Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2B28B0C8CDE11EE87D7A2684AD9E6FC.roa
File: D2B28B0C8CDE11EE87D7A2684AD9E6FC.roa (raw, json)
Hash identifier: lCF8r0QSf9D9KtnDneZGKbL3Rai/soP7aKLsgv3ed3E=
Subject key identifier: 59:F1:04:82:BB:4B:90:4A:B3:56:0C:85:DA:EA:59:2A:85:97:44:9E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 5515
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2B28B0C8CDE11EE87D7A2684AD9E6FC.roa
Signing time: Mon 27 Nov 2023 04:38:34 +0000
ROA not before: Mon 27 Nov 2023 04:38:31 +0000
ROA not after: Tue 26 Dec 2023 04:38:31 +0000
asID: 62240
IP address blocks: 154.196.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21781 (0x5515)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 27 04:38:31 2023 GMT
Not After : Dec 26 04:38:31 2023 GMT
Subject: CN=65641d4a-09a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a3:b5:b4:35:19:8d:fc:49:82:18:58:66:ff:
c1:72:62:39:a4:e1:a0:52:59:1a:e0:6d:f8:90:d7:
a7:86:4b:0e:39:f1:ab:dc:e0:02:2a:46:0e:ed:ff:
48:7b:2a:48:e8:ba:0e:df:9b:91:74:c5:a3:75:0b:
3c:e8:a0:30:3c:5f:2b:9a:09:09:7b:9e:8c:d2:ca:
a9:9d:e2:6e:d3:9d:fd:b8:ab:57:aa:1c:f2:9d:a4:
ff:c8:b6:01:94:dd:bc:00:a8:0f:f4:d3:a8:9a:fe:
4c:6d:ea:05:db:97:5d:ac:33:3f:82:6f:c1:59:f2:
ec:dc:10:d3:ce:6b:be:f4:de:58:9e:5a:33:c0:fd:
c8:9c:ec:c2:5c:b5:9a:15:3f:15:a6:0b:ab:e0:c6:
2e:a2:8c:34:07:56:b4:9b:f4:d9:02:de:74:48:97:
dd:b5:52:de:40:cc:6b:2e:7a:a7:57:da:36:dc:b4:
47:5b:5b:71:29:66:71:3e:88:27:38:f5:cc:bc:74:
63:67:b5:82:b1:f1:74:28:85:20:4f:b2:f1:ce:42:
c7:f8:1d:7e:52:c2:0c:1c:59:40:e2:17:38:ca:74:
e7:73:e2:e6:39:35:36:ba:e7:ad:41:a2:c2:4d:58:
04:8d:33:4a:29:14:a6:d9:a4:fa:ed:69:af:c4:08:
c0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F1:04:82:BB:4B:90:4A:B3:56:0C:85:DA:EA:59:2A:85:97:44:9E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2B28B0C8CDE11EE87D7A2684AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.73.0/24
Signature Algorithm: sha256WithRSAEncryption
23:5a:db:c6:f8:21:d0:18:69:41:48:81:f4:cf:f2:aa:9c:cf:
62:e9:af:c0:a7:5a:75:31:25:eb:ee:87:d8:f4:45:ab:6b:2e:
f1:63:11:39:9a:3b:cf:69:0f:d7:d2:39:ad:e9:2f:e9:db:b1:
15:dd:20:a0:3a:96:6c:e7:28:44:f7:44:66:17:eb:80:68:15:
f9:25:db:b1:18:0a:a6:90:d1:40:00:c5:3d:f9:b8:ff:9d:19:
5e:e0:ef:4d:97:b4:0d:80:46:00:c9:ee:b4:bd:52:19:96:ba:
7b:de:6f:ce:51:31:ec:67:82:f6:81:25:41:c2:30:40:81:37:
c9:90:40:60:88:81:6d:af:86:c0:6b:41:15:10:aa:37:e8:9a:
36:a8:23:73:c7:19:21:14:92:a5:d2:02:9b:d5:76:4a:c6:20:
cf:16:2c:8a:08:6c:7a:2d:88:0c:21:e7:22:21:4f:ba:5c:b6:
6a:16:6e:de:f3:b9:85:9d:c2:7c:15:07:fa:0a:ed:9f:46:42:
ee:2c:7b:07:a1:2b:b0:00:0e:5e:ce:b0:40:f9:0b:7e:a3:59:
ff:c8:fd:a8:5e:24:cc:7c:f6:0e:7c:25:35:4c:05:31:d0:67:
bd:6e:b4:98:0f:f4:24:b4:77:c7:b5:19:94:67:7f:7a:bf:4f:
9e:5b:22:8f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVRUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjcwNDM4MzFaFw0yMzEyMjYwNDM4MzFaMBgxFjAU
BgNVBAMTDTY1NjQxZDRhLTA5YTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQo7W0NRmN/EmCGFhm/8FyYjmk4aBSWRrgbfiQ16eGSw458avc4AIqRg7t
/0h7Kkjoug7fm5F0xaN1CzzooDA8XyuaCQl7nozSyqmd4m7Tnf24q1eqHPKdpP/I
tgGU3bwAqA/006ia/kxt6gXbl12sMz+Cb8FZ8uzcENPOa7703lieWjPA/cic7MJc
tZoVPxWmC6vgxi6ijDQHVrSb9NkC3nRIl921Ut5AzGsueqdX2jbctEdbW3EpZnE+
iCc49cy8dGNntYKx8XQohSBPsvHOQsf4HX5SwgwcWUDiFzjKdOdz4uY5NTa6561B
osJNWASNM0opFKbZpPrtaa/ECMBdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUWfEE
grtLkEqzVgyF2upZKoWXRJ4wHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0QyQjI4QjBDOENERTExRUU4N0Q3QTI2ODRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaxEkwDQYJKoZIhvcNAQEL
BQADggEBACNa28b4IdAYaUFIgfTP8qqcz2Lpr8CnWnUxJevuh9j0RatrLvFjETma
O89pD9fSOa3pL+nbsRXdIKA6lmznKET3RGYX64BoFfkl27EYCqaQ0UAAxT35uP+d
GV7g702XtA2ARgDJ7rS9UhmWunveb85RMexngvaBJUHCMECBN8mQQGCIgW2vhsBr
QRUQqjfomjaoI3PHGSEUkqXSApvVdkrGIM8WLIoIbHotiAwh5yIhT7pctmoWbt7z
uYWdwnwVB/oK7Z9GQu4sewehK7AADl7OsED5C36jWf/I/aheJMx89g58JTVMBTHQ
Z71utJgP9CS0d8e1GZRnf3q/T55bIo8=
-----END CERTIFICATE-----
Generated at Fri May 9 10:54:57 2025 by rpki-client