Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB942AB28CE111EEB7FD1B724AD9E6FC.roa
File: CB942AB28CE111EEB7FD1B724AD9E6FC.roa (raw, json)
Hash identifier: BKlKdsWg2Md8J/4UnGiEMNEHI4Lmc/sgqxvPqeQDkTs=
Subject key identifier: 8C:69:6F:06:CD:03:F9:1D:F0:B5:6A:A3:53:F6:12:BB:76:2F:87:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 554C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB942AB28CE111EEB7FD1B724AD9E6FC.roa
Signing time: Mon 27 Nov 2023 04:59:51 +0000
ROA not before: Mon 27 Nov 2023 04:59:47 +0000
ROA not after: Tue 26 Dec 2023 04:59:47 +0000
asID: 62240
IP address blocks: 154.194.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21836 (0x554c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 27 04:59:47 2023 GMT
Not After : Dec 26 04:59:47 2023 GMT
Subject: CN=65642246-a3cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:95:b0:74:f0:ef:6d:40:80:dd:de:a6:56:b3:
a2:58:c0:8e:6a:b2:cf:a8:d1:f7:54:06:ee:87:73:
cf:76:68:ae:91:9e:32:61:1e:a9:23:b0:05:0b:54:
a3:1e:0d:d7:4f:76:e4:1a:e1:86:31:1e:59:8a:40:
ac:a4:26:7c:81:3a:af:ee:59:6a:27:ea:ca:cb:64:
f4:22:df:39:b1:dd:52:c0:45:4c:b3:16:1f:77:a9:
fe:2f:96:ad:82:11:72:62:63:b8:11:76:5c:b6:e3:
8f:03:2a:41:9f:ac:fe:a9:b4:a0:e2:89:9c:9c:a7:
34:42:00:b8:43:8e:d6:a2:28:6d:22:25:c6:73:3c:
46:43:9c:92:32:1f:da:15:8d:e7:ad:7b:68:7c:b9:
80:39:cb:31:f9:97:4d:af:9e:33:c8:b3:aa:e8:91:
81:47:a2:92:25:0e:09:66:d4:9d:f0:ec:5a:e5:ba:
a3:fc:0d:42:52:11:30:d5:96:c6:48:1c:86:5e:18:
2f:81:c7:ae:37:da:87:85:f0:3a:7a:6d:18:14:4d:
c1:03:67:aa:68:e7:65:48:55:bd:bb:60:ea:70:ac:
c9:3e:e4:62:0f:7f:31:43:33:c0:3b:88:8c:db:9f:
b8:93:9f:3c:64:94:8b:ec:1f:94:cf:03:fa:17:c0:
16:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:69:6F:06:CD:03:F9:1D:F0:B5:6A:A3:53:F6:12:BB:76:2F:87:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB942AB28CE111EEB7FD1B724AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.99.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:9a:a3:e9:b9:6b:69:f1:a3:40:2e:54:76:4b:56:7f:0c:df:
25:7d:33:ab:ea:f2:3d:97:44:a9:dc:66:1b:08:6e:b3:73:3a:
b4:1f:0b:71:e9:10:ee:07:51:61:b5:9c:e8:90:6e:6a:85:66:
37:3b:a5:4f:80:9e:f5:8b:07:54:74:a4:bc:b3:f3:99:0f:96:
b0:c7:0d:b1:ab:72:77:54:a8:cf:8d:2a:ed:36:2d:a4:35:c4:
8d:08:cb:a4:7b:2c:67:83:27:5f:8b:d9:83:08:a6:77:bf:d3:
14:f1:98:1b:54:b0:55:27:95:b4:29:4c:4e:11:a0:9c:fe:b6:
8e:86:f8:94:92:e4:1d:47:43:33:81:06:cf:cf:be:34:c5:65:
06:5e:ea:c7:9e:b2:e0:30:64:e3:7c:32:68:95:24:4e:e8:5d:
df:4c:e2:d3:a9:6e:d2:b3:15:06:02:95:4b:ac:32:d7:36:b8:
35:87:a9:d6:da:22:e1:70:df:1a:e0:1d:b2:36:31:bb:7d:56:
b9:fd:3d:36:3c:6c:1a:be:47:dc:6a:4c:4c:d1:c6:02:b0:03:
60:64:72:59:f4:46:5f:61:13:fa:f7:71:83:18:06:0b:3a:58:
ef:a8:46:57:10:91:b2:ae:01:76:3a:06:85:54:da:11:38:2f:
35:18:47:0a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVUwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjcwNDU5NDdaFw0yMzEyMjYwNDU5NDdaMBgxFjAU
BgNVBAMTDTY1NjQyMjQ2LWEzY2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCalbB08O9tQIDd3qZWs6JYwI5qss+o0fdUBu6Hc892aK6RnjJhHqkjsAUL
VKMeDddPduQa4YYxHlmKQKykJnyBOq/uWWon6srLZPQi3zmx3VLARUyzFh93qf4v
lq2CEXJiY7gRdly2448DKkGfrP6ptKDiiZycpzRCALhDjtaiKG0iJcZzPEZDnJIy
H9oVjeete2h8uYA5yzH5l02vnjPIs6rokYFHopIlDglm1J3w7FrluqP8DUJSETDV
lsZIHIZeGC+Bx6432oeF8Dp6bRgUTcEDZ6po52VIVb27YOpwrMk+5GIPfzFDM8A7
iIzbn7iTnzxklIvsH5TPA/oXwBZ7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUjGlv
Bs0D+R3wtWqjU/YSu3Yvhw4wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0NCOTQyQUIyOENFMTExRUVCN0ZEMUI3MjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACawmMwDQYJKoZIhvcNAQEL
BQADggEBAG6ao+m5a2nxo0AuVHZLVn8M3yV9M6vq8j2XRKncZhsIbrNzOrQfC3Hp
EO4HUWG1nOiQbmqFZjc7pU+AnvWLB1R0pLyz85kPlrDHDbGrcndUqM+NKu02LaQ1
xI0Iy6R7LGeDJ1+L2YMIpne/0xTxmBtUsFUnlbQpTE4RoJz+to6G+JSS5B1HQzOB
Bs/PvjTFZQZe6seesuAwZON8MmiVJE7oXd9M4tOpbtKzFQYClUusMtc2uDWHqdba
IuFw3xrgHbI2Mbt9Vrn9PTY8bBq+R9xqTEzRxgKwA2Bkcln0Rl9hE/r3cYMYBgs6
WO+oRlcQkbKuAXY6BoVU2hE4LzUYRwo=
-----END CERTIFICATE-----
Generated at Fri May 9 10:44:06 2025 by rpki-client