Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C40073DCF68011EF9DE47C4E762E951A.roa
File: C40073DCF68011EF9DE47C4E762E951A.roa (raw, json)
Hash identifier: ujdl3XPnHta2bhv9EDPJzS6Q/B5E8YJuFAipfOQWPyw=
Subject key identifier: 3D:B5:B9:AE:62:BB:87:FF:6D:1A:A7:6F:78:A3:32:BD:76:4E:AB:66
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016DA1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C40073DCF68011EF9DE47C4E762E951A.roa
Signing time: Sat 01 Mar 2025 09:37:18 +0000
ROA not before: Sat 01 Mar 2025 09:37:14 +0000
ROA not after: Mon 31 Mar 2025 09:37:14 +0000
asID: 54600
IP address blocks: 154.202.192.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93601 (0x16da1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 09:37:14 2025 GMT
Not After : Mar 31 09:37:14 2025 GMT
Subject: CN=67c2d54e-6dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7b:1b:2c:67:47:8e:bd:67:24:99:18:43:94:
3d:ed:15:ba:ba:20:f6:d4:cd:3e:51:68:8a:3e:e3:
13:f3:4c:00:56:45:bc:c7:3a:7a:5e:d9:09:6b:4b:
a3:22:99:4f:d4:06:18:33:b9:a7:8e:14:22:9c:e9:
c3:fa:92:53:0a:5f:b9:a4:03:2d:9b:8b:cb:9e:b6:
90:d9:d4:63:90:f9:15:2d:72:62:6b:1e:f4:71:11:
d7:c1:72:7b:b4:50:5f:69:84:f2:19:d3:ab:a7:cb:
20:b8:4d:d3:73:d7:9c:2c:96:2d:10:37:c2:30:c5:
09:e7:bc:06:71:ab:79:f9:46:f5:d2:66:02:5b:f4:
f3:3f:55:17:c4:82:25:66:cf:c8:59:3e:7d:dd:cd:
ad:04:fa:26:ed:79:7c:fb:7d:fd:28:0b:35:13:9b:
2f:3a:66:58:93:c0:c5:4d:bf:0a:fb:44:1d:72:8f:
6a:7c:5e:a5:aa:6b:99:eb:16:86:09:c8:64:f7:e9:
97:67:bb:c3:e3:7e:2a:4e:a6:66:aa:73:f7:5e:40:
6a:5d:48:39:be:ee:35:4c:4c:63:ab:e5:76:52:ff:
25:33:01:9a:09:09:ce:21:da:91:d8:34:1a:3d:17:
0a:a2:90:db:16:65:01:b8:b6:db:06:6e:15:e4:4f:
5b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B5:B9:AE:62:BB:87:FF:6D:1A:A7:6F:78:A3:32:BD:76:4E:AB:66
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C40073DCF68011EF9DE47C4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
77:fc:70:37:5e:1e:8f:02:31:86:27:4e:1f:3e:60:ff:30:f1:
51:bb:6a:96:4e:5e:2c:3d:75:21:5e:37:f7:46:11:44:89:fa:
85:a9:18:28:75:94:ca:04:32:f9:2d:13:c4:5b:e4:7a:08:de:
34:2a:52:9d:17:c8:e8:01:20:73:e1:8c:e8:28:2b:f4:a6:f0:
77:27:a4:9e:67:e5:77:51:38:2d:34:8b:72:5a:d8:17:e5:b2:
98:86:69:ce:84:e3:fa:c0:61:94:17:56:83:75:ca:8c:c4:c0:
fc:3e:fe:a6:3a:86:32:37:cc:ab:68:59:ed:0a:e6:91:75:8f:
c8:ea:9e:58:bf:c3:59:ca:5a:7b:48:00:ea:81:a6:6a:99:53:
46:de:7d:54:ca:c5:ff:4a:03:52:d5:fe:44:d2:05:a0:ef:79:
2a:9e:00:d3:1f:a5:b6:9f:7f:d3:6b:19:d1:a4:e8:2a:64:e4:
29:61:d9:ab:98:b0:f0:62:c7:7d:5c:a3:93:39:e7:91:33:0b:
db:e9:ea:b9:fd:a1:3f:3c:8c:40:3d:4f:33:a8:b7:69:ba:7f:
31:92:99:a0:20:53:65:ad:31:ef:ce:3b:d0:2a:14:26:0b:f7:
73:d4:b0:c3:22:a7:28:b8:b0:56:1d:5f:fc:f3:9f:24:46:35:
55:29:31:98
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW2hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDkzNzE0WhcNMjUwMzMxMDkzNzE0WjAYMRYw
FAYDVQQDEw02N2MyZDU0ZS02ZGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyXsbLGdHjr1nJJkYQ5Q97RW6uiD21M0+UWiKPuMT80wAVkW8xzp6XtkJ
a0ujIplP1AYYM7mnjhQinOnD+pJTCl+5pAMtm4vLnraQ2dRjkPkVLXJiax70cRHX
wXJ7tFBfaYTyGdOrp8sguE3Tc9ecLJYtEDfCMMUJ57wGcat5+Ub10mYCW/TzP1UX
xIIlZs/IWT593c2tBPom7Xl8+339KAs1E5svOmZYk8DFTb8K+0Qdco9qfF6lqmuZ
6xaGCchk9+mXZ7vD434qTqZmqnP3XkBqXUg5vu41TExjq+V2Uv8lMwGaCQnOIdqR
2DQaPRcKopDbFmUBuLbbBm4V5E9bFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD21
ua5iu4f/bRqnb3ijMr12TqtmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNDAwNzNEQ0Y2ODAxMUVGOURFNDdDNEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmsrAMA0GCSqGSIb3DQEB
CwUAA4IBAQB3/HA3Xh6PAjGGJ04fPmD/MPFRu2qWTl4sPXUhXjf3RhFEifqFqRgo
dZTKBDL5LRPEW+R6CN40KlKdF8joASBz4YzoKCv0pvB3J6SeZ+V3UTgtNItyWtgX
5bKYhmnOhOP6wGGUF1aDdcqMxMD8Pv6mOoYyN8yraFntCuaRdY/I6p5Yv8NZylp7
SADqgaZqmVNG3n1UysX/SgNS1f5E0gWg73kqngDTH6W2n3/TaxnRpOgqZOQpYdmr
mLDwYsd9XKOTOeeRMwvb6eq5/aE/PIxAPU8zqLdpun8xkpmgIFNlrTHvzjvQKhQm
C/dz1LDDIqcouLBWHV/8858kRjVVKTGY
-----END CERTIFICATE-----
Generated at Fri May 9 21:54:53 2025 by rpki-client