Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDA0BE6EF5B911EF8D3B4878762E951A.roa
File: CDA0BE6EF5B911EF8D3B4878762E951A.roa (raw, json)
Hash identifier: lkecDKEeqrkUArHEtWeGTYwid96hPjrpBCUcv59do2o=
Subject key identifier: 0D:8A:9D:09:7A:68:AD:CC:A8:E7:28:C6:89:3C:8A:93:95:D9:F6:04
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016A63
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDA0BE6EF5B911EF8D3B4878762E951A.roa
Signing time: Fri 28 Feb 2025 09:53:04 +0000
ROA not before: Fri 28 Feb 2025 09:53:00 +0000
ROA not after: Mon 31 Mar 2025 09:53:00 +0000
asID: 54600
IP address blocks: 154.202.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92771 (0x16a63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 09:53:00 2025 GMT
Not After : Mar 31 09:53:00 2025 GMT
Subject: CN=67c18780-48ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e2:5e:f4:f7:eb:af:0e:b9:97:c8:4e:3e:48:
76:2d:d4:89:a8:e5:05:b5:8c:a2:1d:9c:a2:be:3b:
fc:e0:b1:0d:41:dc:85:d3:49:1c:be:73:58:17:99:
40:33:07:02:c3:57:62:35:ea:74:b2:c3:93:0d:a9:
1f:21:5f:18:8d:8c:e5:9b:21:98:d1:90:58:e4:1d:
5a:9e:72:e6:44:02:03:42:c9:3c:06:42:ad:18:b5:
51:66:de:bc:75:de:ae:3c:cf:24:c4:85:5a:bb:aa:
8a:55:b9:cf:6c:cb:af:5a:a7:bf:f2:c0:e7:27:6c:
df:45:49:5d:f9:ac:0b:6f:58:0b:9c:d7:db:66:75:
ce:19:70:27:d3:ac:5e:d8:7d:71:0b:98:ab:fd:f4:
b3:f6:dc:e8:89:78:b4:be:a9:90:8a:1e:02:b4:fa:
39:03:d9:f9:e4:c5:7b:c9:a8:5e:45:aa:97:af:9b:
44:22:5d:c0:a8:df:e5:ec:99:66:a3:b5:0e:b0:7d:
9f:a4:d0:d9:06:d0:49:94:96:ff:72:1b:0f:4d:15:
6b:78:7e:4d:46:c5:fe:c0:3f:c7:4b:12:a6:86:d5:
36:e8:04:9a:e9:90:fa:42:32:96:f5:6e:7b:d1:b3:
d1:99:35:89:7b:68:c1:8b:cf:95:7f:7b:ed:3c:54:
3e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:8A:9D:09:7A:68:AD:CC:A8:E7:28:C6:89:3C:8A:93:95:D9:F6:04
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDA0BE6EF5B911EF8D3B4878762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.224.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:7f:70:30:8a:a2:08:1d:01:58:09:c6:8c:c3:68:fe:48:85:
b4:0a:8a:e8:ad:70:3f:ed:81:56:61:9c:de:9a:9f:f2:57:1c:
f8:49:03:6f:63:07:8c:dc:a4:98:1c:10:9f:5e:42:81:e7:5c:
d8:9d:b0:46:09:d3:33:64:6b:62:ef:cf:9e:fd:6a:85:68:35:
ee:6d:24:f2:5d:27:d8:e1:a6:cc:22:c6:41:78:0d:4e:f6:98:
bb:7d:ad:97:e5:05:e8:5e:b9:0a:d7:d9:58:84:52:69:30:e0:
1f:0d:a8:08:66:a6:d3:8e:13:d7:19:ba:f9:5d:49:f6:79:df:
96:4e:1b:c8:00:bd:81:48:52:92:df:79:ba:b4:22:56:ff:ca:
bd:18:85:b7:20:60:3a:99:dc:b7:47:c8:7f:40:df:2d:32:91:
4f:88:28:1b:5b:77:7c:6f:bd:7a:b8:11:70:b5:56:00:d5:05:
ec:e4:6f:38:50:30:49:ea:03:3a:6d:78:26:97:cf:c0:21:c0:
f5:d0:b1:e3:bb:bb:57:6e:ab:f4:9b:b8:a5:6e:b4:c5:56:fd:
64:11:a4:8e:dd:c6:6a:c6:4d:78:94:f2:6e:39:f7:d0:76:fb:
43:85:8e:c7:07:10:32:85:cf:d2:06:0e:3f:96:86:d9:a1:bf:
09:db:bf:60
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWpjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MDk1MzAwWhcNMjUwMzMxMDk1MzAwWjAYMRYw
FAYDVQQDEw02N2MxODc4MC00OGFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAruJe9Pfrrw65l8hOPkh2LdSJqOUFtYyiHZyivjv84LENQdyF00kcvnNY
F5lAMwcCw1diNep0ssOTDakfIV8YjYzlmyGY0ZBY5B1annLmRAIDQsk8BkKtGLVR
Zt68dd6uPM8kxIVau6qKVbnPbMuvWqe/8sDnJ2zfRUld+awLb1gLnNfbZnXOGXAn
06xe2H1xC5ir/fSz9tzoiXi0vqmQih4CtPo5A9n55MV7yaheRaqXr5tEIl3AqN/l
7Jlmo7UOsH2fpNDZBtBJlJb/chsPTRVreH5NRsX+wD/HSxKmhtU26ASa6ZD6QjKW
9W570bPRmTWJe2jBi8+Vf3vtPFQ+aQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA2K
nQl6aK3MqOcoxok8ipOV2fYEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DREEwQkU2RUY1QjkxMUVGOEQzQjQ4Nzg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsrgMA0GCSqGSIb3DQEB
CwUAA4IBAQAPf3AwiqIIHQFYCcaMw2j+SIW0CororXA/7YFWYZzemp/yVxz4SQNv
YweM3KSYHBCfXkKB51zYnbBGCdMzZGti78+e/WqFaDXubSTyXSfY4abMIsZBeA1O
9pi7fa2X5QXoXrkK19lYhFJpMOAfDagIZqbTjhPXGbr5XUn2ed+WThvIAL2BSFKS
33m6tCJW/8q9GIW3IGA6mdy3R8h/QN8tMpFPiCgbW3d8b716uBFwtVYA1QXs5G84
UDBJ6gM6bXgml8/AIcD10LHju7tXbqv0m7ilbrTFVv1kEaSO3cZqxk14lPJuOffQ
dvtDhY7HBxAyhc/SBg4/lobZob8J279g
-----END CERTIFICATE-----
Generated at Fri May 9 06:38:34 2025 by rpki-client