Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD0C52EAF4EE11EFB01D4386762E951A.roa
File: CD0C52EAF4EE11EFB01D4386762E951A.roa (raw, json)
Hash identifier: Fpjpr7UT677QbCy4eiFgw7QIyx1zghb8Zwshdo4PP0Y=
Subject key identifier: 22:C8:1E:D0:D1:93:13:66:3F:CE:4D:78:5B:76:80:BC:8B:5A:55:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01674C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD0C52EAF4EE11EFB01D4386762E951A.roa
Signing time: Thu 27 Feb 2025 09:39:55 +0000
ROA not before: Thu 27 Feb 2025 09:39:48 +0000
ROA not after: Wed 26 Mar 2025 09:39:48 +0000
asID: 62240
IP address blocks: 154.196.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91980 (0x1674c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 09:39:48 2025 GMT
Not After : Mar 26 09:39:48 2025 GMT
Subject: CN=67c032eb-e658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:97:f2:84:e4:02:52:3d:a2:c2:8f:b0:58:7a:
7c:7e:a2:42:e5:00:85:44:62:c4:b2:f3:1a:5e:5e:
44:b2:db:60:0b:73:c2:43:37:3e:be:19:e8:3e:36:
88:a1:58:87:0e:65:cf:0c:2c:c7:6e:d7:f7:66:c9:
88:f1:a6:87:b6:50:2a:6c:5f:6d:24:b5:4e:d4:cd:
98:5f:30:2f:98:af:9b:13:e6:f6:75:65:75:75:2c:
64:d9:4f:0c:09:01:76:62:e6:a1:da:67:d1:67:2a:
ab:cd:a2:83:95:53:1b:7b:cf:dd:aa:1d:7c:e8:0d:
f3:12:44:35:3d:8c:47:b6:8e:c0:fa:2a:83:c6:18:
25:0b:a5:14:4d:7f:75:5b:e3:d2:82:d2:18:8f:bc:
7d:3c:ad:91:27:ef:15:72:22:0c:61:5e:29:a0:9a:
50:8a:a1:6f:b2:51:27:a7:b4:3f:63:14:2f:d1:c1:
3b:9a:42:d2:d0:50:08:79:f5:22:1c:ae:0f:04:f3:
23:36:33:9f:a7:a0:5f:6f:e6:c4:ad:06:2c:bd:02:
f3:80:2d:28:01:c2:31:6c:da:53:f1:99:16:b3:1f:
20:d4:45:85:bd:44:60:8b:65:c3:21:44:87:81:7f:
71:6a:40:75:f2:b6:fd:92:cc:f7:5a:cd:8b:13:bd:
e1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C8:1E:D0:D1:93:13:66:3F:CE:4D:78:5B:76:80:BC:8B:5A:55:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD0C52EAF4EE11EFB01D4386762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.86.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:b0:13:b9:04:02:1c:d3:a7:70:ba:49:73:98:d9:2b:49:1f:
d0:fc:64:88:8b:e4:40:81:fb:43:21:4f:23:9d:d3:e5:84:0d:
f8:01:99:b4:80:68:0f:cb:32:0e:f7:82:cd:a6:9f:4e:a0:75:
10:fc:7f:e4:c9:bd:d3:3d:5b:7a:ba:fa:a9:70:b1:78:12:e8:
4f:b8:aa:f4:dd:05:70:f7:ca:71:b5:42:e7:90:3d:9f:35:e6:
09:e8:4b:f9:a0:5b:de:76:aa:7a:03:dd:7b:40:32:f6:ff:ce:
07:38:31:d8:cc:19:43:36:26:5c:b2:1d:32:98:7e:4b:8e:3c:
bc:1f:c5:35:67:a3:e4:51:1c:0d:62:43:ce:71:6d:71:46:05:
5b:a1:c2:38:5d:eb:0f:ee:c2:03:57:85:38:b0:66:85:53:98:
b3:d2:23:86:c9:e9:d7:7e:a3:3c:c7:0c:35:61:ac:2b:32:28:
01:b1:59:e0:2d:66:76:01:4a:64:08:4c:50:ff:02:64:21:df:
91:b5:b5:18:06:97:ca:c1:3d:95:41:14:0c:ad:09:e1:82:4b:
61:b0:14:3a:1e:87:b4:70:8d:90:19:7b:96:13:88:04:9f:61:
1d:13:8e:a7:ae:25:e5:f5:ad:06:61:bd:6e:6d:21:d0:f2:4e:
77:09:ca:8a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWdMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDkzOTQ4WhcNMjUwMzI2MDkzOTQ4WjAYMRYw
FAYDVQQDEw02N2MwMzJlYi1lNjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqpfyhOQCUj2iwo+wWHp8fqJC5QCFRGLEsvMaXl5EsttgC3PCQzc+vhno
PjaIoViHDmXPDCzHbtf3ZsmI8aaHtlAqbF9tJLVO1M2YXzAvmK+bE+b2dWV1dSxk
2U8MCQF2Yuah2mfRZyqrzaKDlVMbe8/dqh186A3zEkQ1PYxHto7A+iqDxhglC6UU
TX91W+PSgtIYj7x9PK2RJ+8VciIMYV4poJpQiqFvslEnp7Q/YxQv0cE7mkLS0FAI
efUiHK4PBPMjNjOfp6Bfb+bErQYsvQLzgC0oAcIxbNpT8ZkWsx8g1EWFvURgi2XD
IUSHgX9xakB18rb9ksz3Ws2LE73hSwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCLI
HtDRkxNmP85NeFt2gLyLWlX+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRDBDNTJFQUY0RUUxMUVGQjAxRDQzODY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsRWMA0GCSqGSIb3DQEB
CwUAA4IBAQC0sBO5BAIc06dwuklzmNkrSR/Q/GSIi+RAgftDIU8jndPlhA34AZm0
gGgPyzIO94LNpp9OoHUQ/H/kyb3TPVt6uvqpcLF4EuhPuKr03QVw98pxtULnkD2f
NeYJ6Ev5oFvedqp6A917QDL2/84HODHYzBlDNiZcsh0ymH5Ljjy8H8U1Z6PkURwN
YkPOcW1xRgVbocI4XesP7sIDV4U4sGaFU5iz0iOGyenXfqM8xww1YawrMigBsVng
LWZ2AUpkCExQ/wJkId+RtbUYBpfKwT2VQRQMrQnhgkthsBQ6Hoe0cI2QGXuWE4gE
n2EdE46nriXl9a0GYb1ubSHQ8k53CcqK
-----END CERTIFICATE-----
Generated at Fri May 9 06:38:38 2025 by rpki-client