq15z3iD9NXpLQyj8qNFkNKIm4LO7SXx8vzzWKv5DOPfJll1amVO
Htz0nLOvJhFKknWZn+pwIHLMuKnQDOQ=
-----END CERTIFICATE-----
Generated at Fri May 9 11:22:01 2025 by rpki-client