Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D01C5DB0F1D611EF8938F66F762E951A.roa
File: D01C5DB0F1D611EF8938F66F762E951A.roa (raw, json)
Hash identifier: nETaK9n/vjI/MbRgCR8NWkYhODvUqeYJEbYgjY/Gxdw=
Subject key identifier: 11:44:B6:DF:9D:34:A8:2C:51:21:AA:06:B1:BF:27:C3:22:31:E2:02
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015B4D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D01C5DB0F1D611EF8938F66F762E951A.roa
Signing time: Sun 23 Feb 2025 11:10:39 +0000
ROA not before: Sun 23 Feb 2025 11:10:35 +0000
ROA not after: Wed 26 Mar 2025 11:10:35 +0000
asID: 142032
IP address blocks: 154.201.64.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88909 (0x15b4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 23 11:10:35 2025 GMT
Not After : Mar 26 11:10:35 2025 GMT
Subject: CN=67bb022f-ea64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:31:14:a7:b6:74:7d:31:59:bd:d9:d9:d2:83:
2b:53:6d:fb:0f:14:4f:42:9e:a4:ce:d9:04:71:61:
a4:e5:95:64:c4:8b:b1:8c:7b:6f:a7:78:cb:51:b5:
0e:62:18:a2:a1:b8:ca:be:24:05:3e:32:a5:2a:a2:
cc:6e:df:6f:41:a8:23:ac:8f:1e:10:86:ac:75:95:
20:8e:0a:47:5a:98:ef:c9:a7:7f:44:2e:8e:c8:63:
6d:1c:f3:07:04:90:d9:bf:0e:6c:5b:e6:66:49:d4:
6b:b2:97:07:a8:3b:f0:cf:4d:84:0f:67:38:e4:15:
00:17:1a:d4:a5:fa:8a:54:86:99:bf:43:ae:77:b7:
60:f8:bf:8c:b3:39:9c:4f:cb:f3:33:8b:ea:5c:82:
a8:5d:ca:88:5a:9b:4e:90:f4:a5:85:aa:6c:b1:e9:
cc:5a:ae:99:4c:64:e8:de:21:27:8f:a9:c3:1e:26:
11:96:04:1e:1c:a7:12:d6:ee:ff:e9:62:08:31:7e:
88:fb:53:45:0c:22:ba:48:8a:55:c2:8c:d9:79:a0:
cd:3d:f4:c0:57:8a:07:ca:5a:bf:d3:2e:a8:c6:ea:
53:f9:79:53:51:76:d1:f0:73:4f:1f:8c:79:68:b2:
31:b5:a2:18:41:7b:52:83:97:72:48:a6:99:b8:d8:
c2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:44:B6:DF:9D:34:A8:2C:51:21:AA:06:B1:BF:27:C3:22:31:E2:02
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D01C5DB0F1D611EF8938F66F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.64.0/19
Signature Algorithm: sha256WithRSAEncryption
5e:31:d2:92:ae:be:72:9e:b7:27:4a:c3:89:bb:21:0b:47:fe:
d1:f5:72:b4:c6:95:ed:81:c4:7d:37:fb:ca:ed:5b:3b:54:41:
01:9d:d7:55:61:98:8c:68:4a:94:39:60:b5:ac:58:5b:75:31:
0c:2c:9e:ea:cb:8e:e6:ef:d8:12:fb:ea:f1:33:db:43:74:cc:
5a:0c:5e:72:12:b6:1e:c9:02:56:04:cb:e7:a6:23:a4:7a:f3:
aa:04:ee:86:48:5d:4d:84:26:36:c3:8c:a2:d4:47:8a:fd:bb:
c6:c7:94:0d:ee:7c:2a:61:fe:bc:8b:f5:5c:59:10:c0:8e:4d:
5f:21:a3:c0:40:3b:30:e4:1c:c1:38:5c:6e:49:d8:b7:1f:d6:
78:05:9b:0f:09:08:54:7c:08:72:c5:ab:77:2a:31:bd:92:32:
c5:a7:10:c6:67:13:86:95:f4:27:1d:37:64:de:e2:65:73:9a:
80:e9:29:c3:cf:0d:bd:10:36:7e:72:a3:4e:85:90:c8:2e:bb:
fa:6e:af:3a:75:06:ab:68:a0:ba:d5:d0:b6:55:6a:08:ed:16:
5b:c4:b0:6e:91:b4:53:4d:84:83:f3:b7:29:5b:bf:91:53:52:
8e:90:1d:a2:eb:2b:b8:4b:0e:1c:7b:6b:46:a8:cb:41:bc:f9:
b3:bd:75:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVtNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIzMTExMDM1WhcNMjUwMzI2MTExMDM1WjAYMRYw
FAYDVQQDEw02N2JiMDIyZi1lYTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsjEUp7Z0fTFZvdnZ0oMrU237DxRPQp6kztkEcWGk5ZVkxIuxjHtvp3jL
UbUOYhiiobjKviQFPjKlKqLMbt9vQagjrI8eEIasdZUgjgpHWpjvyad/RC6OyGNt
HPMHBJDZvw5sW+ZmSdRrspcHqDvwz02ED2c45BUAFxrUpfqKVIaZv0Oud7dg+L+M
szmcT8vzM4vqXIKoXcqIWptOkPSlhapssenMWq6ZTGTo3iEnj6nDHiYRlgQeHKcS
1u7/6WIIMX6I+1NFDCK6SIpVwozZeaDNPfTAV4oHylq/0y6oxupT+XlTUXbR8HNP
H4x5aLIxtaIYQXtSg5dySKaZuNjCRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBFE
tt+dNKgsUSGqBrG/J8MiMeICMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMDFDNURCMEYxRDYxMUVGODkzOEY2NkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQBeMdKSrr5ynrcnSsOJuyELR/7R9XK0xpXtgcR9N/vK7Vs7VEEBnddV
YZiMaEqUOWC1rFhbdTEMLJ7qy47m79gS++rxM9tDdMxaDF5yErYeyQJWBMvnpiOk
evOqBO6GSF1NhCY2w4yi1EeK/bvGx5QN7nwqYf68i/VcWRDAjk1fIaPAQDsw5BzB
OFxuSdi3H9Z4BZsPCQhUfAhyxat3KjG9kjLFpxDGZxOGlfQnHTdk3uJlc5qA6SnD
zw29EDZ+cqNOhZDILrv6bq86dQaraKC61dC2VWoI7RZbxLBukbRTTYSD87cpW7+R
U1KOkB2i6yu4Sw4ce2tGqMtBvPmzvXUI
-----END CERTIFICATE-----
Generated at Fri May 9 06:40:28 2025 by rpki-client