Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE9ADFD8F4D911EF80F67977762E951A.roa
File: CE9ADFD8F4D911EF80F67977762E951A.roa (raw, json)
Hash identifier: e0MIzkBv2TU5TrrT4Mi52ex+F/r2FqDmzvLzzP4t+Sk=
Subject key identifier: A6:F3:D0:06:4D:1D:32:28:ED:4F:4C:5E:71:FC:1C:B3:A6:26:E7:32
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016697
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE9ADFD8F4D911EF80F67977762E951A.roa
Signing time: Thu 27 Feb 2025 07:09:38 +0000
ROA not before: Thu 27 Feb 2025 07:09:35 +0000
ROA not after: Fri 28 Mar 2025 07:09:35 +0000
asID: 214413
IP address blocks: 154.193.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91799 (0x16697)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 27 07:09:35 2025 GMT
Not After : Mar 28 07:09:35 2025 GMT
Subject: CN=67c00fb2-597d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:82:d8:0b:ce:8f:86:86:08:66:b4:98:a4:13:
96:26:f5:7d:7e:99:3a:6b:46:03:76:93:b9:15:7f:
64:db:2a:d7:d4:36:cf:d3:16:69:09:a9:eb:72:53:
14:00:79:6c:e4:f5:0e:a4:37:f5:46:d2:d9:eb:f8:
59:0b:1d:42:60:df:fe:e7:22:94:1d:d6:62:f3:98:
21:ba:a3:ec:e0:8d:af:0a:dc:32:fe:f5:60:55:23:
f7:7b:e1:4c:ee:26:ee:f5:4d:b0:25:c8:36:d8:61:
6e:8b:17:13:62:cb:6c:4e:63:ad:cc:a2:bd:27:a1:
e8:20:d5:bd:c8:93:6c:43:f8:12:4f:54:25:cb:0d:
2d:67:0a:69:04:09:7d:9e:aa:60:34:13:c3:34:7f:
cf:3d:24:22:43:b9:9f:be:bc:68:f7:fc:56:37:22:
24:fe:61:ad:f3:b4:df:7f:d4:6a:95:17:61:69:be:
8a:eb:7a:a5:72:09:86:3b:08:b8:1e:4d:9a:5f:36:
a8:20:df:72:3c:19:3f:48:55:f3:0f:fc:7b:b7:a9:
7c:4b:8b:64:cc:dc:ce:04:6e:a1:f1:00:1a:f3:71:
18:22:e1:af:c0:cf:cd:52:c5:18:f3:ff:f0:dd:c3:
a0:5c:c5:a6:4c:c6:4a:37:c8:92:f2:4e:8a:ec:9a:
d1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F3:D0:06:4D:1D:32:28:ED:4F:4C:5E:71:FC:1C:B3:A6:26:E7:32
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE9ADFD8F4D911EF80F67977762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.176.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:32:f5:25:c0:c3:43:bd:59:ec:4c:7c:e6:51:31:62:1e:d9:
fb:09:26:f2:23:90:be:a0:73:34:16:e6:64:a8:94:e0:af:24:
84:45:f1:88:e2:09:25:f7:5b:ac:16:10:f4:6a:ac:19:ed:92:
52:c5:30:38:7e:a8:56:01:37:34:af:b7:2e:16:5a:62:4f:42:
30:17:8b:21:11:3c:e9:53:28:0e:97:88:f5:35:82:82:9d:65:
5e:71:3b:d6:f9:7c:55:9a:f9:5a:16:b3:f6:05:3d:c8:38:6b:
b9:1c:45:03:64:fb:df:1a:a0:86:20:55:7c:f3:8e:b3:97:a4:
61:de:21:a3:5c:10:38:62:2e:c1:78:99:a7:06:6d:95:a7:e0:
87:00:39:2a:7f:60:6e:9c:f5:65:62:41:ec:fb:26:80:a6:78:
ad:e4:fe:7c:af:2f:d2:7b:ea:84:b4:c5:a8:bb:29:e1:85:a4:
9e:c2:53:fe:d9:16:00:93:8a:77:06:02:8e:04:74:f5:b5:15:
64:a3:e4:2b:ff:8a:ad:93:36:4f:a1:b7:31:2a:d3:14:f1:52:
38:ab:39:45:42:22:ae:7f:20:3f:7d:ef:16:0f:76:d7:27:d9:
57:83:df:34:a9:3f:99:75:b4:a4:3b:cc:94:16:50:78:22:be:
9d:ad:1e:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWaXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDcwOTM1WhcNMjUwMzI4MDcwOTM1WjAYMRYw
FAYDVQQDEw02N2MwMGZiMi01OTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn4LYC86PhoYIZrSYpBOWJvV9fpk6a0YDdpO5FX9k2yrX1DbP0xZpCanr
clMUAHls5PUOpDf1RtLZ6/hZCx1CYN/+5yKUHdZi85ghuqPs4I2vCtwy/vVgVSP3
e+FM7ibu9U2wJcg22GFuixcTYstsTmOtzKK9J6HoINW9yJNsQ/gST1Qlyw0tZwpp
BAl9nqpgNBPDNH/PPSQiQ7mfvrxo9/xWNyIk/mGt87Tff9RqlRdhab6K63qlcgmG
Owi4Hk2aXzaoIN9yPBk/SFXzD/x7t6l8S4tkzNzOBG6h8QAa83EYIuGvwM/NUsUY
8//w3cOgXMWmTMZKN8iS8k6K7JrRFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKbz
0AZNHTIo7U9MXnH8HLOmJucyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRTlBREZEOEY0RDkxMUVGODBGNjc5Nzc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsGwMA0GCSqGSIb3DQEB
CwUAA4IBAQBcMvUlwMNDvVnsTHzmUTFiHtn7CSbyI5C+oHM0FuZkqJTgrySERfGI
4gkl91usFhD0aqwZ7ZJSxTA4fqhWATc0r7cuFlpiT0IwF4shETzpUygOl4j1NYKC
nWVecTvW+XxVmvlaFrP2BT3IOGu5HEUDZPvfGqCGIFV8846zl6Rh3iGjXBA4Yi7B
eJmnBm2Vp+CHADkqf2BunPVlYkHs+yaApnit5P58ry/Se+qEtMWouynhhaSewlP+
2RYAk4p3BgKOBHT1tRVko+Qr/4qtkzZPobcxKtMU8VI4qzlFQiKufyA/fe8WD3bX
J9lXg980qT+ZdbSkO8yUFlB4Ir6drR7W
-----END CERTIFICATE-----
Generated at Fri May 9 09:04:15 2025 by rpki-client