Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D44B7C328A8E11EE9C9A00864AD9E6FC.roa
File: D44B7C328A8E11EE9C9A00864AD9E6FC.roa (raw, json)
Hash identifier: x48zVW0Xg82Bh14xjpYZue8eNr1viqNgt0x9QKSehCs=
Subject key identifier: 18:B7:08:92:30:8C:CF:D8:9F:45:64:8A:60:01:F3:B5:37:8E:28:D5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 537A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D44B7C328A8E11EE9C9A00864AD9E6FC.roa
Signing time: Fri 24 Nov 2023 06:00:55 +0000
ROA not before: Fri 24 Nov 2023 06:00:51 +0000
ROA not after: Tue 26 Dec 2023 06:00:51 +0000
asID: 62240
IP address blocks: 154.195.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21370 (0x537a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 24 06:00:51 2023 GMT
Not After : Dec 26 06:00:51 2023 GMT
Subject: CN=65603c17-4068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e7:88:dd:75:01:1d:99:ba:ea:b7:ef:1f:4c:
73:4e:49:76:66:e4:8b:20:14:6a:27:2f:6f:a8:e4:
2b:ab:f5:7f:32:08:48:bd:4f:e9:f3:89:cd:36:1b:
08:de:53:92:37:ed:e8:d6:44:c9:f6:5f:c6:8e:72:
1b:34:3c:a9:a7:02:24:d4:88:84:6e:d2:d4:16:35:
87:11:66:d6:14:c4:99:6c:f9:d2:30:0e:45:77:56:
e8:4d:8a:3d:7b:5f:9f:37:b9:a7:03:5c:57:40:4f:
18:d6:ed:d5:5b:2f:b8:37:e5:67:81:90:4e:13:fc:
ee:a6:45:7a:4b:74:ad:16:81:93:46:93:30:9c:fe:
e0:04:56:e4:fd:33:f2:74:e5:c4:22:8b:1c:3f:58:
0a:52:01:62:29:e3:d2:e3:5e:0f:47:e0:55:1f:3a:
22:dd:6f:4a:e3:01:95:1f:fa:e8:5e:af:02:63:08:
11:c0:48:5b:dc:7e:97:30:05:0b:9f:d8:e5:24:e9:
68:37:54:aa:b9:85:eb:5a:9f:e8:88:a3:4c:33:f6:
cf:c2:6f:cf:af:80:b8:d3:63:b0:50:aa:25:43:4d:
14:a4:4c:33:39:4f:64:58:35:bf:c6:45:ed:b2:66:
ac:9f:fc:ba:1c:a2:42:c1:4f:93:50:f5:02:68:ca:
08:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:B7:08:92:30:8C:CF:D8:9F:45:64:8A:60:01:F3:B5:37:8E:28:D5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D44B7C328A8E11EE9C9A00864AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.130.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:90:2b:ad:49:3a:13:99:1a:09:18:e6:17:a2:8b:9e:6f:7d:
3d:eb:0a:60:10:fe:62:1c:84:dd:39:6c:bc:20:38:36:0d:73:
c9:3e:ad:69:0c:cf:78:7a:c7:40:e8:b4:22:2b:27:04:d1:7e:
59:94:9f:6a:db:4a:74:90:25:0d:de:b8:0c:1a:e0:73:ab:eb:
b2:23:59:08:b0:b3:d9:8a:4a:c2:3c:dd:5f:c2:64:27:8f:a9:
92:53:d2:69:d1:78:59:2f:9c:9b:41:b5:8c:8a:be:4e:46:70:
39:42:15:da:72:8b:f9:86:46:a3:4e:39:76:31:5b:a5:1c:02:
cd:2c:97:21:d1:4c:94:02:02:7b:a6:01:f9:a8:53:79:af:bc:
65:bb:37:5f:71:bd:fb:86:f9:23:39:8e:bc:96:d7:63:a7:65:
2c:37:4d:3a:0b:fd:40:29:b0:04:55:64:4e:5b:6d:2b:2c:e7:
68:be:26:92:27:c3:cf:02:72:79:76:67:a1:5a:d1:a3:d4:96:
3d:dc:bb:b2:9c:6e:c4:58:54:c1:b0:83:93:fc:15:9e:bb:74:
aa:ad:e1:07:c6:52:62:89:7b:71:e1:47:86:a0:e2:86:e8:7d:
61:82:18:ff:ea:5f:ae:3a:2e:7e:f7:a5:88:09:8d:b2:15:c3:
53:74:d1:82
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICU3owDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBRjExMC8GA1UEBRMoMjVENjNFMDhFQUJFN0NGQTY3ODVENEMxRDZEMzQx
MTZERTE1QjNEQzAeFw0yMzExMjQwNjAwNTFaFw0yMzEyMjYwNjAwNTFaMBgxFjAU
BgNVBAMTDTY1NjAzYzE3LTQwNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCc54jddQEdmbrqt+8fTHNOSXZm5IsgFGonL2+o5Cur9X8yCEi9T+nzic02
GwjeU5I37ejWRMn2X8aOchs0PKmnAiTUiIRu0tQWNYcRZtYUxJls+dIwDkV3VuhN
ij17X583uacDXFdATxjW7dVbL7g35WeBkE4T/O6mRXpLdK0WgZNGkzCc/uAEVuT9
M/J05cQiixw/WApSAWIp49LjXg9H4FUfOiLdb0rjAZUf+uherwJjCBHASFvcfpcw
BQuf2OUk6Wg3VKq5hetan+iIo0wz9s/Cb8+vgLjTY7BQqiVDTRSkTDM5T2RYNb/G
Re2yZqyf/LocokLBT5NQ9QJoygipAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUGLcI
kjCMz9ifRWSKYAHztTeOKNUwHwYDVR0jBBgwFoAUJdY+COq+fPpnhdTB1tNBFt4V
s9wwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4QUVBMjI4L0pkWS1D
T3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0pkWS1DT3EtZlBwbmhkVEIxdE5CRnQ0VnM5dy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjhGMkQwLzdGNEE5OEVBNkUwNTExRTg5QzBENkU0QkY4
QUVBMjI4L0Q0NEI3QzMyOEE4RTExRUU5QzlBMDA4NjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaw4IwDQYJKoZIhvcNAQEL
BQADggEBALSQK61JOhOZGgkY5heii55vfT3rCmAQ/mIchN05bLwgODYNc8k+rWkM
z3h6x0DotCIrJwTRflmUn2rbSnSQJQ3euAwa4HOr67IjWQiws9mKSsI83V/CZCeP
qZJT0mnReFkvnJtBtYyKvk5GcDlCFdpyi/mGRqNOOXYxW6UcAs0slyHRTJQCAnum
AfmoU3mvvGW7N19xvfuG+SM5jryW12OnZSw3TToL/UApsARVZE5bbSss52i+JpIn
w88Ccnl2Z6Fa0aPUlj3cu7KcbsRYVMGwg5P8FZ67dKqt4QfGUmKJe3HhR4ag4obo
fWGCGP/qX646Ln73pYgJjbIVw1N00YI=
-----END CERTIFICATE-----
Generated at Fri May 9 11:07:59 2025 by rpki-client