Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DBEB593003DC11F08DA4CD41762E951A.roa
File: DBEB593003DC11F08DA4CD41762E951A.roa (raw, json)
Hash identifier: SPD8aSHNEvJbKkyc3NxPY8glH9k+ctolbjR9y/ADG24=
Subject key identifier: 8F:22:4A:4D:31:85:D9:20:F3:E2:C0:60:41:E4:55:CA:CE:F8:3A:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017486
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DBEB593003DC11F08DA4CD41762E951A.roa
Signing time: Tue 18 Mar 2025 09:39:17 +0000
ROA not before: Tue 18 Mar 2025 09:39:13 +0000
ROA not after: Fri 28 Mar 2025 09:39:13 +0000
asID: 54801
IP address blocks: 154.198.9.0/24 maxlen: 24
154.198.10.0/24 maxlen: 24
154.200.241.0/24 maxlen: 24
154.200.242.0/24 maxlen: 24
154.200.248.0/23 maxlen: 24
154.201.7.0/24 maxlen: 24
154.201.8.0/22 maxlen: 24
154.201.40.0/23 maxlen: 24
154.213.211.0/24 maxlen: 24
154.213.212.0/24 maxlen: 24
154.222.77.0/24 maxlen: 24
154.222.78.0/24 maxlen: 24
154.222.136.0/23 maxlen: 24
154.222.146.0/23 maxlen: 24
154.223.230.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95366 (0x17486)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 18 09:39:13 2025 GMT
Not After : Mar 28 09:39:13 2025 GMT
Subject: CN=67d93f44-1daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a4:ff:a2:b2:08:93:11:e6:8e:3d:b4:40:a7:
03:e7:80:2f:31:92:5b:27:82:40:f2:4c:b2:24:6f:
0c:c6:fc:91:a0:1e:35:61:a9:8b:58:f8:a1:db:46:
ab:51:47:a2:c5:11:f1:6a:06:8c:c9:36:56:52:61:
0f:4d:45:91:ce:d5:e7:34:09:ad:31:ba:74:d4:0f:
7c:cf:22:64:70:b6:4f:36:56:5e:42:7f:26:e8:c3:
d9:91:b0:f6:58:2e:48:f4:04:16:d7:a0:da:87:1e:
45:a1:1f:53:aa:3e:93:c7:1f:0e:75:f9:e8:ee:61:
42:f1:fc:4b:ab:bf:9d:04:1d:e6:1e:da:c6:de:d8:
f6:51:3d:d4:53:d4:8e:29:b9:4d:c4:72:ec:cf:92:
0b:40:04:dc:1d:91:db:3a:f9:7d:46:d1:64:c2:5b:
59:40:9b:a2:03:81:bb:cb:e9:a2:d5:fd:92:6b:cc:
c3:a3:55:37:99:26:00:37:20:31:8b:cc:5a:0e:65:
32:82:95:2a:58:3f:bf:58:55:8b:d4:f9:06:47:3c:
8d:42:c4:3b:06:b7:fa:21:e3:65:93:da:5d:1f:ed:
9d:9d:d4:54:0d:95:aa:c1:90:9c:70:7b:a8:e7:6e:
cf:e4:4d:a0:e8:92:03:52:31:80:4f:72:44:e0:41:
b1:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:22:4A:4D:31:85:D9:20:F3:E2:C0:60:41:E4:55:CA:CE:F8:3A:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DBEB593003DC11F08DA4CD41762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.9.0-154.198.10.255
154.200.241.0-154.200.242.255
154.200.248.0/23
