Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC7B043828BA11F0A3329C7ADAE4EC9C.roa
File: DC7B043828BA11F0A3329C7ADAE4EC9C.roa (raw, json)
Hash identifier: 6KLfI5XGDJNmha9LwWZ+WN2bsh9ociLB4HKXpexyLUI=
Subject key identifier: 14:68:2D:CD:7C:D3:EB:73:5B:91:AD:3B:B3:D8:90:9B:0E:41:36:CD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017EBA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC7B043828BA11F0A3329C7ADAE4EC9C.roa
Signing time: Sun 04 May 2025 07:39:08 +0000
ROA not before: Sun 04 May 2025 07:39:04 +0000
ROA not after: Fri 06 Jun 2025 07:39:04 +0000
asID: 20473
IP address blocks: 154.222.70.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97978 (0x17eba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 4 07:39:04 2025 GMT
Not After : Jun 6 07:39:04 2025 GMT
Subject: CN=6817199c-d938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:84:a5:83:87:5a:48:7a:88:ec:0a:f9:7a:80:
66:6c:32:82:b5:bf:de:9e:f9:07:c6:01:42:cb:a8:
49:77:f0:23:89:65:3d:cc:11:48:d2:cf:db:d3:67:
ea:47:2d:bb:6f:d2:4c:bf:29:bc:81:dd:9a:ed:cb:
d6:7b:68:5b:78:d1:db:1f:36:8b:3c:97:41:ad:3b:
39:7a:ef:09:61:93:dc:a0:e2:d1:40:14:b3:bf:ba:
c0:26:9a:8e:11:20:82:22:f6:f1:ca:6a:e6:50:4b:
23:1c:ad:a1:23:d2:52:b1:91:18:8d:8d:17:62:38:
de:2d:35:21:68:0b:8c:11:3e:ca:d6:62:ed:6b:88:
1a:8b:c1:d5:73:71:a5:cd:03:05:40:00:75:3f:57:
0a:f4:57:f7:92:50:51:83:63:0c:c9:39:06:97:11:
5f:df:7e:fd:07:49:bd:ce:7b:1e:07:85:11:51:ee:
b8:6b:c2:e4:25:3d:c6:f1:9f:35:95:d4:44:32:05:
d1:e5:55:6f:f6:71:cf:64:16:e2:24:f2:81:0b:1a:
29:27:bc:f9:45:79:11:2f:77:fd:7f:c6:d7:6b:99:
6e:91:eb:12:5a:d3:3c:3b:d4:ae:4b:98:51:b1:b7:
d1:2a:1a:31:5d:d4:f3:0a:aa:d2:92:e5:b3:24:fb:
da:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:68:2D:CD:7C:D3:EB:73:5B:91:AD:3B:B3:D8:90:9B:0E:41:36:CD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC7B043828BA11F0A3329C7ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.70.0/23
Signature Algorithm: sha256WithRSAEncryption
33:52:69:8f:fb:6e:29:09:cb:62:26:2b:b8:90:e0:ce:f7:2e:
9c:7a:7a:98:85:9e:5e:dd:06:b8:ca:70:a1:e7:dc:5d:29:07:
7c:57:cf:a7:3a:57:1a:08:c1:7b:7c:a5:7a:9a:4b:dd:40:10:
55:ff:d8:b0:c5:6b:3c:f9:e5:b3:18:77:af:5a:27:27:b5:08:
4d:5f:04:58:e6:f3:7c:6a:14:7c:1b:7e:96:50:c2:2d:f9:c7:
65:28:cd:14:df:63:de:bb:d2:46:b8:b1:8d:25:50:6e:18:94:
bf:af:9b:8f:8a:28:b1:70:83:9f:37:5d:60:94:c5:79:bf:1f:
33:44:52:fe:e5:7a:93:a5:e0:81:12:68:80:80:7a:ca:4a:f5:
85:77:c5:39:43:fb:29:fc:9b:85:5e:86:7c:a8:93:53:7a:73:
de:c9:8f:d2:43:bc:08:d6:69:f4:62:66:55:59:10:a4:4c:8a:
ed:18:71:d1:b8:10:0e:b7:02:5a:fc:c6:72:73:8a:ed:ad:29:
8b:9a:10:ac:c3:d4:f3:15:8a:c9:44:2e:7f:43:ed:a2:eb:78:
c3:7f:59:06:59:89:6f:77:63:13:ea:9a:1b:97:4d:90:72:1e:
34:61:08:68:a3:aa:ed:27:ea:68:50:54:76:f3:a5:ae:a3:97:
bd:9b:c6:0a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX66MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA0MDczOTA0WhcNMjUwNjA2MDczOTA0WjAYMRYw
FAYDVQQDEw02ODE3MTk5Yy1kOTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1YSlg4daSHqI7Ar5eoBmbDKCtb/envkHxgFCy6hJd/AjiWU9zBFI0s/b
02fqRy27b9JMvym8gd2a7cvWe2hbeNHbHzaLPJdBrTs5eu8JYZPcoOLRQBSzv7rA
JpqOESCCIvbxymrmUEsjHK2hI9JSsZEYjY0XYjjeLTUhaAuMET7K1mLta4gai8HV
c3GlzQMFQAB1P1cK9Ff3klBRg2MMyTkGlxFf3379B0m9znseB4URUe64a8LkJT3G
8Z81ldREMgXR5VVv9nHPZBbiJPKBCxopJ7z5RXkRL3f9f8bXa5lukesSWtM8O9Su
S5hRsbfRKhoxXdTzCqrSkuWzJPvaXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBRo
Lc180+tzW5GtO7PYkJsOQTbNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQzdCMDQzODI4QkExMUYwQTMzMjlDN0FEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt5GMA0GCSqGSIb3DQEB
CwUAA4IBAQAzUmmP+24pCctiJiu4kODO9y6cenqYhZ5e3Qa4ynCh59xdKQd8V8+n
OlcaCMF7fKV6mkvdQBBV/9iwxWs8+eWzGHevWicntQhNXwRY5vN8ahR8G36WUMIt
+cdlKM0U32Peu9JGuLGNJVBuGJS/r5uPiiixcIOfN11glMV5vx8zRFL+5XqTpeCB
EmiAgHrKSvWFd8U5Q/sp/JuFXoZ8qJNTenPeyY/SQ7wI1mn0YmZVWRCkTIrtGHHR
uBAOtwJa/MZyc4rtrSmLmhCsw9TzFYrJRC5/Q+2i63jDf1kGWYlvd2MT6pobl02Q
ch40YQhoo6rtJ+poUFR286Wuo5e9m8YK
-----END CERTIFICATE-----
Generated at Fri Jun 6 18:03:33 2025 by rpki-client