Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9ED78B2F40E11EF9A42A36F762E951A.roa
File: D9ED78B2F40E11EF9A42A36F762E951A.roa (raw, json)
Hash identifier: vwqZITVqMqkGW6Tb0ApTvopzRzSkz+HHjSVOE/U2Pvo=
Subject key identifier: 4D:E0:5E:A4:1B:E2:CD:AF:B3:B2:D2:88:B4:29:65:F6:76:8B:D8:BE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016107
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9ED78B2F40E11EF9A42A36F762E951A.roa
Signing time: Wed 26 Feb 2025 06:56:49 +0000
ROA not before: Wed 26 Feb 2025 06:56:46 +0000
ROA not after: Fri 28 Mar 2025 06:56:46 +0000
asID: 214413
IP address blocks: 154.193.144.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90375 (0x16107)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 26 06:56:46 2025 GMT
Not After : Mar 28 06:56:46 2025 GMT
Subject: CN=67bebb31-b4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c4:48:e0:3e:d7:c4:88:ca:0f:93:4e:e6:65:
e4:49:8b:c7:81:06:c1:8b:4b:48:77:a6:a6:e4:ab:
c8:3d:2f:b4:b8:86:26:53:cc:15:92:c7:b0:81:05:
b0:f4:b3:f0:6a:40:a2:06:e6:48:55:68:19:33:c6:
b4:1e:4d:82:4e:a5:47:02:1d:4b:51:13:37:8a:79:
ef:5c:5a:9e:9c:5f:41:a1:37:06:1d:e6:04:90:c3:
06:08:3d:c8:56:c9:d0:63:9e:57:52:41:f2:e9:74:
ec:20:3a:e8:54:e3:98:f5:32:31:cc:96:2b:e4:2e:
b4:b2:d4:06:0e:b9:e5:aa:54:98:b5:44:25:f1:0e:
fa:76:94:56:b7:3b:c3:a0:74:4c:0c:8b:36:f6:0e:
e8:11:48:1f:f4:83:b4:e4:3f:f5:64:fc:42:d2:81:
62:71:88:9a:2a:18:19:81:7e:7b:8f:a7:14:f9:96:
0c:ef:07:f1:e4:e7:af:6a:0e:49:51:99:90:90:91:
8c:4b:b0:49:18:15:8e:be:33:24:dc:7a:9b:b3:ff:
26:67:f6:a6:6f:ce:11:1d:e0:a2:c0:d0:2a:b5:d7:
55:dd:88:52:73:6f:8d:db:a4:78:1d:60:a6:9f:5d:
75:0d:0f:c0:ac:11:72:0f:6c:e4:a2:2c:22:2b:66:
32:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E0:5E:A4:1B:E2:CD:AF:B3:B2:D2:88:B4:29:65:F6:76:8B:D8:BE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9ED78B2F40E11EF9A42A36F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.144.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:5a:6d:c3:11:1b:c8:59:e8:e0:29:32:36:e8:d6:d3:78:33:
48:8c:8d:0b:9c:28:8e:36:7a:8b:de:2d:a6:81:ab:f5:3a:bb:
63:b3:5d:c0:9c:15:bb:6a:9c:9c:ce:15:92:f1:ce:07:03:08:
fc:ad:ad:fd:05:3e:16:59:51:2d:36:67:8d:a7:c2:b9:a8:2d:
04:32:d2:79:ab:5c:fe:71:af:36:40:6e:62:0d:80:e7:1e:f5:
d4:16:c6:a1:93:a6:b0:de:ac:01:f5:9b:f6:cf:1e:ee:b0:f3:
6c:c6:4b:b6:b6:64:7b:ec:99:06:ec:5a:ac:bc:a1:f3:d0:9f:
ea:af:a6:0a:fd:49:1c:bb:63:b5:5e:aa:36:2a:75:ff:60:c4:
78:ff:a7:6a:5a:2c:af:2e:55:3d:14:82:ca:8a:d2:47:5b:ec:
f0:4d:2b:cb:1f:20:f7:77:bf:35:67:4b:f3:a8:58:ad:53:fa:
1f:73:9c:fc:54:63:26:37:82:36:66:ae:8a:84:ce:1f:6e:bc:
8f:a5:28:27:af:68:ed:2d:5e:d2:30:71:93:e4:3b:cb:a3:8a:
ec:28:c7:ca:e2:2b:f9:23:76:3b:bc:35:53:f4:17:d0:9f:31:
55:3d:96:26:45:32:6a:55:69:4b:eb:6f:69:72:fe:1e:bf:bb:
49:ba:50:5b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWEHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDY1NjQ2WhcNMjUwMzI4MDY1NjQ2WjAYMRYw
FAYDVQQDEw02N2JlYmIzMS1iNGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvsRI4D7XxIjKD5NO5mXkSYvHgQbBi0tId6am5KvIPS+0uIYmU8wVksew
gQWw9LPwakCiBuZIVWgZM8a0Hk2CTqVHAh1LURM3innvXFqenF9BoTcGHeYEkMMG
CD3IVsnQY55XUkHy6XTsIDroVOOY9TIxzJYr5C60stQGDrnlqlSYtUQl8Q76dpRW
tzvDoHRMDIs29g7oEUgf9IO05D/1ZPxC0oFicYiaKhgZgX57j6cU+ZYM7wfx5Oev
ag5JUZmQkJGMS7BJGBWOvjMk3Hqbs/8mZ/amb84RHeCiwNAqtddV3YhSc2+N26R4
HWCmn111DQ/ArBFyD2zkoiwiK2YyswIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE3g
XqQb4s2vs7LSiLQpZfZ2i9i+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOUVENzhCMkY0MEUxMUVGOUE0MkEzNkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsGQMA0GCSqGSIb3DQEB
CwUAA4IBAQDGWm3DERvIWejgKTI26NbTeDNIjI0LnCiONnqL3i2mgav1Ortjs13A
nBW7apyczhWS8c4HAwj8ra39BT4WWVEtNmeNp8K5qC0EMtJ5q1z+ca82QG5iDYDn
HvXUFsahk6aw3qwB9Zv2zx7usPNsxku2tmR77JkG7FqsvKHz0J/qr6YK/Ukcu2O1
Xqo2KnX/YMR4/6dqWiyvLlU9FILKitJHW+zwTSvLHyD3d781Z0vzqFitU/ofc5z8
VGMmN4I2Zq6KhM4fbryPpSgnr2jtLV7SMHGT5DvLo4rsKMfK4iv5I3Y7vDVT9BfQ
nzFVPZYmRTJqVWlL629pcv4ev7tJulBb
-----END CERTIFICATE-----
Generated at Fri May 9 11:12:27 2025 by rpki-client