154.201.7.0-154.201.11.255
154.201.40.0/23
154.213.211.0-154.213.212.255
154.222.77.0-154.222.78.255
154.222.136.0/23
154.222.146.0/23
154.223.230.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:83:41:a3:7d:f4:cb:3d:2f:3a:f3:95:f6:66:4b:ad:14:35:
18:5c:52:fe:95:26:c1:8f:66:8a:66:48:74:f5:30:71:c4:27:
71:71:5a:cf:59:b0:70:e2:bd:e9:61:35:9f:47:20:53:63:02:
32:1e:40:d3:17:39:13:b7:72:f4:62:39:78:79:18:6e:83:bb:
e4:c4:af:fb:64:74:c0:55:e0:1a:59:d8:25:52:fd:f3:c3:d9:
c3:a0:03:31:79:06:f6:bd:ec:c9:e4:ea:ef:d8:07:c1:91:ad:
82:28:b0:59:ea:0a:e8:d5:b6:fd:e4:e1:cf:f3:63:b4:47:04:
c3:7b:2e:28:5c:a7:ad:ff:41:44:f0:81:ba:dc:3d:61:ab:e2:
5a:03:e0:37:8b:4b:b7:38:0f:0f:56:d2:cf:7b:21:dd:13:b5:
b4:b0:ee:4e:a0:7a:d7:f2:00:bc:75:d3:84:15:4a:7c:0a:30:
a4:f2:e9:9c:b0:ed:74:15:74:48:6f:d7:84:35:0b:a2:05:35:
e3:fd:50:4b:30:ce:d7:b3:5d:71:3d:48:bb:6d:be:27:27:6d:
9c:f8:51:90:b4:04:a7:02:3f:eb:40:56:97:e8:62:1a:9d:52:
24:34:5f:eb:c4:ce:73:44:fc:45:45:10:24:de:6a:c7:30:e9:
12:9f:45:6d
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgIDAXSGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE4MDkzOTEzWhcNMjUwMzI4MDkzOTEzWjAYMRYw
FAYDVQQDEw02N2Q5M2Y0NC0xZGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvaT/orIIkxHmjj20QKcD54AvMZJbJ4JA8kyyJG8MxvyRoB41YamLWPih
20arUUeixRHxagaMyTZWUmEPTUWRztXnNAmtMbp01A98zyJkcLZPNlZeQn8m6MPZ
kbD2WC5I9AQW16Dahx5FoR9Tqj6Txx8Odfno7mFC8fxLq7+dBB3mHtrG3tj2UT3U
U9SOKblNxHLsz5ILQATcHZHbOvl9RtFkwltZQJuiA4G7y+mi1f2Sa8zDo1U3mSYA
NyAxi8xaDmUygpUqWD+/WFWL1PkGRzyNQsQ7Brf6IeNlk9pdH+2dndRUDZWqwZCc
cHuo527P5E2g6JIDUjGAT3JE4EGxjwIDAQABo4IDAzCCAv8wHQYDVR0OBBYEFI8i
Sk0xhdkg8+LAYEHkVcrO+DpPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQkVCNTkzMDAzREMxMUYwOERBNENENDE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkMAwDBACaxgkDBACaxgowDAME
AJrI8QMEAJrI8gMEAZrI+DAMAwQAmskHAwQCmskIAwQBmskoMAwDBACa1dMDBACa
1dQwDAMEAJreTQMEAJreTgMEAZreiAMEAZrekgMEAZrf5jANBgkqhkiG9w0BAQsF
AAOCAQEAsYNBo330yz0vOvOV9mZLrRQ1GFxS/pUmwY9mimZIdPUwccQncXFaz1mw
cOK96WE1n0cgU2MCMh5A0xc5E7dy9GI5eHkYboO75MSv+2R0wFXgGlnYJVL988PZ
w6ADMXkG9r3syeTq79gHwZGtgiiwWeoK6NW2/eThz/NjtEcEw3suKFynrf9BRPCB
utw9YaviWgPgN4tLtzgPD1bSz3sh3RO1tLDuTqB61/IAvHXThBVKfAowpPLpnLDt
dBV0SG/XhDULogU14/1QSzDO17NdcT1Iu22+JydtnPhRkLQEpwI/60BWl+hiGp1S
JDRf68TOc0T8RUUQJN5qxzDpEp9FbQ==
-----END CERTIFICATE-----
Generated at Fri May 9 05:24:38 2025 by rpki-client