Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5DC42B8F67411EF9E8B5C7C762E951A.roa
File: D5DC42B8F67411EF9E8B5C7C762E951A.roa (raw, json)
Hash identifier: yIWH7AKSHZLcAS0ms5QD/wLjSkBCba7ovTyAKaCtQmM=
Subject key identifier: CD:2C:43:12:6F:96:21:71:1C:25:71:47:3B:DB:DC:DD:72:29:24:AD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D42
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5DC42B8F67411EF9E8B5C7C762E951A.roa
Signing time: Sat 01 Mar 2025 08:11:54 +0000
ROA not before: Sat 01 Mar 2025 08:11:50 +0000
ROA not after: Mon 31 Mar 2025 08:11:50 +0000
asID: 202656
IP address blocks: 154.221.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93506 (0x16d42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 1 08:11:50 2025 GMT
Not After : Mar 31 08:11:50 2025 GMT
Subject: CN=67c2c14a-9a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:85:a8:2a:cf:82:7a:aa:35:f8:05:d0:de:fc:
95:a0:8c:d4:ba:0a:68:2d:02:fd:b7:b7:56:0f:3c:
3d:03:b1:7a:bb:1a:64:7c:7e:df:b7:36:a7:52:d4:
b4:b1:21:2b:d2:88:f9:36:2b:a1:db:d2:c6:54:ad:
3e:ef:a1:a5:6c:11:1f:4b:c3:17:2b:da:29:66:26:
5d:84:d9:de:f8:e7:ae:28:e9:64:12:f1:94:7a:76:
30:1d:f4:10:b8:34:81:ab:b0:ac:db:e1:23:52:3e:
e8:46:f7:85:c8:62:68:bb:89:27:a1:48:37:84:33:
ba:17:24:d0:dc:1a:89:a7:93:10:69:33:a1:66:22:
90:23:16:01:f0:25:df:7c:97:1f:ce:ec:de:88:3e:
19:c1:a7:03:4c:db:35:b1:eb:4b:4c:d3:99:19:bf:
da:69:a3:98:bd:6c:e3:82:22:12:c1:03:5a:ae:0a:
6d:98:d1:5c:b7:60:de:f7:de:49:b0:8e:55:5c:30:
85:dd:df:5b:5b:81:51:52:01:a7:73:08:62:c5:6b:
76:d5:bd:5b:f9:ce:a8:c7:6e:e7:da:18:d8:fe:43:
68:4e:12:66:3e:60:34:ac:ff:c5:72:77:76:bf:32:
41:33:a0:0e:f8:07:43:3b:d7:8f:ab:aa:78:3c:73:
63:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2C:43:12:6F:96:21:71:1C:25:71:47:3B:DB:DC:DD:72:29:24:AD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5DC42B8F67411EF9E8B5C7C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.60.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:2e:56:85:84:64:f9:f7:15:a1:ec:c7:ad:88:b8:5e:5b:3e:
fc:8e:f0:23:15:47:44:88:07:b6:46:3a:07:f7:1d:40:ad:2d:
3d:25:65:7c:b0:4c:95:a5:14:a1:e8:1b:7f:e5:e7:a5:a7:50:
1b:31:12:b9:04:04:40:1b:5f:cb:a1:8e:0c:29:93:5a:c7:3c:
5c:a9:8a:66:bd:db:b8:bb:39:b2:4a:62:67:29:95:3d:ce:61:
d3:41:22:aa:1f:44:22:57:ff:fb:97:52:67:60:ba:bb:02:0c:
6a:10:0d:22:eb:a1:76:01:28:dd:a8:ac:34:e7:a3:f4:b4:6d:
ce:ce:77:ff:49:7f:cc:e2:56:e7:f5:2a:ca:1a:c4:f9:ec:21:
c9:63:87:da:0b:61:31:d4:a3:d8:9b:b0:e4:92:8f:35:df:95:
27:07:5b:03:42:5b:34:29:1d:34:38:08:4c:7f:49:81:ac:cf:
a8:c3:0a:06:90:c6:a3:e4:8a:7e:59:90:08:42:58:03:1f:0b:
01:12:62:e0:49:80:52:d2:94:ca:b3:4b:f7:a8:9d:51:b2:a0:
70:0f:31:df:5b:54:47:ab:85:36:eb:a5:51:94:7d:13:fa:23:
20:0e:90:94:c0:b7:91:8c:09:b9:38:eb:1e:fb:2a:ed:6c:a0:
cd:56:fd:98
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW1CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDgxMTUwWhcNMjUwMzMxMDgxMTUwWjAYMRYw
FAYDVQQDEw02N2MyYzE0YS05YTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnoWoKs+Ceqo1+AXQ3vyVoIzUugpoLQL9t7dWDzw9A7F6uxpkfH7ftzan
UtS0sSEr0oj5Niuh29LGVK0+76GlbBEfS8MXK9opZiZdhNne+OeuKOlkEvGUenYw
HfQQuDSBq7Cs2+EjUj7oRveFyGJou4knoUg3hDO6FyTQ3BqJp5MQaTOhZiKQIxYB
8CXffJcfzuzeiD4ZwacDTNs1setLTNOZGb/aaaOYvWzjgiISwQNargptmNFct2De
995JsI5VXDCF3d9bW4FRUgGncwhixWt21b1b+c6ox27n2hjY/kNoThJmPmA0rP/F
cnd2vzJBM6AO+AdDO9ePq6p4PHNjVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM0s
QxJvliFxHCVxRzvb3N1yKSStMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENURDNDJCOEY2NzQxMUVGOUU4QjVDN0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt08MA0GCSqGSIb3DQEB
CwUAA4IBAQCKLlaFhGT59xWh7MetiLheWz78jvAjFUdEiAe2RjoH9x1ArS09JWV8
sEyVpRSh6Bt/5eelp1AbMRK5BARAG1/LoY4MKZNaxzxcqYpmvdu4uzmySmJnKZU9
zmHTQSKqH0QiV//7l1JnYLq7AgxqEA0i66F2ASjdqKw056P0tG3Oznf/SX/M4lbn
9SrKGsT57CHJY4faC2Ex1KPYm7Dkko8135UnB1sDQls0KR00OAhMf0mBrM+owwoG
kMaj5Ip+WZAIQlgDHwsBEmLgSYBS0pTKs0v3qJ1RsqBwDzHfW1RHq4U266VRlH0T
+iMgDpCUwLeRjAm5OOse+yrtbKDNVv2Y
-----END CERTIFICATE-----
Generated at Fri May 9 13:21:09 2025 by rpki-client